/linux-4.4.14/tools/perf/scripts/python/Perf-Trace-Util/lib/Perf/Trace/ |
D | Util.py | 53 import audit 55 'x86_64': audit.MACH_86_64, 56 'alpha' : audit.MACH_ALPHA, 57 'ia64' : audit.MACH_IA64, 58 'ppc' : audit.MACH_PPC, 59 'ppc64' : audit.MACH_PPC64, 60 's390' : audit.MACH_S390, 61 's390x' : audit.MACH_S390X, 62 'i386' : audit.MACH_X86, 63 'i586' : audit.MACH_X86, [all …]
|
/linux-4.4.14/security/apparmor/ |
D | domain.c | 106 perms.audit = perms.quiet = perms.kill = 0; in change_profile_perms() 374 goto audit; in apparmor_bprm_set_creds() 403 goto audit; in apparmor_bprm_set_creds() 415 goto audit; in apparmor_bprm_set_creds() 468 goto audit; in apparmor_bprm_set_creds() 479 goto audit; in apparmor_bprm_set_creds() 513 audit: in apparmor_bprm_set_creds() 632 goto audit; in aa_change_hat() 675 goto audit; in aa_change_hat() 683 goto audit; in aa_change_hat() [all …]
|
D | file.c | 124 u32 mask = perms->audit; in aa_audit_file() 208 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_perms() 213 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in compute_perms() 370 goto audit; in aa_path_link() 376 goto audit; in aa_path_link() 384 goto audit; in aa_path_link() 393 lperms.audit = perms.audit; in aa_path_link() 399 goto audit; in aa_path_link() 418 goto audit; in aa_path_link() 424 goto audit; in aa_path_link() [all …]
|
D | capability.c | 80 !cap_raised(profile->caps.audit, cap))) in audit_caps() 132 int aa_capable(struct aa_profile *profile, int cap, int audit) in aa_capable() argument 136 if (!audit) { in aa_capable()
|
D | Makefile | 5 apparmor-y := apparmorfs.o audit.o capability.o context.o ipc.o lib.o match.o \
|
D | policy_unpack.c | 531 profile->audit = AUDIT_ALL; in unpack_profile() 545 if (!unpack_u32(e, &(profile->caps.audit.cap[0]), NULL)) in unpack_profile() 556 if (!unpack_u32(e, &(profile->caps.audit.cap[1]), NULL)) in unpack_profile()
|
D | lsm.c | 132 int cap, int audit) in apparmor_capable() argument 139 error = aa_capable(profile, cap, audit); in apparmor_capable() 701 module_param_call(audit, param_set_audit, param_get_audit,
|
/linux-4.4.14/arch/x86/ia32/ |
D | Makefile | 9 audit-class-$(CONFIG_AUDIT) := audit.o 10 obj-$(CONFIG_IA32_EMULATION) += $(audit-class-y)
|
/linux-4.4.14/security/integrity/ |
D | integrity_audit.c | 23 unsigned long audit; in integrity_audit_setup() local 25 if (!kstrtoul(str, 0, &audit)) in integrity_audit_setup() 26 integrity_audit_info = audit ? 1 : 0; in integrity_audit_setup()
|
D | Kconfig | 11 extension and audit measurement log support.
|
/linux-4.4.14/Documentation/DocBook/ |
D | kernel-api.xml.db | 559 API-audit-log-start 560 API-audit-log-format 561 API-audit-log-end 562 API-audit-log 563 API-audit-log-secctx 564 API-audit-alloc 565 API---audit-free 566 API---audit-syscall-entry 567 API---audit-syscall-exit 568 API---audit-reusename [all …]
|
D | .kernel-api.xml.cmd | 2 …scan.c drivers/firmware/edd.c security/security.c security/inode.c kernel/audit.c kernel/auditsc.c…
|
/linux-4.4.14/security/apparmor/include/ |
D | capability.h | 33 kernel_cap_t audit; member 41 int aa_capable(struct aa_profile *profile, int cap, int audit);
|
D | file.h | 89 u32 audit; member 97 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
|
D | policy.h | 211 enum audit_mode audit; member 403 return profile->audit; in AUDIT_MODE()
|
/linux-4.4.14/security/tomoyo/ |
D | Kconfig | 31 int "Default maximal count for audit log" 37 audit logs that the kernel can hold on memory. 38 You can read the log via /sys/kernel/security/tomoyo/audit. 39 If you don't need audit logs, you may set this value to 0.
