14  * AppArmor allocates a unique secid for every label used. If a label
15  * is replaced it receives the secid of the label it is replacing.
28 #include "include/label.h"
32  * secids - do not pin labels with a refcount. They rely on the label
44  * TODO: use secid_update in label replace
48  * aa_secid_update - update a secid mapping to a new label
50  * @label: label the secid will now map to
52 void aa_secid_update(u32 secid, struct aa_label *label)  in aa_secid_update()  argument
57 	idr_replace(&aa_secids, label, secid);  in aa_secid_update()
63  * see label for inverse aa_label_to_secid
67 	struct aa_label *label;  in aa_secid_to_label()  local
70 	label = idr_find(&aa_secids, secid);  in aa_secid_to_label()
73 	return label;  in aa_secid_to_label()
79 	struct aa_label *label = aa_secid_to_label(secid);  in apparmor_secid_to_secctx()  local
84 	if (!label)  in apparmor_secid_to_secctx()
88 		len = aa_label_asxprint(secdata, root_ns, label,  in apparmor_secid_to_secctx()
93 		len = aa_label_snxprint(NULL, 0, root_ns, label,  in apparmor_secid_to_secctx()
106 	struct aa_label *label;  in apparmor_secctx_to_secid()  local
108 	label = aa_label_strn_parse(&root_ns->unconfined->label, secdata,  in apparmor_secctx_to_secid()
110 	if (IS_ERR(label))  in apparmor_secctx_to_secid()
111 		return PTR_ERR(label);  in apparmor_secctx_to_secid()
112 	*secid = label->secid;  in apparmor_secctx_to_secid()
124  * @label: the label to allocate a secid for
127  * Returns: 0 with @label->secid initialized
128  *          <0 returns error with @label->secid set to AA_SECID_INVALID
130 int aa_alloc_secid(struct aa_label *label, gfp_t gfp)  in aa_alloc_secid()  argument
137 	ret = idr_alloc(&aa_secids, label, AA_FIRST_SECID, 0, GFP_ATOMIC);  in aa_alloc_secid()
142 		label->secid = AA_SECID_INVALID;  in aa_alloc_secid()
147 	label->secid = ret;  in aa_alloc_secid()