lsm 149 fs/proc/base.c { .lsm = LSM }) lsm 2542 fs/proc/base.c length = security_getprocattr(task, PROC_I(inode)->op.lsm, lsm 2596 fs/proc/base.c rv = security_setprocattr(PROC_I(inode)->op.lsm, lsm 81 fs/proc/internal.h const char *lsm; lsm 2073 include/linux/lsm_hooks.h char *lsm; lsm 2101 include/linux/lsm_hooks.h char *lsm); lsm 2123 include/linux/lsm_hooks.h #define DEFINE_LSM(lsm) \ lsm 2124 include/linux/lsm_hooks.h static struct lsm_info __lsm_##lsm \ lsm 2128 include/linux/lsm_hooks.h #define DEFINE_EARLY_LSM(lsm) \ lsm 2129 include/linux/lsm_hooks.h static struct lsm_info __early_lsm_##lsm \ lsm 434 include/linux/security.h int security_getprocattr(struct task_struct *p, const char *lsm, char *name, lsm 436 include/linux/security.h int security_setprocattr(const char *lsm, const char *name, void *value, lsm 1217 include/linux/security.h static inline int security_getprocattr(struct task_struct *p, const char *lsm, lsm 1223 include/linux/security.h static inline int security_setprocattr(const char *lsm, char *name, lsm 80 security/integrity/ima/ima_policy.c } lsm[MAX_LSM_RULES]; lsm 257 security/integrity/ima/ima_policy.c kfree(entry->lsm[i].rule); lsm 258 security/integrity/ima/ima_policy.c kfree(entry->lsm[i].args_p); lsm 277 security/integrity/ima/ima_policy.c memset(nentry->lsm, 0, FIELD_SIZEOF(struct ima_rule_entry, lsm)); lsm 280 security/integrity/ima/ima_policy.c if (!entry->lsm[i].args_p) lsm 283 security/integrity/ima/ima_policy.c nentry->lsm[i].type = entry->lsm[i].type; lsm 284 security/integrity/ima/ima_policy.c nentry->lsm[i].args_p = kstrdup(entry->lsm[i].args_p, lsm 286 security/integrity/ima/ima_policy.c if (!nentry->lsm[i].args_p) lsm 289 security/integrity/ima/ima_policy.c security_filter_rule_init(nentry->lsm[i].type, lsm 291 security/integrity/ima/ima_policy.c nentry->lsm[i].args_p, lsm 292 security/integrity/ima/ima_policy.c &nentry->lsm[i].rule); lsm 293 security/integrity/ima/ima_policy.c if (!nentry->lsm[i].rule) lsm 295 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 332 security/integrity/ima/ima_policy.c if (entry->lsm[i].args_p) { lsm 417 security/integrity/ima/ima_policy.c if (!rule->lsm[i].rule) { lsm 418 security/integrity/ima/ima_policy.c if (!rule->lsm[i].args_p) lsm 429 security/integrity/ima/ima_policy.c rule->lsm[i].type, lsm 431 security/integrity/ima/ima_policy.c rule->lsm[i].rule); lsm 437 security/integrity/ima/ima_policy.c rule->lsm[i].type, lsm 439 security/integrity/ima/ima_policy.c rule->lsm[i].rule); lsm 814 security/integrity/ima/ima_policy.c if (entry->lsm[lsm_rule].rule) lsm 817 security/integrity/ima/ima_policy.c entry->lsm[lsm_rule].args_p = match_strdup(args); lsm 818 security/integrity/ima/ima_policy.c if (!entry->lsm[lsm_rule].args_p) lsm 821 security/integrity/ima/ima_policy.c entry->lsm[lsm_rule].type = audit_type; lsm 822 security/integrity/ima/ima_policy.c result = security_filter_rule_init(entry->lsm[lsm_rule].type, lsm 824 security/integrity/ima/ima_policy.c entry->lsm[lsm_rule].args_p, lsm 825 security/integrity/ima/ima_policy.c &entry->lsm[lsm_rule].rule); lsm 826 security/integrity/ima/ima_policy.c if (!entry->lsm[lsm_rule].rule) { lsm 828 security/integrity/ima/ima_policy.c (char *)entry->lsm[lsm_rule].args_p); lsm 831 security/integrity/ima/ima_policy.c kfree(entry->lsm[lsm_rule].args_p); lsm 1303 security/integrity/ima/ima_policy.c kfree(entry->lsm[i].args_p); lsm 1474 security/integrity/ima/ima_policy.c if (entry->lsm[i].rule) { lsm 1478 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 1482 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 1486 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 1490 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 1494 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 1498 security/integrity/ima/ima_policy.c (char *)entry->lsm[i].args_p); lsm 64 security/security.c static bool __init is_enabled(struct lsm_info *lsm) lsm 66 security/security.c if (!lsm->enabled) lsm 69 security/security.c return *lsm->enabled; lsm 75 security/security.c static void __init set_enabled(struct lsm_info *lsm, bool enabled) lsm 81 security/security.c if (!lsm->enabled) { lsm 83 security/security.c lsm->enabled = &lsm_enabled_true; lsm 85 security/security.c lsm->enabled = &lsm_enabled_false; lsm 86 security/security.c } else if (lsm->enabled == &lsm_enabled_true) { lsm 88 security/security.c lsm->enabled = &lsm_enabled_false; lsm 89 security/security.c } else if (lsm->enabled == &lsm_enabled_false) { lsm 