Home
last modified time | relevance | path

Searched refs:audit (Results 1 – 45 of 45) sorted by relevance

/linux-4.1.27/tools/perf/scripts/python/Perf-Trace-Util/lib/Perf/Trace/
DUtil.py53 import audit
55 'x86_64': audit.MACH_86_64,
56 'alpha' : audit.MACH_ALPHA,
57 'ia64' : audit.MACH_IA64,
58 'ppc' : audit.MACH_PPC,
59 'ppc64' : audit.MACH_PPC64,
60 's390' : audit.MACH_S390,
61 's390x' : audit.MACH_S390X,
62 'i386' : audit.MACH_X86,
63 'i586' : audit.MACH_X86,
[all …]
/linux-4.1.27/security/apparmor/
Ddomain.c106 perms.audit = perms.quiet = perms.kill = 0; in change_profile_perms()
376 goto audit; in apparmor_bprm_set_creds()
405 goto audit; in apparmor_bprm_set_creds()
417 goto audit; in apparmor_bprm_set_creds()
470 goto audit; in apparmor_bprm_set_creds()
481 goto audit; in apparmor_bprm_set_creds()
515 audit: in apparmor_bprm_set_creds()
636 goto audit; in aa_change_hat()
679 goto audit; in aa_change_hat()
687 goto audit; in aa_change_hat()
[all …]
Dfile.c124 u32 mask = perms->audit; in aa_audit_file()
208 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_perms()
213 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in compute_perms()
370 goto audit; in aa_path_link()
376 goto audit; in aa_path_link()
384 goto audit; in aa_path_link()
393 lperms.audit = perms.audit; in aa_path_link()
399 goto audit; in aa_path_link()
418 goto audit; in aa_path_link()
424 goto audit; in aa_path_link()
[all …]
Dcapability.c80 !cap_raised(profile->caps.audit, cap))) in audit_caps()
132 int aa_capable(struct aa_profile *profile, int cap, int audit) in aa_capable() argument
136 if (!audit) { in aa_capable()
DMakefile5 apparmor-y := apparmorfs.o audit.o capability.o context.o ipc.o lib.o match.o \
Dlsm.c140 int cap, int audit) in apparmor_capable() argument
144 int error = cap_capable(cred, ns, cap, audit); in apparmor_capable()
148 error = aa_capable(profile, cap, audit); in apparmor_capable()
714 module_param_call(audit, param_set_audit, param_get_audit,
Dpolicy_unpack.c531 profile->audit = AUDIT_ALL; in unpack_profile()
545 if (!unpack_u32(e, &(profile->caps.audit.cap[0]), NULL)) in unpack_profile()
556 if (!unpack_u32(e, &(profile->caps.audit.cap[1]), NULL)) in unpack_profile()
/linux-4.1.27/arch/x86/ia32/
DMakefile9 audit-class-$(CONFIG_AUDIT) := audit.o
10 obj-$(CONFIG_IA32_EMULATION) += $(audit-class-y)
/linux-4.1.27/security/integrity/
Dintegrity_audit.c23 unsigned long audit; in integrity_audit_setup() local
25 if (!kstrtoul(str, 0, &audit)) in integrity_audit_setup()
26 integrity_audit_info = audit ? 1 : 0; in integrity_audit_setup()
DKconfig11 extension and audit measurement log support.
/linux-4.1.27/security/apparmor/include/
Dcapability.h33 kernel_cap_t audit; member
41 int aa_capable(struct aa_profile *profile, int cap, int audit);
Dfile.h89 u32 audit; member
97 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
Dpolicy.h211 enum audit_mode audit; member
403 return profile->audit; in AUDIT_MODE()
/linux-4.1.27/security/tomoyo/
DKconfig31 int "Default maximal count for audit log"
37 audit logs that the kernel can hold on memory.
