| /linux-master/fs/orangefs/ |
| H A D | orangefs-utils.c | 106 if (attrs->perms & ORANGEFS_O_EXECUTE)
108 if (attrs->perms & ORANGEFS_O_WRITE)
110 if (attrs->perms & ORANGEFS_O_READ)
113 if (attrs->perms & ORANGEFS_G_EXECUTE)
115 if (attrs->perms & ORANGEFS_G_WRITE)
117 if (attrs->perms & ORANGEFS_G_READ)
120 if (attrs->perms & ORANGEFS_U_EXECUTE)
122 if (attrs->perms & ORANGEFS_U_WRITE)
124 if (attrs->perms & ORANGEFS_U_READ)
127 if (attrs->perms
[all...] |
| /linux-master/fs/smb/server/ |
| H A D | smbacl.c | 141 ksmbd_debug(SMB, "all perms\n");
311 pace->e_perm = state->users->aces[i].perms.allow;
322 pace->e_perm = state->groups->aces[i].perms.allow;
505 acl_state.users->aces[acl_state.users->n++].perms.allow =
510 default_acl_state.users->aces[default_acl_state.users->n++].perms.allow =
520 acl_state.users->aces[acl_state.users->n++].perms.allow =
525 default_acl_state.users->aces[default_acl_state.users->n++].perms.allow =
533 acl_state.groups->aces[acl_state.groups->n++].perms.allow =
538 default_acl_state.groups->aces[default_acl_state.groups->n++].perms.allow =
|
| H A D | smbacl.h | 148 struct smb_sid sid; /* ie UUID of user or group who gets these perms */
170 struct posix_ace_state perms; member in struct:posix_user_ace_state
|
| H A D | vfs.c | 1890 acl_state.users->aces[acl_state.users->n++].perms.allow =
1893 acl_state.groups->aces[acl_state.groups->n++].perms.allow =
|
| /linux-master/include/linux/ |
| H A D | kernel.h | 394 #define VERIFY_OCTAL_PERMISSIONS(perms) \
395 (BUILD_BUG_ON_ZERO((perms) < 0) + \
396 BUILD_BUG_ON_ZERO((perms) > 0777) + \
398 BUILD_BUG_ON_ZERO((((perms) >> 6) & 4) < (((perms) >> 3) & 4)) + \
399 BUILD_BUG_ON_ZERO((((perms) >> 3) & 4) < ((perms) & 4)) + \
401 BUILD_BUG_ON_ZERO((((perms) >> 6) & 2) < (((perms) >> 3) & 2)) + \
403 BUILD_BUG_ON_ZERO((perms)
[all...] |
| /linux-master/scripts/ |
| H A D | checkpatch.pl | 7539 my $perms = $2;
7542 my $octal_perms = perms_to_octal($perms);
7549 $fixed[$fixlinenr] =~ s/\bDEVICE_ATTR\s*\(\s*$var\s*,\s*\Q$perms\E\s*,\s*$show\s*,\s*$store\s*\)/DEVICE_ATTR_RW(${var})/;
7557 $fixed[$fixlinenr] =~ s/\bDEVICE_ATTR\s*\(\s*$var\s*,\s*\Q$perms\E\s*,\s*$show\s*,\s*NULL\s*\)/DEVICE_ATTR_RO(${var})/;
7565 $fixed[$fixlinenr] =~ s/\bDEVICE_ATTR\s*\(\s*$var\s*,\s*\Q$perms\E\s*,\s*NULL\s*,\s*$store\s*\)/DEVICE_ATTR_WO(${var})/;
7585 "DEVICE_ATTR unusual permissions '$perms' used\n" . $herecurr);
|
| /linux-master/scripts/selinux/genheaders/ |
| H A D | genheaders.c | 15 const char *perms[sizeof(unsigned) * 8 + 1]; member in struct:security_class_mapping
132 for (j = 0; map->perms[j]; j++) {
137 map->name, map->perms[j]);
140 permname = stoupperx(map->perms[j]);
|
| /linux-master/scripts/selinux/mdp/ |
| H A D | mdp.c | 33 const char *perms[sizeof(unsigned) * 8 + 1]; member in struct:security_class_mapping
88 for (j = 0; map->perms[j]; j++)
89 fprintf(fout, "\t%s\n", map->perms[j]);
109 for (j = 0; map->perms[j]; j++)
110 fprintf(fout, "\t%s\n", map->perms[j]);
|
| /linux-master/security/apparmor/ |
| H A D | apparmorfs.c | 612 static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, argument
633 return; /* no change to current perms */
641 aa_perms_accum_raw(perms, &tmp);
763 struct aa_perms perms; local
789 perms = allperms;
