Home
last modified time | relevance | path

Searched refs:perms (Results 1 – 25 of 50) sorted by relevance

12

/linux/security/apparmor/
H A Dpolicy_compat.c100 static void compute_fperms_allow(struct aa_perms *perms, struct aa_dfa *dfa, in compute_fperms_allow() argument
103 perms->allow |= AA_MAY_GETATTR; in compute_fperms_allow()
107 perms->allow |= AA_MAY_CHANGE_PROFILE; in compute_fperms_allow()
109 perms->allow |= AA_MAY_ONEXEC; in compute_fperms_allow()
115 struct aa_perms perms = { }; in compute_fperms_user() local
117 perms.allow = map_old_perms(dfa_user_allow(dfa, state)); in compute_fperms_user()
118 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_fperms_user()
119 perms.quiet = map_old_perms(dfa_user_quiet(dfa, state)); in compute_fperms_user()
120 perms.xindex = dfa_user_xindex(dfa, state); in compute_fperms_user()
122 compute_fperms_allow(&perms, dfa, state); in compute_fperms_user()
[all …]
H A Dfile.c96 struct aa_profile *profile, struct aa_perms *perms, in aa_audit_file() argument
106 ad.tags = perms->tag; in aa_audit_file()
116 u32 mask = perms->audit; in aa_audit_file()
129 ad.request = ad.request & ~perms->allow; in aa_audit_file()
132 if (ad.request & perms->kill) in aa_audit_file()
136 if ((ad.request & perms->quiet) && in aa_audit_file()
139 ad.request &= ~perms->quiet; in aa_audit_file()
145 ad.denied = ad.request & ~perms->allow; in aa_audit_file()
192 if (!(rules->perms)) in aa_lookup_condperms()
197 return &(rules->perms[index]); in aa_lookup_condperms()
[all …]
H A Ddomain.c131 struct aa_perms *perms) in label_compound_match() argument
149 *perms = allperms; in label_compound_match()
161 *perms = *(aa_lookup_condperms(current_fsuid(), rules->file, state, in label_compound_match()
163 aa_apply_modes_to_perms(profile, perms); in label_compound_match()
164 if ((perms->allow & request) != request) in label_compound_match()
170 *perms = nullperms; in label_compound_match()
193 struct aa_perms *perms) in label_components_match() argument
219 aa_perms_accum(perms, &tmp); in label_components_match()
229 aa_perms_accum(perms, &tmp); in label_components_match()
232 if ((perms->allow & request) != request) in label_components_match()
[all …]
H A Dlib.c363 void aa_apply_modes_to_perms(struct aa_profile *profile, struct aa_perms *perms) in aa_apply_modes_to_perms() argument
367 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
370 perms->quiet = 0; in aa_apply_modes_to_perms()
373 perms->audit = 0; in aa_apply_modes_to_perms()
376 perms->quiet = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
381 perms->kill = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
383 perms->complain = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
385 perms->prompt = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
391 int type, u32 request, struct aa_perms *perms) in aa_profile_match_label() argument
399 aa_label_match(profile, rules, label, state, false, request, perms); in aa_profile_match_label()
[all …]
H A Dcapability.c130 struct aa_perms perms = { }; in profile_capable() local
136 perms = *aa_lookup_perms(rules->policy, state); in profile_capable()
137 aa_apply_modes_to_perms(profile, &perms); in profile_capable()
140 if (perms.complain & request) in profile_capable()
145 return aa_check_perms(profile, &perms, request, ad, in profile_capable()
206 struct aa_perms perms = { }; in aa_profile_capget() local
210 perms = *aa_lookup_perms(rules->policy, tmp); in aa_profile_capget()
211 aa_apply_modes_to_perms(profile, &perms); in aa_profile_capget()