|
D | Makefile | 1 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
|
/linux-4.4.14/arch/sparc/kernel/ |
D | Makefile | 112 obj-$(CONFIG_AUDIT) += audit.o 113 audit--$(CONFIG_AUDIT) := compat_audit.o 114 obj-$(CONFIG_COMPAT) += $(audit--y)
|
/linux-4.4.14/drivers/staging/comedi/ |
D | TODO | 5 - audit userspace interface
|
/linux-4.4.14/arch/parisc/kernel/ |
D | Makefile | 32 obj-$(CONFIG_AUDIT) += audit.o
|
/linux-4.4.14/arch/s390/kernel/ |
D | Makefile | 55 obj-$(CONFIG_AUDIT) += audit.o
|
/linux-4.4.14/arch/ia64/kernel/ |
D | Makefile | 32 obj-$(CONFIG_AUDIT) += audit.o
|
/linux-4.4.14/drivers/staging/android/ |
D | TODO | 6 - audit userspace interfaces to make sure they are sane
|
/linux-4.4.14/include/net/iucv/ |
D | iucv.h | 116 u32 audit; member
|
/linux-4.4.14/Documentation/ABI/testing/ |
D | ima_policy | 20 action: measure | dont_measure | appraise | dont_appraise | audit
|
/linux-4.4.14/kernel/ |
D | Makefile | 67 obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
|
/linux-4.4.14/arch/alpha/kernel/ |
D | Makefile | 20 obj-$(CONFIG_AUDIT) += audit.o
|
/linux-4.4.14/security/integrity/ima/ |
D | Kconfig | 81 list, integrity appraisal and audit log. The compiled default
|
/linux-4.4.14/arch/powerpc/kernel/ |
D | Makefile | 113 obj-$(CONFIG_AUDIT) += audit.o
|
/linux-4.4.14/include/scsi/ |
D | osd_protocol.h | 561 /*10*/ u8 audit[20]; member
|
/linux-4.4.14/Documentation/RCU/ |
D | listRCU.txt | 49 you are turning auditing off, it is OK to audit a few extra system calls. 237 If the system-call audit module were to ever need to reject stale data,
|
/linux-4.4.14/lib/ |
D | Makefile | 114 obj-$(CONFIG_AUDIT_GENERIC) += audit.o
|
/linux-4.4.14/tools/perf/ |
D | builtin-trace.c | 1405 } audit; member 1687 const char *name = audit_syscall_to_name(id, trace->audit.machine); in trace__read_syscall_info() 1758 int id = audit_name_to_syscall(sc, trace->audit.machine); in trace__validate_ev_qualifier() 2040 if (id == trace->audit.open_id && ret >= 0 && ttrace->filename.pending_open) { in trace__sys_exit() 3026 .audit = { in cmd_trace() 3028 .open_id = audit_name_to_syscall("open", trace.audit.machine), in cmd_trace()
|
/linux-4.4.14/Documentation/virtual/kvm/ |
D | locking.txt | 123 fast page fault path, in order to easily audit the path, we see if TLBs need
|
/linux-4.4.14/security/ |
D | commoncap.c | 72 int cap, int audit) in cap_capable() argument
|
/linux-4.4.14/net/iucv/ |
D | iucv.c | 1101 msg->audit = (*(u32 *) &parm->purge.ipaudit) >> 8; in iucv_message_purge() 1680 msg.audit = imc->ipaudit; in iucv_message_complete()
|
/linux-4.4.14/include/linux/ |
D | lsm_hooks.h | 1323 int cap, int audit);
|
D | security.h | 71 int cap, int audit);
|
/linux-4.4.14/tools/perf/config/ |
D | Makefile | 391 …msg := $(warning No libaudit.h found, disables 'trace' tool, please install audit-libs-devel or li…
|
/linux-4.4.14/Documentation/ |
D | adding-syscalls.txt | 433 The audit subsystem is one such special case; it includes (arch-specific) 437 one of these, then the audit system should be updated.
|
D | kernel-parameters.txt | 514 audit= [KNL] Enable the audit sub-system 516 0 - kernel audit is disabled and can not be enabled 518 unset - kernel audit is initialized but disabled and 520 1 - kernel audit is initialized and partially enabled, 526 audit_backlog_limit= [KNL] Set the audit queue size limit. 1758 kvm.mmu_audit= [KVM] This is a R/W parameter which allows audit
|
D | devices.txt | 1799 0 = /dev/audit Audit device
|
/linux-4.4.14/drivers/scsi/bfa/ |
D | bfa_defs_svc.h | 1446 struct bfa_audit_aen_data_s audit; member
|
D | bfa_ioc.c | 4212 aen_entry->aen_data.audit.pwwn = ioc->attr->pwwn; in bfa_flash_aen_audit_post() 4213 aen_entry->aen_data.audit.partition_inst = inst; in bfa_flash_aen_audit_post() 4214 aen_entry->aen_data.audit.partition_type = type; in bfa_flash_aen_audit_post()
|
/linux-4.4.14/include/uapi/linux/ |
D | Kbuild | 61 header-y += audit.h
|
/linux-4.4.14/security/selinux/ |
D | hooks.c | 1564 int cap, int audit) in cred_has_capability() argument 1591 if (audit == SECURITY_CAP_AUDIT) { in cred_has_capability() 2080 int cap, int audit) in selinux_capable() argument 2082 return cred_has_capability(cred, cap, audit); in selinux_capable()
|
/linux-4.4.14/net/netfilter/ |
D | Kconfig | 628 audit records for packets dropped/accepted.
|
/linux-4.4.14/ |
D | MAINTAINERS | 2024 L: linux-audit@redhat.com (moderated for non-subscribers) 2025 W: http://people.redhat.com/sgrubb/audit/ 2026 T: git git://git.infradead.org/users/pcmoore/audit 2028 F: include/linux/audit.h 2029 F: include/uapi/linux/audit.h 2030 F: kernel/audit*
|