Lines Matching full:domain
2 * security/tomoyo/domain.c
13 /* The initial domain. */
76 * tomoyo_update_domain - Update an entry for domain policy.
108 * Domain transition preference is allowed for only in tomoyo_update_domain()
160 const struct tomoyo_domain_info *domain = r->domain; in tomoyo_check_acl() local
163 const struct list_head *list = &domain->acl_info_list; in tomoyo_check_acl()
179 list = &domain->ns->acl_group[domain->group]; in tomoyo_check_acl()
275 * tomoyo_scan_transition - Try to find specific domain transition type.
278 * @domainname: The name of current domain.
317 * tomoyo_transition_type - Get domain transition type.
320 * @domainname: The name of current domain.
324 * domain transition across namespaces, TOMOYO_TRANSITION_CONTROL_INITIALIZE if
325 * executing @program reinitializes domain transition within that namespace,
482 * @domainname: Name of domain.
495 * tomoyo_assign_domain - Create a domain or a namespace.
497 * @domainname: The name of domain.
498 * @transit: True if transit to domain found or created.
515 * that domain. Do not perform domain transition if in tomoyo_assign_domain()
516 * profile for that domain is not yet created. in tomoyo_assign_domain()
524 /* Requested domain does not exist. */ in tomoyo_assign_domain()
525 /* Don't create requested domain if domainname is invalid. */ in tomoyo_assign_domain()
532 * by automatically creating requested domain upon domain transition. in tomoyo_assign_domain()
541 * domains are inherited from current domain. These are 0 for manually in tomoyo_assign_domain()
545 const struct tomoyo_domain_info *domain = tomoyo_domain(); in tomoyo_assign_domain() local
546 e.profile = domain->profile; in tomoyo_assign_domain()
547 e.group = domain->group; in tomoyo_assign_domain()
603 ee->r.profile = r->domain->profile; in tomoyo_environ()
604 ee->r.mode = tomoyo_get_mode(r->domain->ns, ee->r.profile, in tomoyo_environ()
668 * tomoyo_find_next_domain - Find a domain.
679 struct tomoyo_domain_info *domain = NULL; in tomoyo_find_next_domain() local
740 * Check for domain transition preference if "file execute" matched. in tomoyo_find_next_domain()
741 * If preference is given, make do_execve() fail if domain transition in tomoyo_find_next_domain()
742 * has failed, for domain transition preference should be used with in tomoyo_find_next_domain()
743 * destination domain defined. in tomoyo_find_next_domain()
771 * No domain transition preference specified. in tomoyo_find_next_domain()
772 * Calculate domain to transit to. in tomoyo_find_next_domain()
782 * Make do_execve() fail if domain transition across namespaces in tomoyo_find_next_domain()
795 /* Keep current domain. */ in tomoyo_find_next_domain()
796 domain = old_domain; in tomoyo_find_next_domain()
802 * Needn't to transit from kernel domain before in tomoyo_find_next_domain()
803 * starting /sbin/init. But transit from kernel domain in tomoyo_find_next_domain()
807 domain = old_domain; in tomoyo_find_next_domain()
811 /* Normal domain transition. */ in tomoyo_find_next_domain()
817 if (!domain) in tomoyo_find_next_domain()
818 domain = tomoyo_assign_domain(ee->tmp, true); in tomoyo_find_next_domain()
819 if (domain) in tomoyo_find_next_domain()
822 printk(KERN_WARNING "ERROR: Domain '%s' not ready.\n", in tomoyo_find_next_domain()
835 "ERROR: Domain '%s' not defined.\n", ee->tmp); in tomoyo_find_next_domain()
839 if (!domain) in tomoyo_find_next_domain()
840 domain = old_domain; in tomoyo_find_next_domain()
842 atomic_inc(&domain->users); in tomoyo_find_next_domain()
843 bprm->cred->security = domain; in tomoyo_find_next_domain()
846 ee->r.domain = domain; in tomoyo_find_next_domain()