212 caps.val |= ((u64)(perms.allow)) << (i * 5); in aa_profile_capget()
213 caps.val |= ((u64)(perms.complain)) << (i * 5); in aa_profile_capget()
H A Dmount.c139 struct aa_perms *perms, const char *info, int error) in audit_mount() argument
145 u32 mask = perms->audit; in audit_mount()
158 request = request & ~perms->allow; in audit_mount()
160 if (request & perms->kill) in audit_mount()
164 if ((request & perms->quiet) && in audit_mount()
167 request &= ~perms->quiet; in audit_mount()
179 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount()
229 void *data, bool binary, struct aa_perms *perms) in do_match_mnt() argument
235 AA_BUG(!policy->perms); in do_match_mnt()
236 AA_BUG(!perms); in do_match_mnt()
[all …]
H A Dtask.c233 struct aa_perms perms = { }; in profile_ptrace_perm() local
238 &perms); in profile_ptrace_perm()
239 aa_apply_modes_to_perms(profile, &perms); in profile_ptrace_perm()
240 return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb); in profile_ptrace_perm()
351 struct aa_perms perms = { }; in aa_profile_ns_perm() local
365 perms = *aa_lookup_perms(rules->policy, state); in aa_profile_ns_perm()
366 aa_apply_modes_to_perms(profile, &perms); in aa_profile_ns_perm()
367 error = aa_check_perms(profile, &perms, request, ad, in aa_profile_ns_perm()
H A Dnet.c169 struct aa_perms perms; in aa_do_perms() local
177 perms = *p; in aa_do_perms()
178 aa_apply_modes_to_perms(profile, &perms); in aa_do_perms()
179 return aa_check_perms(profile, &perms, request, ad, in aa_do_perms()
365 struct aa_perms perms = { }; in aa_secmark_perm() local
381 perms.deny = ALL_PERMS_MASK; in aa_secmark_perm()
383 perms.allow = ALL_PERMS_MASK; in aa_secmark_perm()
386 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
390 aa_apply_modes_to_perms(profile, &perms); in aa_secmark_perm()
392 return aa_check_perms(profile, &perms, request, ad, audit_net_cb); in aa_secmark_perm()
H A Dipc.c84 struct aa_perms perms; in profile_signal_perm() local
97 aa_label_match(profile, rules, peer, state, false, request, &perms); in profile_signal_perm()
98 aa_apply_modes_to_perms(profile, &perms); in profile_signal_perm()
99 return aa_check_perms(profile, &perms, request, ad, audit_signal_cb); in profile_signal_perm()
H A Dpolicy_unpack.c906 static ssize_t unpack_perms_table(struct aa_ext *e, struct aa_perms **perms) in unpack_perms_table() argument
911 AA_BUG(!perms); in unpack_perms_table()
924 *perms = kzalloc_objs(struct aa_perms, size); in unpack_perms_table()
925 if (!*perms) { in unpack_perms_table()
930 if (!unpack_perm(e, version, &(*perms)[i])) in unpack_perms_table()
938 *perms = NULL; in unpack_perms_table()
943 kfree(*perms); in unpack_perms_table()
968 size = unpack_perms_table(e, &pdb->perms); in unpack_pdb()
971 pdb->perms = NULL; in unpack_pdb()
977 if (pdb->perms) { in unpack_pdb()
[all …]
H A Dlabel.c1291 struct aa_perms *perms) in label_compound_match() argument
1307 *perms = allperms; in label_compound_match()
1319 *perms = *aa_lookup_perms(rules->policy, state); in label_compound_match()
1323 *perms = nullperms; in label_compound_match()
1347 struct aa_perms *perms) in label_components_match() argument
1369 aa_perms_accum(perms, &tmp); in label_components_match()
1377 aa_perms_accum(perms, &tmp); in label_components_match()
1380 if ((perms->allow & request) != request) in label_components_match()
1386 *perms = nullperms; in label_components_match()
1404 u32 request, struct aa_perms *perms) in aa_label_match() argument
[all …]
/linux/security/apparmor/include/
H A Dfile.h75 struct aa_profile *profile, struct aa_perms *perms,