38 You can read the log via /sys/kernel/security/tomoyo/audit.
39 If you don't need audit logs, you may set this value to 0.
DMakefile1 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
/linux-4.1.27/arch/sparc/kernel/
DMakefile111 obj-$(CONFIG_AUDIT) += audit.o
112 audit--$(CONFIG_AUDIT) := compat_audit.o
113 obj-$(CONFIG_COMPAT) += $(audit--y)
/linux-4.1.27/drivers/staging/comedi/
DTODO5 - audit userspace interface
/linux-4.1.27/drivers/staging/android/
DTODO7 - audit userspace interfaces to make sure they are sane
/linux-4.1.27/arch/parisc/kernel/
DMakefile32 obj-$(CONFIG_AUDIT) += audit.o
/linux-4.1.27/arch/s390/kernel/
DMakefile44 obj-$(CONFIG_AUDIT) += audit.o
/linux-4.1.27/arch/ia64/kernel/
DMakefile32 obj-$(CONFIG_AUDIT) += audit.o
/linux-4.1.27/Documentation/DocBook/
D.kernel-api.xml.cmd2 …scan.c drivers/firmware/edd.c security/security.c security/inode.c kernel/audit.c kernel/auditsc.c…
/linux-4.1.27/Documentation/ABI/testing/
Dima_policy20 action: measure | dont_measure | appraise | dont_appraise | audit
/linux-4.1.27/include/net/iucv/
Diucv.h116 u32 audit; member
/linux-4.1.27/arch/alpha/kernel/
DMakefile20 obj-$(CONFIG_AUDIT) += audit.o
/linux-4.1.27/kernel/
DMakefile65 obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
/linux-4.1.27/security/integrity/ima/
DKconfig81 list, integrity appraisal and audit log. The compiled default
/linux-4.1.27/arch/powerpc/kernel/
DMakefile113 obj-$(CONFIG_AUDIT) += audit.o
/linux-4.1.27/include/scsi/
Dosd_protocol.h561 /*10*/ u8 audit[20]; member
/linux-4.1.27/lib/
DMakefile105 obj-$(CONFIG_AUDIT_GENERIC) += audit.o
/linux-4.1.27/Documentation/RCU/
DlistRCU.txt49 you are turning auditing off, it is OK to audit a few extra system calls.
237 If the system-call audit module were to ever need to reject stale data,
/linux-4.1.27/tools/perf/
Dbuiltin-trace.c1221 } audit; member
1470 const char *name = audit_syscall_to_name(id, trace->audit.machine); in trace__read_syscall_info()
1791 if (id == trace->audit.open_id && ret >= 0 && trace->last_vfs_getname) { in trace__sys_exit()
2639 .audit = { in cmd_trace()
2641 .open_id = audit_name_to_syscall("open", trace.audit.machine), in cmd_trace()
/linux-4.1.27/Documentation/virtual/kvm/
Dlocking.txt123 fast page fault path, in order to easily audit the path, we see if TLBs need
/linux-4.1.27/security/
Dcommoncap.c77 int cap, int audit) in cap_capable() argument
/linux-4.1.27/net/iucv/
Diucv.c1101 msg->audit = (*(u32 *) &parm->purge.ipaudit) >> 8; in iucv_message_purge()
1680 msg.audit = imc->ipaudit; in iucv_message_complete()
/linux-4.1.27/include/linux/
Dsecurity.h77 int cap, int audit);
1482 int cap, int audit);
/linux-4.1.27/security/selinux/
Dhooks.c1540 int cap, int audit) in cred_has_capability() argument
1567 if (audit == SECURITY_CAP_AUDIT) { in cred_has_capability()
2058 int cap, int audit) in selinux_capable() argument
2062 rc = cap_capable(cred, ns, cap, audit); in selinux_capable()
2066 return cred_has_capability(cred, cap, audit); in selinux_capable()
/linux-4.1.27/tools/perf/config/
DMakefile360 …msg := $(warning No libaudit.h found, disables 'trace' tool, please install audit-libs-devel or li…
/linux-4.1.27/include/uapi/linux/
DKbuild61 header-y += audit.h
/linux-4.1.27/drivers/scsi/bfa/
Dbfa_defs_svc.h1446 struct bfa_audit_aen_data_s audit; member
Dbfa_ioc.c4212 aen_entry->aen_data.audit.pwwn = ioc->attr->pwwn; in bfa_flash_aen_audit_post()
4213 aen_entry->aen_data.audit.partition_inst = inst; in bfa_flash_aen_audit_post()
4214 aen_entry->aen_data.audit.partition_type = type; in bfa_flash_aen_audit_post()
/linux-4.1.27/Documentation/
Dkernel-parameters.txt507 audit= [KNL] Enable the audit sub-system
509 0 - kernel audit is disabled and can not be enabled
511 unset - kernel audit is initialized but disabled and
513 1 - kernel audit is initialized and partially enabled,
519 audit_backlog_limit= [KNL] Set the audit queue size limit.
1693 kvm.mmu_audit= [KVM] This is a R/W parameter which allows audit
Ddevices.txt1799 0 = /dev/audit Audit device
/linux-4.1.27/net/netfilter/
DKconfig614 audit records for packets dropped/accepted.
/linux-4.1.27/
DMAINTAINERS1875 L: linux-audit@redhat.com (moderated for non-subscribers)
1876 W: http://people.redhat.com/sgrubb/audit/
1877 T: git git://git.infradead.org/users/pcmoore/audit
1879 F: include/linux/audit.h
1880 F: include/uapi/linux/audit.h
1881 F: kernel/audit*