Home
last modified time | relevance | path

Searched refs:subj_cred (Results 1 – 14 of 14) sorted by relevance

/linux/security/apparmor/include/
H A Dmount.h28 int aa_remount(const struct cred *subj_cred,
32 int aa_bind_mount(const struct cred *subj_cred,
37 int aa_mount_change_type(const struct cred *subj_cred,
41 int aa_move_mount_old(const struct cred *subj_cred,
44 int aa_move_mount(const struct cred *subj_cred,
48 int aa_new_mount(const struct cred *subj_cred,
53 int aa_umount(const struct cred *subj_cred,
56 int aa_pivotroot(const struct cred *subj_cred,
H A Dnet.h69 NAME.subj_cred = (CRED); \
99 int aa_af_perm(const struct cred *subj_cred, struct aa_label *label,
112 int aa_sock_file_perm(const struct cred *subj_cred, struct aa_label *label,
H A Daf_unix.h35 int aa_unix_peer_perm(const struct cred *subj_cred,
52 int aa_unix_file_perm(const struct cred *subj_cred, struct aa_label *label,
H A Dresource.h36 int aa_task_setrlimit(const struct cred *subj_cred, struct aa_label *label,
H A Dcapability.h40 int aa_capable(const struct cred *subj_cred, struct aa_label *label,
H A Daudit.h116 const struct cred *subj_cred; member
/linux/security/apparmor/
H A Dfile.c49 kuid_t fsuid = ad->subj_cred ? ad->subj_cred->fsuid : current_fsuid(); in file_audit_cb()
81 * @subj_cred: cred of the subject
95 int aa_audit_file(const struct cred *subj_cred, in aa_audit_file() argument
104 ad.subj_cred = subj_cred; in aa_audit_file()
148 static int path_name(const char *op, const struct cred *subj_cred, in path_name() argument
161 aa_audit_file(subj_cred, in path_name()
221 int __aa_path_perm(const char *op, const struct cred *subj_cred, in __aa_path_perm() argument
236 return aa_audit_file(subj_cred, in __aa_path_perm()
242 profile_path_perm(const char * op,const struct cred * subj_cred,struct aa_profile * profile,const struct path * path,char * buffer,u32 request,struct path_cond * cond,int flags,struct aa_perms * perms) profile_path_perm() argument
275 aa_path_perm(const char * op,const struct cred * subj_cred,struct aa_label * label,const struct path * path,int flags,u32 request,struct path_cond * cond) aa_path_perm() argument
319 profile_path_link(const struct cred * subj_cred,struct aa_profile * profile,const struct path * link,char * buffer,const struct path * target,char * buffer2,struct path_cond * cond) profile_path_link() argument
425 aa_path_link(const struct cred * subj_cred,struct aa_label * label,struct dentry * old_dentry,const struct path * new_dir,struct dentry * new_dentry) aa_path_link() argument
478 __file_path_perm(const char * op,const struct cred * subj_cred,struct aa_label * label,struct aa_label * flabel,struct file * file,u32 request,u32 denied,bool in_atomic) __file_path_perm() argument
539 __file_sock_perm(const char * op,const struct cred * subj_cred,struct aa_label * label,struct aa_label * flabel,struct file * file,u32 request,u32 denied) __file_sock_perm() argument
604 aa_file_perm(const char * op,const struct cred * subj_cred,struct aa_label * label,struct file * file,u32 request,bool in_atomic) aa_file_perm() argument
654 revalidate_tty(const struct cred * subj_cred,struct aa_label * label) revalidate_tty() argument
[all...]
H A Dresource.c46 * @subj_cred: cred setting the resource
56 static int audit_resource(const struct cred *subj_cred, in audit_resource() argument
64 ad.subj_cred = subj_cred; in audit_resource()
88 static int profile_setrlimit(const struct cred *subj_cred, in profile_setrlimit() argument
98 return audit_resource(subj_cred, profile, resource, new_rlim->rlim_max, in profile_setrlimit()
104 * @subj_cred: cred setting the limit
114 int aa_task_setrlimit(const struct cred *subj_cred, struct aa_label *label, in aa_task_setrlimit() argument
134 aa_capable(subj_cred, label, CAP_SYS_RESOURCE, CAP_OPT_NOAUDIT) != 0) in aa_task_setrlimit()
136 audit_resource(subj_cred, profil in aa_task_setrlimit()
[all...]
