Home
last modified time | relevance | path

Searched refs:subject (Results 1 – 25 of 375) sorted by relevance

12345678910>>...15

/linux/security/landlock/
H A Dtask.c274 const struct landlock_cred_security *const subject = in hook_unix_stream_connect()
279 if (!subject) in hook_unix_stream_connect()
285 if (!sock_is_scoped(other, subject->domain)) in hook_unix_stream_connect()
288 landlock_log_denial(subject, &(struct landlock_request) { in hook_unix_stream_connect()
305 const struct landlock_cred_security *const subject = in hook_unix_may_send()
309 if (!subject) in hook_unix_may_send()
322 if (!sock_is_scoped(other->sk, subject->domain)) in hook_unix_may_send()
325 landlock_log_denial(subject, &(struct landlock_request) { in hook_unix_may_send()
348 const struct landlock_cred_security *subject; in hook_task_kill()
366 subject in hook_task_kill()
270 const struct landlock_cred_security *const subject = hook_unix_stream_connect() local
301 const struct landlock_cred_security *const subject = hook_unix_may_send() local
344 const struct landlock_cred_security *subject; hook_task_kill() local
393 const struct landlock_cred_security *subject; hook_file_send_sigiotask() local
[all...]
H A Dfs.c953 const struct landlock_cred_security *const subject = in current_check_access_path()
958 if (!subject) in current_check_access_path()
961 access_request = landlock_init_layer_masks(subject->domain, in current_check_access_path()
964 if (is_access_to_paths_allowed(subject->domain, path, access_request, in current_check_access_path()
969 landlock_log_denial(subject, &request); in current_check_access_path()
1132 const struct landlock_cred_security *const subject = in current_check_refer_path()
1142 if (!subject) in current_check_refer_path()
1169 subject->domain, in current_check_refer_path()
1172 if (is_access_to_paths_allowed(subject->domain, new_dir, in current_check_refer_path()
1178 landlock_log_denial(subject, in current_check_refer_path()
952 const struct landlock_cred_security *const subject = current_check_access_path() local
1133 const struct landlock_cred_security *const subject = current_check_refer_path() local
1375 log_fs_change_topology_path(const struct landlock_cred_security * const subject,size_t handle_layer,const struct path * const path) log_fs_change_topology_path() argument
1389 log_fs_change_topology_dentry(const struct landlock_cred_security * const subject,size_t handle_layer,struct dentry * const dentry) log_fs_change_topology_dentry() argument
1425 const struct landlock_cred_security *const subject = hook_sb_mount() local
1440 const struct landlock_cred_security *const subject = hook_move_mount() local
1458 const struct landlock_cred_security *const subject = hook_sb_umount() local
1472 const struct landlock_cred_security *const subject = hook_sb_remount() local
1495 const struct landlock_cred_security *const subject = hook_sb_pivotroot() local
1619 const struct landlock_cred_security *const subject = hook_file_open() local
[all...]
H A Daudit.c357 * @subject: The Landlock subject's credential denying an action.
360 void landlock_log_denial(const struct landlock_cred_security *const subject, in landlock_log_denial()
368 if (WARN_ON_ONCE(!subject || !subject->domain || in landlock_log_denial()
369 !subject->domain->hierarchy || !request)) in landlock_log_denial()
379 youngest_layer = get_denied_layer(subject->domain, in landlock_log_denial()
388 get_hierarchy(subject->domain, youngest_layer); in landlock_log_denial()
392 get_hierarchy(subject->domain, youngest_layer); in landlock_log_denial()
410 if (subject in landlock_log_denial()
359 landlock_log_denial(const struct landlock_cred_security * const subject,const struct landlock_request * const request) landlock_log_denial() argument
[all...]
H A Dnet.c58 const struct landlock_cred_security *const subject = in current_check_access_socket() local
62 if (!subject) in current_check_access_socket()
190 rule = landlock_find_rule(subject->domain, id); in current_check_access_socket()
191 access_request = landlock_init_layer_masks(subject->domain, in current_check_access_socket()
201 landlock_log_denial(subject, in current_check_access_socket()
/linux/scripts/
H A Dgit-resolve.sh19 local subject="$1"
22 escaped_subject=$(printf '%s\n' "$subject" | sed 's/[[\.*^$()+?{}|]/\\&/g')
40 local subject=""
44 subject="${input#* }"
46 subject="${subject#*(\"}"
47 subject="${subject%\")*}"
66 if [ -n "$subject" ]; then
69 grep_pattern=$(convert_to_grep_pattern "$subject")
76 while read -r hash subject; do
