| /security/selinux/include/ |
| D | netlabel.h | 45 void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family);
46 void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk);
47 int selinux_netlbl_socket_post_create(struct sock *sk, u16 family);
52 int selinux_netlbl_socket_setsockopt(struct socket *sock,
55 int selinux_netlbl_socket_connect(struct sock *sk, struct sockaddr *addr);
56 int selinux_netlbl_socket_connect_locked(struct sock *sk,
101 static inline int selinux_netlbl_conn_setsid(struct sock *sk, in selinux_netlbl_conn_setsid()
117 static inline void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family) in selinux_netlbl_inet_csk_clone()
121 static inline void selinux_netlbl_sctp_sk_clone(struct sock *sk, in selinux_netlbl_sctp_sk_clone()
122 struct sock *newsk) in selinux_netlbl_sctp_sk_clone()
[all …]
|
| D | avc.h | 30 struct sock;
|
| /security/apparmor/ |
| D | lsm.c | 759 static int apparmor_sk_alloc_security(struct sock *sk, int family, gfp_t flags) in apparmor_sk_alloc_security()
775 static void apparmor_sk_free_security(struct sock *sk) in apparmor_sk_free_security()
788 static void apparmor_sk_clone_security(const struct sock *sk, in apparmor_sk_clone_security()
789 struct sock *newsk) in apparmor_sk_clone_security()
829 static int apparmor_socket_post_create(struct socket *sock, int family, in apparmor_socket_post_create() argument
842 if (sock->sk) { in apparmor_socket_post_create()
843 struct aa_sk_ctx *ctx = SK_CTX(sock->sk); in apparmor_socket_post_create()
856 static int apparmor_socket_bind(struct socket *sock, in apparmor_socket_bind() argument
859 AA_BUG(!sock); in apparmor_socket_bind()
860 AA_BUG(!sock->sk); in apparmor_socket_bind()
[all …]
|
| D | net.c | 144 struct sock *sk) in aa_label_sk_perm()
162 int aa_sk_perm(const char *op, u32 request, struct sock *sk) in aa_sk_perm()
180 struct socket *sock) in aa_sock_file_perm() argument
183 AA_BUG(!sock); in aa_sock_file_perm()
184 AA_BUG(!sock->sk); in aa_sock_file_perm()
186 return aa_label_sk_perm(label, op, request, sock->sk); in aa_sock_file_perm()
212 struct common_audit_data *sa, struct sock *sk) in aa_secmark_perm()
245 u32 secid, struct sock *sk) in apparmor_secmark_check()
|
| D | Makefile | 41 quiet_cmd_make-sock = GEN $@
42 cmd_make-sock = echo "static const char *sock_type_names[] = {" >> $@ ;\
110 $(call cmd,make-sock)
|
| D | file.c | 565 struct socket *sock = (struct socket *) file->private_data; in __file_sock_perm() local
568 AA_BUG(!sock); in __file_sock_perm()
575 error = aa_sock_file_perm(label, op, request, sock); in __file_sock_perm()
579 last_error(error, aa_sock_file_perm(flabel, op, request, sock)); in __file_sock_perm()
|
| /security/selinux/ |
| D | netlabel.c | 67 static struct netlbl_lsm_secattr *selinux_netlbl_sock_genattr(struct sock *sk) in selinux_netlbl_sock_genattr()
100 const struct sock *sk, in selinux_netlbl_sock_getattr()
232 struct sock *sk; in selinux_netlbl_skbuff_setsid()
353 void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family) in selinux_netlbl_inet_csk_clone()
371 void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk) in selinux_netlbl_sctp_sk_clone()
389 int selinux_netlbl_socket_post_create(struct sock *sk, u16 family) in selinux_netlbl_socket_post_create()
501 int selinux_netlbl_socket_setsockopt(struct socket *sock, in selinux_netlbl_socket_setsockopt() argument
506 struct sock *sk = sock->sk; in selinux_netlbl_socket_setsockopt()
541 static int selinux_netlbl_socket_connect_helper(struct sock *sk, in selinux_netlbl_socket_connect_helper()
581 int selinux_netlbl_socket_connect_locked(struct sock *sk, in selinux_netlbl_socket_connect_locked()
[all …]
|
| D | hooks.c | 4472 static int sock_has_perm(struct sock *sk, u32 perms) in sock_has_perm()
4510 static int selinux_socket_post_create(struct socket *sock, int family, in selinux_socket_post_create() argument
4514 struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock)); in selinux_socket_post_create()
4530 if (sock->sk) { in selinux_socket_post_create()
4531 sksec = sock->sk->sk_security; in selinux_socket_post_create()
4538 err = selinux_netlbl_socket_post_create(sock->sk, family); in selinux_socket_post_create()
4560 static int selinux_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen) in selinux_socket_bind() argument
4562 struct sock *sk = sock->sk; in selinux_socket_bind()
4694 static int selinux_socket_connect_helper(struct socket *sock, in selinux_socket_connect_helper() argument
4697 struct sock *sk = sock->sk; in selinux_socket_connect_helper()
[all …]
|
| D | netlink.c | 22 static struct sock *selnl;
|
| /security/tomoyo/ |
| D | network.c | 626 static u8 tomoyo_sock_family(struct sock *sk) in tomoyo_sock_family()
650 int tomoyo_socket_listen_permission(struct socket *sock) in tomoyo_socket_listen_permission() argument
653 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_listen_permission()
