Home
last modified time | relevance | path

Searched refs:perms (Results 1 – 25 of 63) sorted by relevance

123

/linux-6.6.21/security/apparmor/
Dpolicy_compat.c100 static void compute_fperms_allow(struct aa_perms *perms, struct aa_dfa *dfa, in compute_fperms_allow() argument
103 perms->allow |= AA_MAY_GETATTR; in compute_fperms_allow()
107 perms->allow |= AA_MAY_CHANGE_PROFILE; in compute_fperms_allow()
109 perms->allow |= AA_MAY_ONEXEC; in compute_fperms_allow()
115 struct aa_perms perms = { }; in compute_fperms_user() local
117 perms.allow = map_old_perms(dfa_user_allow(dfa, state)); in compute_fperms_user()
118 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_fperms_user()
119 perms.quiet = map_old_perms(dfa_user_quiet(dfa, state)); in compute_fperms_user()
120 perms.xindex = dfa_user_xindex(dfa, state); in compute_fperms_user()
122 compute_fperms_allow(&perms, dfa, state); in compute_fperms_user()
[all …]
Dlib.c312 void aa_apply_modes_to_perms(struct aa_profile *profile, struct aa_perms *perms) in aa_apply_modes_to_perms() argument
316 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
319 perms->quiet = 0; in aa_apply_modes_to_perms()
322 perms->audit = 0; in aa_apply_modes_to_perms()
325 perms->quiet = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
330 perms->kill = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
332 perms->complain = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
334 perms->prompt = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
340 int type, u32 request, struct aa_perms *perms) in aa_profile_match_label() argument
348 aa_label_match(profile, rules, label, state, false, request, perms); in aa_profile_match_label()
[all …]
Dfile.c95 struct aa_profile *profile, struct aa_perms *perms, in aa_audit_file() argument
114 u32 mask = perms->audit; in aa_audit_file()
127 ad.request = ad.request & ~perms->allow; in aa_audit_file()
130 if (ad.request & perms->kill) in aa_audit_file()
134 if ((ad.request & perms->quiet) && in aa_audit_file()
137 ad.request &= ~perms->quiet; in aa_audit_file()
143 ad.denied = ad.request & ~perms->allow; in aa_audit_file()
198 if (!(file_rules->perms)) in aa_lookup_fperms()
202 return &(file_rules->perms[index]); in aa_lookup_fperms()
204 return &(file_rules->perms[index + 1]); in aa_lookup_fperms()
[all …]
Ddomain.c127 struct aa_perms *perms) in label_compound_match() argument
146 *perms = allperms; in label_compound_match()
158 *perms = *(aa_lookup_fperms(&(rules->file), state, &cond)); in label_compound_match()
159 aa_apply_modes_to_perms(profile, perms); in label_compound_match()
160 if ((perms->allow & request) != request) in label_compound_match()
166 *perms = nullperms; in label_compound_match()
189 struct aa_perms *perms) in label_components_match() argument
215 aa_perms_accum(perms, &tmp); in label_components_match()
224 aa_perms_accum(perms, &tmp); in label_components_match()
227 if ((perms->allow & request) != request) in label_components_match()
[all …]
Dmount.c137 struct aa_perms *perms, const char *info, int error) in audit_mount() argument
143 u32 mask = perms->audit; in audit_mount()
156 request = request & ~perms->allow; in audit_mount()
158 if (request & perms->kill) in audit_mount()
162 if ((request & perms->quiet) && in audit_mount()
165 request &= ~perms->quiet; in audit_mount()
177 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount()