792 profile_query_cb(profile, &perms, match_str, match_len);
796 profile_query_cb(profile, &perms, match_str, match_len);
803 perms.allow, perms.deny, perms
[all...] |
| H A D | domain.c | 109 * label_compound_match - find perms for full compound label
110 * @profile: profile to find perms for
116 * @perms: perms struct to set
121 * @perms should be preinitialized with allperms OR a previous permission
127 struct aa_perms *perms)
146 *perms = allperms;
158 *perms = *(aa_lookup_fperms(rules->file, state, &cond));
159 aa_apply_modes_to_perms(profile, perms);
160 if ((perms
124 label_compound_match(struct aa_profile *profile, struct aa_label *label, bool stack, aa_state_t state, bool subns, u32 request, struct aa_perms *perms) argument
186 label_components_match(struct aa_profile *profile, struct aa_label *label, bool stack, aa_state_t start, bool subns, u32 request, struct aa_perms *perms) argument
249 label_match(struct aa_profile *profile, struct aa_label *label, bool stack, aa_state_t state, bool subns, u32 request, struct aa_perms *perms) argument
283 change_profile_perms(struct aa_profile *profile, struct aa_label *target, bool stack, u32 request, aa_state_t start, struct aa_perms *perms) argument
642 struct aa_perms perms = {}; local
742 struct aa_perms perms = {}; local
1183 struct aa_perms perms = {}; local
1290 change_profile_perms_wrapper(const char *op, const char *name, const struct cred *subj_cred, struct aa_profile *profile, struct aa_label *target, bool stack, u32 request, struct aa_perms *perms) argument
1333 struct aa_perms perms = {}; local
[all...] |
| H A D | file.c | 82 * @perms: the permissions computed for the request (NOT NULL)
95 struct aa_profile *profile, struct aa_perms *perms,
114 u32 mask = perms->audit;
119 /* mask off perms that are not being force audited */
127 ad.request = ad.request & ~perms->allow;
130 if (ad.request & perms->kill)
134 if ((ad.request & perms->quiet) &&
137 ad.request &= ~perms->quiet;
143 ad.denied = ad.request & ~perms->allow;
184 * aa_lookup_fperms - convert dfa compressed perms t
94 aa_audit_file(const struct cred *subj_cred, struct aa_profile *profile, struct aa_perms *perms, const char *op, u32 request, const char *name, const char *target, struct aa_label *tlabel, kuid_t ouid, const char *info, int error) argument
217 aa_str_perms(struct aa_policydb *file_rules, aa_state_t start, const char *name, struct path_cond *cond, struct aa_perms *perms) argument
228 __aa_path_perm(const char *op, const struct cred *subj_cred, struct aa_profile *profile, const char *name, u32 request, struct path_cond *cond, int flags, struct aa_perms *perms) argument
249 profile_path_perm(const char *op, const struct cred *subj_cred, struct aa_profile *profile, const struct path *path, char *buffer, u32 request, struct path_cond *cond, int flags, struct aa_perms *perms) argument
287 struct aa_perms perms = {}; local
335 struct aa_perms lperms = {}, perms; local
490 struct aa_perms perms = {}; local
[all...] |
| H A D | ipc.c | 85 struct aa_perms perms; local
98 aa_label_match(profile, rules, peer, state, false, request, &perms);
99 aa_apply_modes_to_perms(profile, &perms);
100 return aa_check_perms(profile, &perms, request, ad, audit_signal_cb);
|