85 struct aa_perms *perms);
90 struct aa_perms *perms);
115 u32 perms = 0; in aa_map_file_to_perms() local
118 perms |= MAY_WRITE; in aa_map_file_to_perms()
120 perms |= MAY_READ; in aa_map_file_to_perms()
122 if ((flags & O_APPEND) && (perms & MAY_WRITE)) in aa_map_file_to_perms()
123 perms = (perms & ~MAY_WRITE) | MAY_APPEND; in aa_map_file_to_perms()
126 perms |= MAY_WRITE; in aa_map_file_to_perms()
128 perms |= AA_MAY_CREATE; in aa_map_file_to_perms()
[all …]
/linux/drivers/s390/crypto/
H A Dzcrypt_api.c123 struct ap_perms perms; member
168 for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++) in ioctlmask_show()
169 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.ioctlm[i]); in ioctlmask_show()
184 rc = ap_parse_mask_str(buf, zcdndev->perms.ioctlm, in ioctlmask_store()
205 for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++) in apmask_show()
206 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.apm[i]); in apmask_show()
221 rc = ap_parse_mask_str(buf, zcdndev->perms.apm, in apmask_store()
242 for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++) in aqmask_show()
243 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.aqm[i]); in aqmask_show()
258 rc = ap_parse_mask_str(buf, zcdndev->perms.aqm, in aqmask_store()
[all …]
/linux/drivers/soc/qcom/
H A Drmtfs_mem.c34 u64 perms; member
174 struct qcom_scm_vmperm perms[NUM_MAX_VMIDS + 1]; in qcom_rmtfs_mem_probe() local
264 perms[0].vmid = QCOM_SCM_VMID_HLOS; in qcom_rmtfs_mem_probe()
265 perms[0].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
268 perms[i + 1].vmid = vmid[i]; in qcom_rmtfs_mem_probe()
269 perms[i + 1].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
272 rmtfs_mem->perms = BIT(QCOM_SCM_VMID_HLOS); in qcom_rmtfs_mem_probe()
274 &rmtfs_mem->perms, perms, num_vmids + 1); in qcom_rmtfs_mem_probe()
298 if (rmtfs_mem->perms) { in qcom_rmtfs_mem_remove()
303 &rmtfs_mem->perms, &perm, 1); in qcom_rmtfs_mem_remove()
/linux/drivers/infiniband/sw/siw/
H A Dsiw_mem.c74 mem->perms = rights & IWARP_ACCESS_MASK; in siw_mr_add_mem()
137 enum ib_access_flags perms, int len) in siw_check_mem() argument
150 if ((mem->perms & perms) < perms) { in siw_check_mem()
152 mem->perms, perms); in siw_check_mem()
191 enum ib_access_flags perms, u32 off, int len) in siw_check_sge() argument
216 rv = siw_check_mem(pd, *mem, sge->laddr + off, perms, len); in siw_check_sge()
H A Dsiw_mem.h17 enum ib_access_flags perms, int len);
19 struct siw_mem *mem[], enum ib_access_flags perms,
/linux/fs/orangefs/
H A Dorangefs-utils.c106 if (attrs->perms & ORANGEFS_O_EXECUTE) in orangefs_inode_perms()
108 if (attrs->perms & ORANGEFS_O_WRITE) in orangefs_inode_perms()
110 if (attrs->perms & ORANGEFS_O_READ) in orangefs_inode_perms()
113 if (attrs->perms & ORANGEFS_G_EXECUTE) in orangefs_inode_perms()
115 if (attrs->perms & ORANGEFS_G_WRITE) in orangefs_inode_perms()
117 if (attrs->perms & ORANGEFS_G_READ) in orangefs_inode_perms()
120 if (attrs->perms & ORANGEFS_U_EXECUTE) in orangefs_inode_perms()
122 if (attrs->perms & ORANGEFS_U_WRITE) in orangefs_inode_perms()
124 if (attrs->perms & ORANGEFS_U_READ) in orangefs_inode_perms()
127 if (attrs->perms & ORANGEFS_G_SGID) in orangefs_inode_perms()
[all …]
/linux/fs/hfsplus/
H A Dcatalog.c81 void hfsplus_cat_set_perms(struct inode *inode, struct hfsplus_perm *perms) in hfsplus_cat_set_perms() argument
84 perms->rootflags |= HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
86 perms->rootflags &= ~HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