227 void *data, bool binary, struct aa_perms *perms) in do_match_mnt() argument
233 AA_BUG(!policy->perms); in do_match_mnt()
234 AA_BUG(!perms); in do_match_mnt()
[all …]
Dnet.c115 struct aa_perms perms = { }; in aa_profile_af_perm() local
132 perms = *aa_lookup_perms(&rules->policy, state); in aa_profile_af_perm()
133 aa_apply_modes_to_perms(profile, &perms); in aa_profile_af_perm()
135 return aa_check_perms(profile, &perms, request, ad, audit_net_cb); in aa_profile_af_perm()
225 struct aa_perms perms = { }; in aa_secmark_perm() local
242 perms.deny = ALL_PERMS_MASK; in aa_secmark_perm()
244 perms.allow = ALL_PERMS_MASK; in aa_secmark_perm()
247 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
251 aa_apply_modes_to_perms(profile, &perms); in aa_secmark_perm()
253 return aa_check_perms(profile, &perms, request, ad, audit_net_cb); in aa_secmark_perm()
Dpolicy_unpack.c667 static ssize_t unpack_perms_table(struct aa_ext *e, struct aa_perms **perms) in unpack_perms_table() argument
672 AA_BUG(!perms); in unpack_perms_table()
685 *perms = kcalloc(size, sizeof(struct aa_perms), GFP_KERNEL); in unpack_perms_table()
686 if (!*perms) in unpack_perms_table()
689 if (!unpack_perm(e, version, &(*perms)[i])) in unpack_perms_table()
697 *perms = NULL; in unpack_perms_table()
702 kfree(*perms); in unpack_perms_table()
716 size = unpack_perms_table(e, &policy->perms); in unpack_pdb()
719 policy->perms = NULL; in unpack_pdb()
725 if (policy->perms) { in unpack_pdb()
[all …]
Dipc.c85 struct aa_perms perms; in profile_signal_perm() local
98 aa_label_match(profile, rules, peer, state, false, request, &perms); in profile_signal_perm()
99 aa_apply_modes_to_perms(profile, &perms); in profile_signal_perm()
100 return aa_check_perms(profile, &perms, request, ad, audit_signal_cb); in profile_signal_perm()
Dtask.c236 struct aa_perms perms = { }; in profile_ptrace_perm() local
241 &perms); in profile_ptrace_perm()
242 aa_apply_modes_to_perms(profile, &perms); in profile_ptrace_perm()
243 return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb); in profile_ptrace_perm()
/linux-6.6.21/security/apparmor/include/
Dfile.h112 struct aa_profile *profile, struct aa_perms *perms,
121 struct aa_perms *perms);
147 u32 perms = 0; in aa_map_file_to_perms() local
150 perms |= MAY_WRITE; in aa_map_file_to_perms()
152 perms |= MAY_READ; in aa_map_file_to_perms()
154 if ((flags & O_APPEND) && (perms & MAY_WRITE)) in aa_map_file_to_perms()
155 perms = (perms & ~MAY_WRITE) | MAY_APPEND; in aa_map_file_to_perms()
158 perms |= MAY_WRITE; in aa_map_file_to_perms()
160 perms |= AA_MAY_CREATE; in aa_map_file_to_perms()
162 return perms; in aa_map_file_to_perms()
Dpolicy.h85 struct aa_perms *perms; member
95 if (policy->perms) in aa_destroy_policydb()
96 kvfree(policy->perms); in aa_destroy_policydb()
106 if (!(policy->perms)) in aa_lookup_perms()
109 return &(policy->perms[index]); in aa_lookup_perms()
/linux-6.6.21/arch/arm/mm/
Dinit.c394 static void set_section_perms(struct section_perm *perms, int n, bool set, in set_section_perms() argument
404 if (!IS_ALIGNED(perms[i].start, SECTION_SIZE) || in set_section_perms()
405 !IS_ALIGNED(perms[i].end, SECTION_SIZE)) { in set_section_perms()
407 perms[i].name, perms[i].start, perms[i].end, in set_section_perms()
412 for (addr = perms[i].start; in set_section_perms()
413 addr < perms[i].end; in set_section_perms()
415 section_update(addr, perms[i].mask, in set_section_perms()