| H A D | label.c | 1284 * label_compound_match - find perms for full compound label
1285 * @profile: profile to find perms for
1291 * @perms: perms struct to set
1296 * @perms should be preinitialized with allperms OR a previous permission
1303 struct aa_perms *perms)
1319 *perms = allperms;
1331 *perms = *aa_lookup_perms(rules->policy, state);
1332 aa_apply_modes_to_perms(profile, perms);
1333 if ((perms
1299 label_compound_match(struct aa_profile *profile, struct aa_ruleset *rules, struct aa_label *label, aa_state_t state, bool subns, u32 request, struct aa_perms *perms) argument
1359 label_components_match(struct aa_profile *profile, struct aa_ruleset *rules, struct aa_label *label, aa_state_t start, bool subns, u32 request, struct aa_perms *perms) argument
1420 aa_label_match(struct aa_profile *profile, struct aa_ruleset *rules, struct aa_label *label, aa_state_t state, bool subns, u32 request, struct aa_perms *perms) argument
[all...] |
| H A D | lib.c | 20 #include "include/perms.h"
279 * aa_audit_perms_cb - generic callback fn for auditing perms
306 * aa_apply_modes_to_perms - apply namespace and profile flags to perms
307 * @profile: that perms where computed from
308 * @perms: perms to apply mode modifiers to
310 * TODO: split into profile and ns based flags for when accumulating perms
312 void aa_apply_modes_to_perms(struct aa_profile *profile, struct aa_perms *perms) argument
316 perms->audit = ALL_PERMS_MASK;
319 perms
337 aa_profile_match_label(struct aa_profile *profile, struct aa_ruleset *rules, struct aa_label *label, int type, u32 request, struct aa_perms *perms) argument
359 struct aa_perms perms; local
388 aa_check_perms(struct aa_profile *profile, struct aa_perms *perms, u32 request, struct apparmor_audit_data *ad, void (*cb)(struct audit_buffer *, void *)) argument
[all...] |
| H A D | lsm.c | 570 * Private mappings don't require write perms since they don't
638 struct aa_perms perms = { }; local
642 false, request, &perms);
644 perms = *aa_lookup_perms(rules->policy, state);
646 aa_apply_modes_to_perms(profile, &perms);
647 error = aa_check_perms(profile, &perms, request, ad,
1291 * apparmor_socket_sock_rcv_skb - check perms before associating skb to sk
1293 * @skb: skb to check for perms
2181 nullpdb->perms = kcalloc(2, sizeof(struct aa_perms), GFP_KERNEL);
2182 if (!nullpdb->perms)
[all...] |
| H A D | mount.c | 126 * @perms: the permissions computed for the request (NOT NULL)
137 struct aa_perms *perms, const char *info, int error)
143 u32 mask = perms->audit;
148 /* mask off perms that are not being force audited */
156 request = request & ~perms->allow;
158 if (request & perms->kill)
162 if ((request & perms->quiet) &&
165 request &= ~perms->quiet;
177 if (data && (perms->audit & AA_AUDIT_DATA))
217 "failed perms chec
132 audit_mount(const struct cred *subj_cred, struct aa_profile *profile, const char *op, const char *name, const char *src_name, const char *type, const char *trans, unsigned long flags, const void *data, u32 request, struct aa_perms *perms, const char *info, int error) argument
224 do_match_mnt(struct aa_policydb *policy, aa_state_t start, const char *mntpnt, const char *devname, const char *type, unsigned long flags, void *data, bool binary, struct aa_perms *perms) argument