91 security/security.c lsm->enabled = &lsm_enabled_true; lsm 93 security/security.c *lsm->enabled = enabled; lsm 98 security/security.c static bool __init exists_ordered_lsm(struct lsm_info *lsm) lsm 103 security/security.c if (*check == lsm) lsm 111 security/security.c static void __init append_ordered_lsm(struct lsm_info *lsm, const char *from) lsm 114 security/security.c if (exists_ordered_lsm(lsm)) lsm 121 security/security.c if (!lsm->enabled) lsm 122 security/security.c lsm->enabled = &lsm_enabled_true; lsm 123 security/security.c ordered_lsms[last_lsm++] = lsm; lsm 125 security/security.c init_debug("%s ordering: %s (%sabled)\n", from, lsm->name, lsm 126 security/security.c is_enabled(lsm) ? "en" : "dis"); lsm 130 security/security.c static bool __init lsm_allowed(struct lsm_info *lsm) lsm 133 security/security.c if (!is_enabled(lsm)) lsm 137 security/security.c if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && exclusive) { lsm 138 security/security.c init_debug("exclusive disabled: %s\n", lsm->name); lsm 176 security/security.c static void __init prepare_lsm(struct lsm_info *lsm) lsm 178 security/security.c int enabled = lsm_allowed(lsm); lsm 181 security/security.c set_enabled(lsm, enabled); lsm 185 security/security.c if ((lsm->flags & LSM_FLAG_EXCLUSIVE) && !exclusive) { lsm 186 security/security.c exclusive = lsm; lsm 187 security/security.c init_debug("exclusive chosen: %s\n", lsm->name); lsm 190 security/security.c lsm_set_blob_sizes(lsm->blobs); lsm 195 security/security.c static void __init initialize_lsm(struct lsm_info *lsm) lsm 197 security/security.c if (is_enabled(lsm)) { lsm 200 security/security.c init_debug("initializing %s\n", lsm->name); lsm 201 security/security.c ret = lsm->init(); lsm 202 security/security.c WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); lsm 209 security/security.c struct lsm_info *lsm; lsm 213 security/security.c for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { lsm 214 security/security.c if (lsm->order == LSM_ORDER_FIRST) lsm 215 security/security.c append_ordered_lsm(lsm, "first"); lsm 245 security/security.c for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { lsm 246 security/security.c if (lsm->order == LSM_ORDER_MUTABLE && lsm 247 security/security.c strcmp(lsm->name, name) == 0) { lsm 248 security/security.c append_ordered_lsm(lsm, origin); lsm 259 security/security.c for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { lsm 260 security/security.c if (exists_ordered_lsm(lsm)) lsm 262 security/security.c if (strcmp(lsm->name, chosen_major_lsm) == 0) lsm 263 security/security.c append_ordered_lsm(lsm, "security="); lsm 268 security/security.c for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { lsm 269 security/security.c if (exists_ordered_lsm(lsm)) lsm 271 security/security.c set_enabled(lsm, false); lsm 272 security/security.c init_debug("%s disabled: %s\n", origin, lsm->name); lsm 285 security/security.c struct lsm_info **lsm; lsm 299 security/security.c for (lsm = ordered_lsms; *lsm; lsm++) lsm 300 security/security.c prepare_lsm(*lsm); lsm 323 security/security.c for (lsm = ordered_lsms; *lsm; lsm++) lsm 324 security/security.c initialize_lsm(*lsm); lsm 333 security/security.c struct lsm_info *lsm; lsm 339 security/security.c for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { lsm 340 security/security.c if (!lsm->enabled) lsm 341 security/security.c lsm->enabled = &lsm_enabled_true; lsm 342 security/security.c prepare_lsm(lsm); lsm 343 security/security.c initialize_lsm(lsm); lsm 356 security/security.c struct lsm_info *lsm; lsm 364 security/security.c for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { lsm 365 security/security.c if (lsm->enabled) lsm 366 security/security.c lsm_append(lsm->name, &lsm_names); lsm 399 security/security.c static bool match_last_lsm(const char *list, const char *lsm) lsm 403 security/security.c if (WARN_ON(!list || !lsm)) lsm 411 security/security.c return !strcmp(last, lsm); lsm 444 security/security.c char *lsm) lsm 449 security/security.c hooks[i].lsm = lsm; lsm 458 security/security.c if (lsm_append(lsm, &lsm_names) < 0) lsm 1878 security/security.c int security_getprocattr(struct task_struct *p, const char *lsm, char *name, lsm 1884 security/security.c if (lsm != NULL && strcmp(lsm, hp->lsm)) lsm 1891 security/security.c int security_setprocattr(const char *lsm, const char *name, void *value, lsm 1897 security/security.c if (lsm != NULL && strcmp(lsm, hp->lsm))