H A Ddomain.c659 static struct aa_label *profile_transition(const struct cred *subj_cred, in profile_transition() argument
706 (void) aa_audit_file(subj_cred, profile, &perms, in profile_transition()
781 aa_audit_file(subj_cred, profile, &perms, OP_EXEC, MAY_EXEC, name, in profile_transition()
792 static int profile_onexec(const struct cred *subj_cred, in profile_onexec() argument
860 return aa_audit_file(subj_cred, profile, &perms, OP_EXEC, in profile_onexec()
867 static struct aa_label *handle_onexec(const struct cred *subj_cred, in handle_onexec() argument
885 profile_onexec(subj_cred, profile, onexec, stack, in handle_onexec()
894 profile_transition(subj_cred, profile, bprm, in handle_onexec()
901 aa_audit_file(subj_cred, profile, &nullperms, in handle_onexec()
921 const struct cred *subj_cred; in apparmor_bprm_creds_for_exec() local
1055 build_change_hat(const struct cred * subj_cred,struct aa_profile * profile,const char * name,bool sibling) build_change_hat() argument
1105 change_hat(const struct cred * subj_cred,struct aa_label * label,const char * hats[],int count,int flags) change_hat() argument
1223 const struct cred *subj_cred; aa_change_hat() local
1351 change_profile_perms_wrapper(const char * op,const char * name,const struct cred * subj_cred,struct aa_profile * profile,struct aa_label * target,bool stack,u32 request,struct aa_perms * perms) change_profile_perms_wrapper() argument
1397 const struct cred *subj_cred = get_current_cred(); aa_change_profile() local
[all...]
H A Daf_unix.c33 static int unix_fs_perm(const char *op, u32 mask, const struct cred *subj_cred, in unix_fs_perm() argument
55 return aa_path_perm(op, subj_cred, label, path, in unix_fs_perm()
240 return unix_fs_perm(ad->op, request, ad->subj_cred, in profile_sk_perm()
303 ad->subj_cred, &profile->label, in profile_listen_perm()
338 ad->subj_cred, &profile->label, in profile_accept_perm()
369 ad->subj_cred, &profile->label, in profile_opt_perm()
410 return unix_fs_perm(ad->op, request, ad->subj_cred, in profile_peer_perm()
413 return unix_fs_perm(ad->op, request, ad->subj_cred, in profile_peer_perm()
445 static int aa_unix_label_sk_perm(const struct cred *subj_cred, in aa_unix_label_sk_perm() argument
452 DEFINE_AUDIT_SK(ad, op, subj_cred, s in aa_unix_label_sk_perm()
600 unix_peer_perm(const struct cred * subj_cred,struct aa_label * label,const char * op,u32 request,struct sock * sk,struct path * path,struct sockaddr_un * peer_addr,int peer_addrlen,struct path * peer_path,struct aa_label * peer_label) unix_peer_perm() argument
623 aa_unix_peer_perm(const struct cred * subj_cred,struct aa_label * label,const char * op,u32 request,struct sock * sk,struct sock * peer_sk,struct aa_label * peer_label) aa_unix_peer_perm() argument
709 aa_unix_file_perm(const struct cred * subj_cred,struct aa_label * label,const char * op,u32 request,struct file * file) aa_unix_file_perm() argument
[all...]
H A Dcapability.c97 if (ad->subj_cred == ent->ad_subj_cred && ktime_get_ns() <= ent->ktime_ns_expiration[cap]) { in audit_caps()
104 ent->ad_subj_cred = get_cred(ad->subj_cred); in audit_caps()
170 * @subj_cred: cred we are testing capability against
179 int aa_capable(const struct cred *subj_cred, struct aa_label *label, in aa_capable() argument
186 ad.subj_cred = subj_cred; in aa_capable()
H A Dipc.c90 ad->subj_cred = cred; in profile_signal_perm()
102 int aa_may_signal(const struct cred *subj_cred, struct aa_label *sender, in aa_may_signal() argument
112 profile_signal_perm(subj_cred, profile, target, in aa_may_signal()
H A Dpolicy.c821 static int policy_ns_capable(const struct cred *subj_cred, in policy_ns_capable() argument
828 err = cap_capable(subj_cred, userns, cap, CAP_OPT_NONE); in policy_ns_capable()
830 err = aa_capable(subj_cred, label, cap, CAP_OPT_NONE); in policy_ns_capable()
837 * @subj_cred: cred of subject
846 bool aa_policy_view_capable(const struct cred *subj_cred, in aa_policy_view_capable() argument
849 struct user_namespace *user_ns = subj_cred->user_ns; in aa_policy_view_capable()
866 bool aa_policy_admin_capable(const struct cred *subj_cred, in aa_policy_admin_capable() argument
869 struct user_namespace *user_ns = subj_cred->user_ns; in aa_policy_admin_capable()
870 bool capable = policy_ns_capable(subj_cred, label, user_ns, in aa_policy_admin_capable()
876 return aa_policy_view_capable(subj_cred, labe in aa_policy_admin_capable()
913 aa_may_manage_policy(const struct cred * subj_cred,struct aa_label * label,struct aa_ns * ns,u32 mask) aa_may_manage_policy() argument
[all...]
H A Dtask.c234 ad->subj_cred = cred; in profile_ptrace_perm()