310 struct aa_perms perms = { }; local
607 struct aa_perms perms = { }; local
673 struct aa_perms perms = { }; local
[all...] |
| H A D | net.c | 115 struct aa_perms perms = { }; local
132 perms = *aa_lookup_perms(rules->policy, state);
133 aa_apply_modes_to_perms(profile, &perms);
135 return aa_check_perms(profile, &perms, request, ad, audit_net_cb);
225 struct aa_perms perms = { }; local
242 perms.deny = ALL_PERMS_MASK;
244 perms.allow = ALL_PERMS_MASK;
247 perms.audit = ALL_PERMS_MASK;
251 aa_apply_modes_to_perms(profile, &perms);
253 return aa_check_perms(profile, &perms, reques
[all...] |
| H A D | policy.c | 106 if (pdb->perms)
107 kvfree(pdb->perms);
|
| H A D | policy_compat.c | 73 * map_old_perms - map old file perms layout to the new layout
100 static void compute_fperms_allow(struct aa_perms *perms, struct aa_dfa *dfa, argument
103 perms->allow |= AA_MAY_GETATTR;
107 perms->allow |= AA_MAY_CHANGE_PROFILE;
109 perms->allow |= AA_MAY_ONEXEC;
115 struct aa_perms perms = { }; local
117 perms.allow = map_old_perms(dfa_user_allow(dfa, state));
118 perms.audit = map_old_perms(dfa_user_audit(dfa, state));
119 perms.quiet = map_old_perms(dfa_user_quiet(dfa, state));
120 perms
130 struct aa_perms perms = { }; local
177 struct aa_perms *perms; local
214 struct aa_perms perms = { }; local
[all...] |
| H A D | policy_unpack.c | 667 static ssize_t unpack_perms_table(struct aa_ext *e, struct aa_perms **perms) argument
672 AA_BUG(!perms);
674 * policy perms are optional, in which case perms are embedded
677 if (aa_unpack_nameX(e, AA_STRUCT, "perms")) {
685 *perms = kcalloc(size, sizeof(struct aa_perms), GFP_KERNEL);
686 if (!*perms)
689 if (!unpack_perm(e, version, &(*perms)[i]))
697 *perms = NULL;
702 kfree(*perms);
[all...] |
| H A D | task.c | 233 struct aa_perms perms = { }; local
238 &perms);
239 aa_apply_modes_to_perms(profile, &perms);
240 return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb);
320 struct aa_perms perms = { }; local
336 perms = *aa_lookup_perms(rules->policy, state);
337 aa_apply_modes_to_perms(profile, &perms);
338 error = aa_check_perms(profile, &perms, request, ad,
|
| /linux-master/security/apparmor/include/ |
| H A D | file.h | 18 #include "perms.h"
40 * @perms: the permission the file was opened with
75 struct aa_profile *profile, struct aa_perms *perms,
84 struct aa_perms *perms);
110 u32 perms = 0; local
113 perms |= MAY_WRITE;
115 perms |= MAY_READ;
117 if ((flags & O_APPEND) && (perms & MAY_WRITE))
118 perms = (perms
[all...] |
| H A D | label.h | 363 u32 request, struct aa_perms *perms);
|
| H A D | perms.h | 103 * aa_perms_accum_raw - accumulate perms with out masking off overlapping perms
104 * @accum - perms struct to accumulate into
105 * @addend - perms struct to add to @accum
130 * aa_perms_accum - accumulate perms, masking off overlapping perms
131 * @accum - perms struct to accumulate into
132 * @addend - perms struct to add to @accum
210 struct aa_perms *perms);
215 int type, u32 request, struct aa_perms *perms);
[all...] |
| H A D | policy.h | 30 #include "perms.h"
80 * perms: table of permissions
88 struct aa_perms *perms; member in struct:aa_policydb::__anon648
132 if (!(policy->perms))
135 return &(policy->perms[index]);
|