77 if echo "$subject" | grep -qP "$grep_pattern"; then
/linux/security/smack/
H A Dsmack_access.c117 int smk_access(struct smack_known *subject, struct smack_known *object, in smk_access() argument
129 if (subject == &smack_known_star) { in smk_access()
138 if (object == &smack_known_web || subject == &smack_known_web) in smk_access()
149 if (subject->smk_known == object->smk_known) in smk_access()
159 if (subject == &smack_known_hat) in smk_access()
170 may = smk_access_entry(subject->smk_known, object->smk_known, in smk_access()
171 &subject->smk_rules); in smk_access()
194 if (subject == smack_unconfined) in smk_access()
201 smack_log(subject->smk_known, object->smk_known, in smk_access()
327 audit_log_untrustedstring(ab, sad->subject); in smack_log_callback()
[all …]
/linux/crypto/asymmetric_keys/
H A Dx509_public_key.c175 pr_devel("Cert Subject: %s\n", cert->subject); in x509_key_preparse()
194 sulen = strlen(cert->subject); in x509_key_preparse()
206 p = memcpy(desc, cert->subject, sulen); in x509_key_preparse()
H A Dx509.asn120 subject Name ({ x509_note_subject }),
/linux/Documentation/admin-guide/LSM/
H A DSmack.rst134 This interface reports whether a subject with the specified
142 This interface reports whether a subject with the specified
159 where the first string is the subject label, the second the
162 "rwxat-". If a rule for a given subject and object exists it will be
223 where the first string is the subject label, the second the
238 where the first string is the subject label, the second the
293 For the ``PTRACE_READ`` a subject needs to have a read access on
298 only allowed when subject's and object's labels are equal.
305 revoke-subject
307 rules with that subject label.
[all …]
/linux/
H A DCOPYING20 All contributions to the Linux Kernel are subject to this COPYING file.
/linux/Documentation/security/
H A Dcredentials.rst52 A subject is an object that is acting upon another object.
65 A subject has an additional interpretation of its credentials. A subset
68 subject acts.
77 Linux has a number of actions available that a subject may perform upon an
78 object. The set of actions available depends on the nature of the subject
86 When a subject acts upon an object, a security calculation is made. This
88 action, and searching one or more sets of rules to see whether the subject
101 is an abbreviated ACL with three fixed classes of subject ('user',
118 subject label, the object label and the action and look for a rule
/linux/LICENSES/deprecated/
H A DZlib19 commercial applications, and to alter it and redistribute it freely, subject
/linux/Documentation/bpf/
H A Dbpf_devel_QA.rst142 following subject lines (``yyyy-mm-dd`` is the date of the pull
153 so please read up on it. The subject line must indicate whether the
157 For fixes eventually landing in bpf -> net tree, the subject must
160 git format-patch --subject-prefix='PATCH bpf' start..finish
163 bpf-next -> net-next, the subject must look like::
165 git format-patch --subject-prefix='PATCH bpf-next' start..finish
169 problem either if the subject line says net or net-next as target.
179 version number (``v2``, ``v3``, ...) into the subject prefix::
181 git format-patch --subject-prefix='PATCH bpf-next v2' start..finish
264 be subject to change.
[all …]
/linux/arch/arm/boot/dts/arm/
H A Darm-realview-eb-bbrevd.dts9 * furnished to do so, subject to the following conditions:
H A Darm-realview-eb-a9mp-bbrevd.dts9 * furnished to do so, subject to the following conditions:
H A Darm-realview-eb-11mp-bbrevd.dts9 * furnished to do so, subject to the following conditions:
H A Darm-realview-eb-11mp-bbrevd-ctrevb.dts9 * furnished to do so, subject to the following conditions:
/linux/drivers/gpu/drm/nouveau/nvkm/engine/gr/fuc/
H A Dhubgf100.fuc39 * Software is furnished to do so, subject to the following conditions:
H A Dgpcgk208.fuc59 * Software is furnished to do so, subject to the following conditions:
H A Dgpcgf117.fuc39 * Software is furnished to do so, subject to the following conditions:
H A Dgpcgm107.fuc59 * Software is furnished to do so, subject to the following conditions:
H A Dhubgk104.fuc39 * Software is furnished to do so, subject to the following conditions:
H A Dgpcgk110.fuc39 * Software is furnished to do so, subject to the following conditions:
H A Dhubgk110.fuc39 * Software is furnished to do so, subject to the following conditions:
H A Dhubgf117.fuc39 * Software is furnished to do so, subject to the following conditions:

12345678910>>...15