| /linux-6.15/security/apparmor/include/ |
| H A D | file.h | 24 #define mask_mode_t(X) (X & (MAY_EXEC | MAY_WRITE | MAY_READ | MAY_APPEND))
26 #define AA_AUDIT_FILE_MASK (MAY_READ | MAY_WRITE | MAY_EXEC | MAY_APPEND |\
|
| H A D | perms.h | 16 #define AA_MAY_EXEC MAY_EXEC
|
| /linux-6.15/security/integrity/ima/ |
| H A D | ima_main.c | 469 0, MAY_EXEC, MMAP_CHECK_REQPROT); in ima_file_mmap()
476 0, MAY_EXEC, MMAP_CHECK); in ima_file_mmap()
517 current_cred(), &prop, MAY_EXEC, MMAP_CHECK, in ima_file_mprotect()
520 current_cred(), &prop, MAY_EXEC, in ima_file_mprotect()
561 &prop, NULL, 0, MAY_EXEC, BPRM_CHECK); in ima_bprm_check()
567 MAY_EXEC, CREDS_CHECK); in ima_bprm_check()
614 mask & (MAY_READ | MAY_WRITE | MAY_EXEC | in ima_file_check()
|
| H A D | ima_policy.c | 167 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
169 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
179 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
181 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
1554 entry->mask = MAY_EXEC; in ima_parse_rule()
2113 if (entry->mask & MAY_EXEC) in ima_policy_show()
|
| /linux-6.15/fs/coda/ |
| H A D | pioctl.c | 47 return (mask & MAY_EXEC) ? -EACCES : 0; in coda_ioctl_permission()
|
| H A D | dir.c | 84 mask &= MAY_READ | MAY_WRITE | MAY_EXEC; in coda_permission()
89 if ((mask & MAY_EXEC) && !execute_ok(inode)) in coda_permission()
|
| /linux-6.15/fs/afs/ |
| H A D | security.c | 441 if (mask & (MAY_EXEC | MAY_READ | MAY_CHDIR)) { in afs_permission()
453 if ((mask & MAY_EXEC) && !(inode->i_mode & S_IXUSR)) in afs_permission()
455 if (mask & (MAY_EXEC | MAY_READ)) { in afs_permission()
|
| /linux-6.15/fs/ |
| H A D | init.c | 52 error = path_permission(&path, MAY_EXEC | MAY_CHDIR); in init_chdir()
67 error = path_permission(&path, MAY_EXEC | MAY_CHDIR); in init_chroot()
|
| H A D | open.c | 495 if ((mode & MAY_EXEC) && S_ISREG(inode->i_mode)) { in do_faccessat()
561 error = path_permission(&path, MAY_EXEC | MAY_CHDIR); in SYSCALL_DEFINE1()
588 error = file_permission(fd_file(f), MAY_EXEC | MAY_CHDIR); in SYSCALL_DEFINE1()
604 error = path_permission(&path, MAY_EXEC | MAY_CHDIR); in SYSCALL_DEFINE1()
|
| H A D | namei.c | 491 mask &= MAY_READ | MAY_WRITE | MAY_EXEC; in generic_permission()
501 if (!(mask & MAY_EXEC) || (inode->i_mode & S_IXUGO)) in generic_permission()
1845 err = inode_permission(idmap, nd->inode, mask | MAY_EXEC); in may_lookup()
1860 return inode_permission(idmap, nd->inode, MAY_EXEC); in may_lookup()
2900 return inode_permission(idmap, base->d_inode, MAY_EXEC); in lookup_one_common()
3179 error = inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC); in may_delete()
3223 return inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC); in may_create()
3448 if (acc_mode & MAY_EXEC) in may_open()
3458 if (acc_mode & MAY_EXEC) in may_open()
3463 if ((acc_mode & MAY_EXEC) && path_noexec(path)) in may_open()
[all …]
|
| H A D | exec.c | 133 .acc_mode = MAY_READ | MAY_EXEC, in SYSCALL_DEFINE1()