416 set ? perms[i].prot : perms[i].clear, mm); in set_section_perms()
426 static void update_sections_early(struct section_perm perms[], int n) in update_sections_early() argument
435 set_section_perms(perms, n, true, s->mm); in update_sections_early()
[all …]
/linux-6.6.21/include/linux/
Dkernel.h438 #define VERIFY_OCTAL_PERMISSIONS(perms) \ argument
439 (BUILD_BUG_ON_ZERO((perms) < 0) + \
440 BUILD_BUG_ON_ZERO((perms) > 0777) + \
442 BUILD_BUG_ON_ZERO((((perms) >> 6) & 4) < (((perms) >> 3) & 4)) + \
443 BUILD_BUG_ON_ZERO((((perms) >> 3) & 4) < ((perms) & 4)) + \
445 BUILD_BUG_ON_ZERO((((perms) >> 6) & 2) < (((perms) >> 3) & 2)) + \
447 BUILD_BUG_ON_ZERO((perms) & 2) + \
448 (perms))
/linux-6.6.21/drivers/s390/crypto/
Dzcrypt_api.c122 struct ap_perms perms; member
167 for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++) in ioctlmask_show()
168 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.ioctlm[i]); in ioctlmask_show()
183 rc = ap_parse_mask_str(buf, zcdndev->perms.ioctlm, in ioctlmask_store()
204 for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++) in apmask_show()
205 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.apm[i]); in apmask_show()
220 rc = ap_parse_mask_str(buf, zcdndev->perms.apm, in apmask_store()
241 for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++) in aqmask_show()
242 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.aqm[i]); in aqmask_show()
257 rc = ap_parse_mask_str(buf, zcdndev->perms.aqm, in aqmask_store()
[all …]
/linux-6.6.21/drivers/soc/qcom/
Drmtfs_mem.c34 u64 perms; member
174 struct qcom_scm_vmperm perms[NUM_MAX_VMIDS + 1]; in qcom_rmtfs_mem_probe() local
255 perms[0].vmid = QCOM_SCM_VMID_HLOS; in qcom_rmtfs_mem_probe()
256 perms[0].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
259 perms[i + 1].vmid = vmid[i]; in qcom_rmtfs_mem_probe()
260 perms[i + 1].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
263 rmtfs_mem->perms = BIT(QCOM_SCM_VMID_HLOS); in qcom_rmtfs_mem_probe()
265 &rmtfs_mem->perms, perms, num_vmids + 1); in qcom_rmtfs_mem_probe()
289 if (rmtfs_mem->perms) { in qcom_rmtfs_mem_remove()
294 &rmtfs_mem->perms, &perm, 1); in qcom_rmtfs_mem_remove()
/linux-6.6.21/fs/nfsd/
Dnfs4acl.c431 struct posix_ace_state perms; member
525 low_mode_from_nfs4(state->users->aces[i].perms.allow, in posix_state_to_acl()
528 add_to_mask(state, &state->users->aces[i].perms); in posix_state_to_acl()
539 low_mode_from_nfs4(state->groups->aces[i].perms.allow, in posix_state_to_acl()
542 add_to_mask(state, &state->groups->aces[i].perms); in posix_state_to_acl()
581 a->aces[i].perms.allow = state->everyone.allow; in find_uid()
582 a->aces[i].perms.deny = state->everyone.deny; in find_uid()
598 a->aces[i].perms.allow = state->everyone.allow; in find_gid()
599 a->aces[i].perms.deny = state->everyone.deny; in find_gid()
609 deny_bits(&a->aces[i].perms, mask); in deny_bits_array()
[all …]
/linux-6.6.21/drivers/infiniband/sw/siw/
Dsiw_mem.c106 mem->perms = rights & IWARP_ACCESS_MASK; in siw_mr_add_mem()
169 enum ib_access_flags perms, int len) in siw_check_mem() argument
182 if ((mem->perms & perms) < perms) { in siw_check_mem()
184 mem->perms, perms); in siw_check_mem()
223 enum ib_access_flags perms, u32 off, int len) in siw_check_sge() argument
248 rv = siw_check_mem(pd, *mem, sge->laddr + off, perms, len); in siw_check_sge()
/linux-6.6.21/fs/orangefs/
Dorangefs-utils.c106 if (attrs->perms & ORANGEFS_O_EXECUTE) in orangefs_inode_perms()
