| /linux-6.15/security/ |
| H A D | security.c | 169 if (!lsm->enabled) in is_enabled()
332 for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { in ordered_lsm_parse()
364 for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { in ordered_lsm_parse()
379 for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { in ordered_lsm_parse()
388 for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { in ordered_lsm_parse()
394 for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { in ordered_lsm_parse()
441 for (lsm = ordered_lsms; *lsm; lsm++) in report_lsm_order()
462 for (lsm = ordered_lsms; *lsm; lsm++) in ordered_lsm_init()
498 for (lsm = ordered_lsms; *lsm; lsm++) in ordered_lsm_init()
506 for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { in early_security_init()
[all …]
|
| H A D | Kconfig | 282 This can be controlled at boot with the "lsm=" parameter.
|
| /linux-6.15/security/integrity/ima/ |
| H A D | ima_policy.c | 120 } lsm[MAX_LSM_RULES]; member
385 kfree(entry->lsm[i].args_p); in ima_lsm_free_rule()
419 memset(nentry->lsm, 0, sizeof_field(struct ima_rule_entry, lsm)); in ima_lsm_copy_rule()
422 if (!entry->lsm[i].args_p) in ima_lsm_copy_rule()
425 nentry->lsm[i].type = entry->lsm[i].type; in ima_lsm_copy_rule()
426 nentry->lsm[i].args_p = entry->lsm[i].args_p; in ima_lsm_copy_rule()
432 if (!nentry->lsm[i].rule) in ima_lsm_copy_rule()
434 nentry->lsm[i].args_p); in ima_lsm_copy_rule()
468 if (entry->lsm[i].args_p) in ima_rule_contains_lsm_cond()
2084 if (entry->lsm[i].args_p && !entry->lsm[i].rule) { in ima_policy_show()
[all …]
|
| /linux-6.15/include/linux/ |
| H A D | lsm_hooks.h | 160 #define DEFINE_LSM(lsm) \ argument
161 static struct lsm_info __lsm_##lsm \
165 #define DEFINE_EARLY_LSM(lsm) \ argument
166 static struct lsm_info __early_lsm_##lsm \
|
| H A D | bpf_types.h | 76 BPF_PROG_TYPE(BPF_PROG_TYPE_LSM, lsm,
|
| /linux-6.15/Documentation/bpf/libbpf/ |
| H A D | program_types.rst | 112 … | ``BPF_LSM_MAC`` | ``lsm+`` [#lsm]_ …
114 … | | ``lsm.s+`` [#lsm]_ …
226 .. [#lsm] The ``lsm`` attachment format is ``lsm[.s]/<hook>``.
|
| /linux-6.15/Documentation/security/ |
| H A D | index.rst | 12 lsm
13 lsm-development
|
| H A D | lsm.rst | 64 An interface `/sys/kernel/security/lsm` reports a comma separated list
|
| /linux-6.15/Documentation/translations/zh_CN/security/ |
| H A D | index.rst | 20 lsm
31 * lsm-development
|
| H A D | lsm.rst | 4 :Original: Documentation/security/lsm.rst
55 /sys/kernel/security/lsm记录了一个以逗号分隔的安全模块列表,这些模块在
|
| /linux-6.15/Documentation/bpf/ |
| H A D | prog_lsm.rst | 61 * ``"lsm/file_mprotect"`` indicates the LSM hook that the program must
67 SEC("lsm/file_mprotect")
134 `tools/testing/selftests/bpf/progs/lsm.c`_ and the corresponding
140 .. _tools/testing/selftests/bpf/progs/lsm.c:
141 …t.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/tools/testing/selftests/bpf/progs/lsm.c
|
| /linux-6.15/security/keys/ |
| H A D | permission.c | 41 goto lsm; in key_task_permission()
89 lsm: in key_task_permission()
|
| /linux-6.15/tools/testing/selftests/bpf/prog_tests/ |
| H A D | test_lsm.c | 55 static int test_lsm(struct lsm *skel) in test_lsm()
101 struct lsm *skel = NULL; in test_lsm_basic()
|
| /linux-6.15/security/safesetid/ |
| H A D | Makefile | 7 safesetid-y := lsm.o securityfs.o
|
| /linux-6.15/Documentation/userspace-api/ |
| H A D | lsm.rst | 72 * Documentation/security/lsm.rst
73 * Documentation/security/lsm-development.rst
|
| H A D | index.rst | 34 lsm
|
| H A D | landlock.rst | 627 enable Landlock by adding ``lsm=landlock,[...]`` to
642 $ sed -n 's/.*\(\<lsm=\S\+\).*/\1/p' /proc/cmdline
643 lsm=lockdown,yama,integrity,apparmor
645 ...we should configure the boot loader to set a cmdline extending the ``lsm``
648 lsm=landlock,lockdown,yama,integrity,apparmor
656 [ 0.000000] Command line: [...] lsm=landlock,lockdown,yama,integrity,apparmor
657 [ 0.000000] Kernel command line: [...] lsm=landlock,lockdown,yama,integrity,apparmor
658 [ 0.000000] LSM: initializing lsm=lockdown,capability,landlock,yama,integrity,apparmor
|
| /linux-6.15/Documentation/ABI/testing/ |
| H A D | ima_policy | 24 condition:= base | lsm [option]
28 lsm: [[subj_user=] [subj_role=] [subj_type=]
49 lsm: are LSM specific
|
| /linux-6.15/security/apparmor/ |
| H A D | Makefile | 7 path.o domain.o policy.o policy_unpack.o procattr.o lsm.o \
|
| /linux-6.15/Documentation/admin-guide/LSM/ |
| H A D | ipe.rst | 382 …CA42B51F68962354BA083122A20BB846F26765076DD8EED7B8F4DB auid=4294967295 ses=4294967295 lsm=ipe res=1
416 | lsm | string | No | The lsm name associated with the event …
426 …CA42B51F68962354BA083122A20BB846F26765076DD8EED7B8F4DB auid=4294967295 ses=4294967295 lsm=ipe res=1
449 | lsm | string | No | The lsm name associated with the event |
460 …): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=ipe res=1
464 …): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=ipe res=1
487 | lsm | string | No | The lsm name associated with the event …
|
| H A D | index.rst | 26 ``/sys/kernel/security/lsm``. This is a comma separated list, and
|
| /linux-6.15/tools/testing/selftests/ |
| H A D | Makefile | 56 TARGETS += lsm
|
| /linux-6.15/Documentation/admin-guide/ |
| H A D | kernel-parameters.txt | 3362 lsm.debug [SECURITY] Enable LSM initialization debugging output.
3364 lsm=lsm1,...,lsmN
6456 "lsm=" parameter.
|
| /linux-6.15/ |
| H A D | MAINTAINERS | 6277 T: git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
13867 T: git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
22051 T: git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
22052 F: include/linux/lsm/
22057 F: include/uapi/linux/lsm.h
22059 F: tools/testing/selftests/lsm/
|