880 .acc_mode = MAY_EXEC, in do_open_execat()
1671 err = inode_permission(idmap, inode, MAY_EXEC); in bprm_fill_uid()
|
| H A D | posix_acl.c | 383 want &= MAY_READ | MAY_WRITE | MAY_EXEC; in posix_acl_permission()
|
| /linux-6.15/security/apparmor/ |
| H A D | domain.c | 340 if (!(perm & MAY_EXEC)) { in aa_xattrs_match()
426 if (perm & MAY_EXEC) { in find_attach()
676 if (perms.allow & MAY_EXEC) { in profile_transition()
686 perms.allow &= ~MAY_EXEC; in profile_transition()
725 aa_audit_file(subj_cred, profile, &perms, OP_EXEC, MAY_EXEC, name, in profile_transition()
984 OP_EXEC, MAY_EXEC, in apparmor_bprm_creds_for_exec()
|
| H A D | file.c | 384 } else if ((lperms.allow & MAY_EXEC) && in profile_path_link()
386 lperms.allow &= ~MAY_EXEC; in profile_path_link()
387 request |= MAY_EXEC; in profile_path_link()
|
| /linux-6.15/Documentation/ABI/testing/ |
| H A D | ima_policy | 40 [[^]MAY_EXEC]
115 measure func=FILE_MMAP mask=MAY_EXEC
|
| /linux-6.15/fs/configfs/ |
| H A D | symlink.c | 200 MAY_WRITE | MAY_EXEC); in configfs_symlink()
|
| /linux-6.15/fs/gfs2/ |
| H A D | inode.c | 335 error = gfs2_permission(&nop_mnt_idmap, dir, MAY_EXEC); in gfs2_lookupi()
366 MAY_WRITE | MAY_EXEC); in create_ok()
980 error = gfs2_permission(&nop_mnt_idmap, dir, MAY_WRITE | MAY_EXEC); in gfs2_link()
1096 MAY_WRITE | MAY_EXEC); in gfs2_unlink_ok()
1523 MAY_WRITE | MAY_EXEC); in gfs2_rename()
|
| /linux-6.15/security/smack/ |
| H A D | smack.h | 249 #define MAY_ANYREAD (MAY_READ | MAY_EXEC)
|
| H A D | smack_access.c | 295 if (access & MAY_EXEC) in smack_str_from_perm()
|
| /linux-6.15/fs/bcachefs/ |
| H A D | fs-ioctl.c | 283 dir, MAY_WRITE | MAY_EXEC); in bch2_ioctl_subvolume_create()
|
| /linux-6.15/fs/nfs/ |
| H A D | dir.c | 3230 mask |= MAY_EXEC; in nfs_access_calc_mask()
3235 mask |= MAY_EXEC; in nfs_access_calc_mask()
3286 if ((mask & ~cache_mask & (MAY_READ | MAY_WRITE | MAY_EXEC)) != 0) in nfs_do_access()
3299 mask = MAY_EXEC; in nfs_open_permission_mask()
3342 if ((mask & (MAY_READ | MAY_WRITE | MAY_EXEC)) == 0) in nfs_permission()
3371 if (!res && (mask & MAY_EXEC)) in nfs_permission()
|
| /linux-6.15/fs/nfsd/ |
| H A D | nfsfh.c | 44 d_inode(parent), MAY_EXEC); in nfsd_acceptable()
|
| /linux-6.15/fs/proc/ |
| H A D | proc_sysctl.c | 431 if ((op & ~mode & (MAY_READ|MAY_WRITE|MAY_EXEC)) == 0) in test_perm()
805 if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) in proc_sys_permission()
|
| /linux-6.15/fs/fuse/ |
| H A D | dir.c | 1516 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC); in fuse_access()
1569 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) { in fuse_permission()
1602 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) { in fuse_permission()
|
| /linux-6.15/fs/smb/server/ |
| H A D | vfs.c | 152 if (!inode_permission(idmap, d_inode(dentry), MAY_OPEN | MAY_EXEC)) in ksmbd_vfs_query_maximal_access()
155 if (!inode_permission(idmap, d_inode(dentry->d_parent), MAY_EXEC | MAY_WRITE)) in ksmbd_vfs_query_maximal_access()
|