108 if (attrs->perms & ORANGEFS_O_WRITE) in orangefs_inode_perms()
110 if (attrs->perms & ORANGEFS_O_READ) in orangefs_inode_perms()
113 if (attrs->perms & ORANGEFS_G_EXECUTE) in orangefs_inode_perms()
115 if (attrs->perms & ORANGEFS_G_WRITE) in orangefs_inode_perms()
117 if (attrs->perms & ORANGEFS_G_READ) in orangefs_inode_perms()
120 if (attrs->perms & ORANGEFS_U_EXECUTE) in orangefs_inode_perms()
122 if (attrs->perms & ORANGEFS_U_WRITE) in orangefs_inode_perms()
124 if (attrs->perms & ORANGEFS_U_READ) in orangefs_inode_perms()
127 if (attrs->perms & ORANGEFS_G_SGID) in orangefs_inode_perms()
[all …]
/linux-6.6.21/scripts/selinux/mdp/
Dmdp.c33 const char *perms[sizeof(unsigned) * 8 + 1]; member
88 for (j = 0; map->perms[j]; j++) in main()
89 fprintf(fout, "\t%s\n", map->perms[j]); in main()
109 for (j = 0; map->perms[j]; j++) in main()
110 fprintf(fout, "\t%s\n", map->perms[j]); in main()
/linux-6.6.21/fs/hfsplus/
Dcatalog.c81 void hfsplus_cat_set_perms(struct inode *inode, struct hfsplus_perm *perms) in hfsplus_cat_set_perms() argument
84 perms->rootflags |= HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
86 perms->rootflags &= ~HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
88 perms->rootflags |= HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
90 perms->rootflags &= ~HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
92 perms->userflags = HFSPLUS_I(inode)->userflags; in hfsplus_cat_set_perms()
93 perms->mode = cpu_to_be16(inode->i_mode); in hfsplus_cat_set_perms()
94 perms->owner = cpu_to_be32(i_uid_read(inode)); in hfsplus_cat_set_perms()
95 perms->group = cpu_to_be32(i_gid_read(inode)); in hfsplus_cat_set_perms()
98 perms->dev = cpu_to_be32(inode->i_nlink); in hfsplus_cat_set_perms()
[all …]
/linux-6.6.21/scripts/selinux/genheaders/
Dgenheaders.c15 const char *perms[sizeof(unsigned) * 8 + 1]; member
132 for (j = 0; map->perms[j]; j++) { in main()
137 map->name, map->perms[j]); in main()
140 permname = stoupperx(map->perms[j]); in main()
/linux-6.6.21/security/selinux/include/
Dsecurity.h221 #define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x) & 0x1f)) argument
222 #define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x) & 0x1f))) argument
311 const char *class, char ***perms, u32 *nperms);
/linux-6.6.21/tools/testing/selftests/mm/
Dmlock2.h23 char perms[5]; in seek_to_smaps_entry() local
37 &start, &end, perms, &offset, dev, &inode, path) < 6) in seek_to_smaps_entry()
/linux-6.6.21/security/selinux/
Davc.c658 const char *const *perms; in avc_audit_pre_callback() local
668 perms = secclass_map[sad->tclass-1].perms; in avc_audit_pre_callback()
674 if ((perm & av) && perms[i]) { in avc_audit_pre_callback()
675 audit_log_format(ab, " %s", perms[i]); in avc_audit_pre_callback()
831 static int avc_update_node(u32 event, u32 perms, u8 driver, u8 xperm, u32 ssid, in avc_update_node() argument
889 node->ae.avd.allowed |= perms; in avc_update_node()
895 node->ae.avd.allowed &= ~perms; in avc_update_node()
898 node->ae.avd.auditallow |= perms; in avc_update_node()
901 node->ae.avd.auditallow &= ~perms; in avc_update_node()
904 node->ae.avd.auditdeny |= perms; in avc_update_node()
[all …]
/linux-6.6.21/arch/ia64/include/asm/sn/
Dsn_sal.h67 sn_change_memprotect(u64 paddr, u64 len, u64 perms, u64 *nasid_array) in sn_change_memprotect() argument
72 (u64)nasid_array, perms, 0, 0, 0); in sn_change_memprotect()

123