654 const unsigned int type = sock->type; in tomoyo_socket_listen_permission()
661 const int error = sock->ops->getname(sock, (struct sockaddr *) in tomoyo_socket_listen_permission()
686 int tomoyo_socket_connect_permission(struct socket *sock, in tomoyo_socket_connect_permission() argument
690 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_connect_permission()
691 const unsigned int type = sock->type; in tomoyo_socket_connect_permission()
710 return tomoyo_check_inet_address(addr, addr_len, sock->sk->sk_protocol, in tomoyo_socket_connect_permission()
723 int tomoyo_socket_bind_permission(struct socket *sock, struct sockaddr *addr, in tomoyo_socket_bind_permission() argument
[all …]
|
| D | tomoyo.c | 439 static int tomoyo_socket_listen(struct socket *sock, int backlog) in tomoyo_socket_listen() argument
441 return tomoyo_socket_listen_permission(sock); in tomoyo_socket_listen()
453 static int tomoyo_socket_connect(struct socket *sock, struct sockaddr *addr, in tomoyo_socket_connect() argument
456 return tomoyo_socket_connect_permission(sock, addr, addr_len); in tomoyo_socket_connect()
468 static int tomoyo_socket_bind(struct socket *sock, struct sockaddr *addr, in tomoyo_socket_bind() argument
471 return tomoyo_socket_bind_permission(sock, addr, addr_len); in tomoyo_socket_bind()
483 static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg, in tomoyo_socket_sendmsg() argument
486 return tomoyo_socket_sendmsg_permission(sock, msg, size); in tomoyo_socket_sendmsg()
|
| D | common.h | 996 int tomoyo_socket_bind_permission(struct socket *sock, struct sockaddr *addr,
998 int tomoyo_socket_connect_permission(struct socket *sock,
1000 int tomoyo_socket_listen_permission(struct socket *sock);
1001 int tomoyo_socket_sendmsg_permission(struct socket *sock, struct msghdr *msg,
|
| /security/ |
| D | security.c | 1905 int security_netlink_send(struct sock *sk, struct sk_buff *skb) in security_netlink_send()
1962 int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk) in security_unix_stream_connect() argument
1964 return call_int_hook(unix_stream_connect, 0, sock, other, newsk); in security_unix_stream_connect()
1968 int security_unix_may_send(struct socket *sock, struct socket *other) in security_unix_may_send() argument
1970 return call_int_hook(unix_may_send, 0, sock, other); in security_unix_may_send()
1979 int security_socket_post_create(struct socket *sock, int family, in security_socket_post_create() argument
1982 return call_int_hook(socket_post_create, 0, sock, family, type, in security_socket_post_create()
1992 int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen) in security_socket_bind() argument
1994 return call_int_hook(socket_bind, 0, sock, address, addrlen); in security_socket_bind()
1997 int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen) in security_socket_connect() argument
[all …]
|
| D | lsm_audit.c | 319 struct sock *sk = a->u.net->sk; in dump_common_audit_data()
|
| /security/smack/ |
| D | smack_lsm.c | 1441 struct socket *sock; in smack_inode_getsecurity() local
1456 sock = SOCKET_I(ip); in smack_inode_getsecurity()
1457 if (sock == NULL || sock->sk == NULL) in smack_inode_getsecurity()
1460 ssp = sock->sk->sk_security; in smack_inode_getsecurity()
1830 struct socket *sock; in smack_file_receive() local
1841 sock = SOCKET_I(inode); in smack_file_receive()
1842 ssp = sock->sk->sk_security; in smack_file_receive()
2246 static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) in smack_sk_alloc_security()
2278 static void smack_sk_free_security(struct sock *sk) in smack_sk_free_security()
2410 static int smack_netlabel(struct sock *sk, int labeled) in smack_netlabel()
[all …]
|
| D | smack_netfilter.c | 27 struct sock *sk = skb_to_full_sk(skb); in smack_ipv6_output()
45 struct sock *sk = skb_to_full_sk(skb); in smack_ipv4_output()
|
| D | smack.h | 170 struct sock *smk_sock; /* socket initialized on */
489 struct sock *sk) in smk_ad_setfield_u_net_sk()
521 struct sock *sk) in smk_ad_setfield_u_net_sk()
|
| /security/apparmor/include/ |
| D | net.h | 99 struct sock *sk) in aa_profile_af_sk_perm()
104 int aa_sk_perm(const char *op, u32 request, struct sock *sk);
107 struct socket *sock);
110 u32 secid, struct sock *sk);
|
| D | audit.h | 135 struct sock *peer_sk;
|
| /security/selinux/ss/ |
| D | mls.h | 58 bool sock);
|
| D | mls.c | 493 bool sock) in mls_compute_sid() argument
536 if ((tclass == p->process_class) || (sock == true)) in mls_compute_sid()
|
| D | services.c | 1702 bool sock; in security_compute_sid() local
1722 sock = security_is_socket_class(orig_tclass); in security_compute_sid()
1725 sock = security_is_socket_class(map_class(&state->ss->map, in security_compute_sid()
1774 if ((tclass == policydb->process_class) || (sock == true)) in security_compute_sid()
1786 if ((tclass == policydb->process_class) || (sock == true)) { in security_compute_sid()
1841 &newcontext, sock); in security_compute_sid()
|