| /linux-4.4.14/security/apparmor/ |
| D | match.c | 100 static int verify_dfa(struct aa_dfa *dfa, int flags) in verify_dfa() argument
106 if (!(dfa->tables[YYTD_ID_DEF] && in verify_dfa()
107 dfa->tables[YYTD_ID_BASE] && in verify_dfa()
108 dfa->tables[YYTD_ID_NXT] && dfa->tables[YYTD_ID_CHK])) in verify_dfa()
112 state_count = dfa->tables[YYTD_ID_BASE]->td_lolen; in verify_dfa()
114 if (!dfa->tables[YYTD_ID_ACCEPT]) in verify_dfa()
116 if (state_count != dfa->tables[YYTD_ID_ACCEPT]->td_lolen) in verify_dfa()
120 if (!dfa->tables[YYTD_ID_ACCEPT2]) in verify_dfa()
122 if (state_count != dfa->tables[YYTD_ID_ACCEPT2]->td_lolen) in verify_dfa()
125 if (state_count != dfa->tables[YYTD_ID_DEF]->td_lolen) in verify_dfa()
[all …]
|
| D | file.c | 194 static struct file_perms compute_perms(struct aa_dfa *dfa, unsigned int state, in compute_perms() argument
207 perms.allow = map_old_perms(dfa_user_allow(dfa, state)); in compute_perms()
208 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_perms()
209 perms.quiet = map_old_perms(dfa_user_quiet(dfa, state)); in compute_perms()
210 perms.xindex = dfa_user_xindex(dfa, state); in compute_perms()
212 perms.allow = map_old_perms(dfa_other_allow(dfa, state)); in compute_perms()
213 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in compute_perms()
214 perms.quiet = map_old_perms(dfa_other_quiet(dfa, state)); in compute_perms()
215 perms.xindex = dfa_other_xindex(dfa, state); in compute_perms()
220 if (ACCEPT_TABLE(dfa)[state] & 0x80000000) in compute_perms()
[all …]
|
| D | policy_unpack.c | 303 static bool verify_accept(struct aa_dfa *dfa, int flags) in verify_accept() argument
308 for (i = 0; i < dfa->tables[YYTD_ID_ACCEPT]->td_lolen; i++) { in verify_accept()
309 int mode = ACCEPT_TABLE(dfa)[i]; in verify_accept()
314 if (ACCEPT_TABLE2(dfa)[i] & ~DFA_VALID_PERM2_MASK) in verify_accept()
330 struct aa_dfa *dfa = NULL; in unpack_dfa() local
349 dfa = aa_dfa_unpack(blob + pad, size - pad, flags); in unpack_dfa()
351 if (IS_ERR(dfa)) in unpack_dfa()
352 return dfa; in unpack_dfa()
354 if (!verify_accept(dfa, flags)) in unpack_dfa()
358 return dfa; in unpack_dfa()
[all …]
|
| D | domain.c | 108 } else if (!profile->file.dfa) { in change_profile_perms()
112 aa_str_perms(profile->file.dfa, start, name, &cond, &perms); in change_profile_perms()
118 state = aa_dfa_match(profile->file.dfa, start, ns->base.name); in change_profile_perms()
119 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); in change_profile_perms()
120 aa_str_perms(profile->file.dfa, state, name, &cond, &perms); in change_profile_perms()
398 state = aa_str_perms(profile->file.dfa, state, name, &cond, &perms); in apparmor_bprm_set_creds()
409 state = aa_dfa_null_transition(profile->file.dfa, state); in apparmor_bprm_set_creds()
|
| D | policy.c | 610 aa_put_dfa(profile->policy.dfa); in aa_free_profile()
|
| /linux-4.4.14/security/apparmor/include/ |
| D | file.h | 131 #define dfa_user_allow(dfa, state) (((ACCEPT_TABLE(dfa)[state]) & 0x7f) | \ argument
132 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
133 #define dfa_user_audit(dfa, state) ((ACCEPT_TABLE2(dfa)[state]) & 0x7f) argument
134 #define dfa_user_quiet(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 7) & 0x7f) argument
135 #define dfa_user_xindex(dfa, state) \ argument
136 (dfa_map_xindex(ACCEPT_TABLE(dfa)[state] & 0x3fff))
138 #define dfa_other_allow(dfa, state) ((((ACCEPT_TABLE(dfa)[state]) >> 14) & \ argument
140 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
141 #define dfa_other_audit(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 14) & 0x7f) argument
142 #define dfa_other_quiet(dfa, state) \ argument
[all …]
|
| D | match.h | 120 unsigned int aa_dfa_match_len(struct aa_dfa *dfa, unsigned int start,
122 unsigned int aa_dfa_match(struct aa_dfa *dfa, unsigned int start,
124 unsigned int aa_dfa_next(struct aa_dfa *dfa, unsigned int state,
135 static inline void aa_put_dfa(struct aa_dfa *dfa) in aa_put_dfa() argument
137 if (dfa) in aa_put_dfa()
138 kref_put(&dfa->count, aa_dfa_free_kref); in aa_put_dfa()
|
| D | apparmor.h | 108 static inline unsigned int aa_dfa_null_transition(struct aa_dfa *dfa, in aa_dfa_null_transition() argument
112 return aa_dfa_next(dfa, start, 0); in aa_dfa_null_transition()
|
| D | policy.h | 149 struct aa_dfa *dfa; member
|
| /linux-4.4.14/arch/mips/include/asm/octeon/ |
| D | cvmx-ciu2-defs.h | 852 uint64_t dfa:1; member
894 uint64_t dfa:1;
910 uint64_t dfa:1; member
948 uint64_t dfa:1;
967 uint64_t dfa:1; member
1009 uint64_t dfa:1;
1025 uint64_t dfa:1; member
1063 uint64_t dfa:1;
1082 uint64_t dfa:1; member
1124 uint64_t dfa:1;
[all …]
|
| D | cvmx-ciu-defs.h | 311 uint64_t dfa:1; member
325 uint64_t dfa:1;
391 uint64_t dfa:1; member
405 uint64_t dfa:1;
467 uint64_t dfa:1; member
481 uint64_t dfa:1;
550 uint64_t dfa:1; member
564 uint64_t dfa:1;
2401 uint64_t dfa:1; member
2437 uint64_t dfa:1;
[all …]
|
| D | cvmx-npi-defs.h | 2457 uint64_t dfa:1; member
2471 uint64_t dfa:1;
2526 uint64_t dfa:1; member
2540 uint64_t dfa:1;
2598 uint64_t dfa:1; member
2612 uint64_t dfa:1;
2666 uint64_t dfa:1; member
2680 uint64_t dfa:1;
|
| D | cvmx-npei-defs.h | 3983 uint64_t dfa:1; member
3997 uint64_t dfa:1;
|