88 perms->rootflags |= HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
90 perms->rootflags &= ~HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
92 perms->userflags = HFSPLUS_I(inode)->userflags; in hfsplus_cat_set_perms()
93 perms->mode = cpu_to_be16(inode->i_mode); in hfsplus_cat_set_perms()
94 perms->owner = cpu_to_be32(i_uid_read(inode)); in hfsplus_cat_set_perms()
95 perms->group = cpu_to_be32(i_gid_read(inode)); in hfsplus_cat_set_perms()
98 perms->dev = cpu_to_be32(inode->i_nlink); in hfsplus_cat_set_perms()
[all …]
/linux/security/selinux/include/
H A Dsecurity.h252 #define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x)&0x1f))
253 #define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x)&0x1f)))
343 char ***perms, u32 *nperms);
246 security_xperm_set(perms,x) global() argument
247 security_xperm_test(perms,x) global() argument
/linux/security/selinux/ss/
H A Davtab.c317 __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; in avtab_read_item()
447 sizeof(u32) * ARRAY_SIZE(xperms.perms.p)); in avtab_read_item()
452 for (i = 0; i < ARRAY_SIZE(xperms.perms.p); i++) in avtab_read_item()
453 xperms.perms.p[i] = le32_to_cpu(buf32[i]); in avtab_read_item()
523 __le32 buf32[ARRAY_SIZE(cur->datum.u.xperms->perms.p)]; in avtab_write_item()
543 for (i = 0; i < ARRAY_SIZE(cur->datum.u.xperms->perms.p); i++) in avtab_write_item()
544 buf32[i] = cpu_to_le32(cur->datum.u.xperms->perms.p[i]); in avtab_write_item()
546 ARRAY_SIZE(cur->datum.u.xperms->perms.p), fp); in avtab_write_item()
H A Dservices.c140 while (p_in->perms[k]) { in selinux_set_mapping()
142 if (!*p_in->perms[k]) { in selinux_set_mapping()
146 p_out->perms[k] = string_to_av_perm(pol, p_out->value, in selinux_set_mapping()
147 p_in->perms[k]); in selinux_set_mapping()
148 if (!p_out->perms[k]) { in selinux_set_mapping()
150 p_in->perms[k], p_in->name); in selinux_set_mapping()
210 if (avd->allowed & mapping->perms[i]) in map_decision()
212 if (allow_unknown && !mapping->perms[i]) in map_decision()
218 if (avd->auditallow & mapping->perms[i]) in map_decision()
223 if (avd->auditdeny & mapping->perms[i]) in map_decision()
[all …]
/linux/tools/testing/selftests/mm/
H A Dmlock2.h24 char perms[5]; in seek_to_smaps_entry() local
36 &start, &end, perms, &offset, dev, &inode, path) < 6) in seek_to_smaps_entry()
/linux/security/selinux/
H A Davc.c656 const char *const *perms; in avc_audit_pre_callback() local
666 perms = secclass_map[sad->tclass-1].perms; in avc_audit_pre_callback()
672 if ((perm & av) && perms[i]) { in avc_audit_pre_callback()
673 audit_log_format(ab, " %s", perms[i]); in avc_audit_pre_callback()
830 static int avc_update_node(u32 event, u32 perms, u8 driver, u8 base_perm, in avc_update_node() argument
887 node->ae.avd.allowed |= perms; in avc_update_node()
893 node->ae.avd.allowed &= ~perms; in avc_update_node()
896 node->ae.avd.auditallow |= perms; in avc_update_node()
899 node->ae.avd.auditallow &= ~perms; in avc_update_node()
902 node->ae.avd.auditdeny |= perms; in avc_update_node()
[all …]
/linux/tools/testing/selftests/mqueue/
H A Dmq_open_tests.c203 int perms = DEFFILEMODE; in test_queue() local
205 if ((queue = mq_open(queue_path, flags, perms, attr)) == -1) in test_queue()
225 int perms = DEFFILEMODE; in test_queue_fail() local
227 if ((queue = mq_open(queue_path, flags, perms, attr)) == -1) in test_queue_fail()
/linux/drivers/tee/qcomtee/
H A Dmem_obj.c155 u64 *mem_size, u32 *perms) in qcomtee_mem_object_map() argument
165 *perms = QCOM_SCM_PERM_RW; in qcomtee_mem_object_map()

12