/security/selinux/include/ |
D | netlabel.h | 29 void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error, 36 u16 family, 40 u16 family, 44 int selinux_netlbl_inet_conn_request(struct request_sock *req, u16 family); 45 void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family); 47 int selinux_netlbl_socket_post_create(struct sock *sk, u16 family); 50 u16 family, 66 u16 family, in selinux_netlbl_err() argument 86 u16 family, in selinux_netlbl_skbuff_getsid() argument 95 u16 family, in selinux_netlbl_skbuff_setsid() argument [all …]
|
D | netnode.h | 22 int sel_netnode_sid(void *addr, u16 family, u32 *sid);
|
D | objsec.h | 95 u16 family; /* address family */ member
|
D | classmap.h | 262 #error New address family defined, please update secclass_map.
|
/security/selinux/ |
D | netlabel.c | 42 u16 family, in selinux_netlbl_sidlookup_cached() argument 52 netlbl_cache_add(skb, family, secattr); in selinux_netlbl_sidlookup_cached() 141 void selinux_netlbl_err(struct sk_buff *skb, u16 family, int error, int gateway) in selinux_netlbl_err() argument 143 netlbl_skbuff_err(skb, family, error, gateway); in selinux_netlbl_err() 189 u16 family, in selinux_netlbl_skbuff_getsid() argument 202 rc = netlbl_skbuff_getattr(skb, family, &secattr); in selinux_netlbl_skbuff_getsid() 204 rc = selinux_netlbl_sidlookup_cached(skb, family, in selinux_netlbl_skbuff_getsid() 226 u16 family, in selinux_netlbl_skbuff_setsid() argument 253 rc = netlbl_skbuff_setattr(skb, family, secattr); in selinux_netlbl_skbuff_setsid() 324 int selinux_netlbl_inet_conn_request(struct request_sock *req, u16 family) in selinux_netlbl_inet_conn_request() argument [all …]
|
D | netnode.c | 103 static struct sel_netnode *sel_netnode_find(const void *addr, u16 family) in sel_netnode_find() argument 108 switch (family) { in sel_netnode_find() 121 if (node->nsec.family == family) in sel_netnode_find() 122 switch (family) { in sel_netnode_find() 149 switch (node->nsec.family) { in sel_netnode_insert() 189 static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid) in sel_netnode_sid_slow() argument 196 node = sel_netnode_find(addr, family); in sel_netnode_sid_slow() 204 switch (family) { in sel_netnode_sid_slow() 222 new->nsec.family = family; in sel_netnode_sid_slow() 249 int sel_netnode_sid(void *addr, u16 family, u32 *sid) in sel_netnode_sid() argument [all …]
|
D | hooks.c | 1187 static inline u16 socket_type_to_security_class(int family, int type, int protocol) in socket_type_to_security_class() argument 1191 switch (family) { in socket_type_to_security_class() 1273 switch (family) { in socket_type_to_security_class() 1333 #error New address family defined, please update this function. in socket_type_to_security_class() 4566 switch (ad->u.net->family) { in selinux_parse_skb() 4616 static int selinux_skb_peerlbl_sid(struct sk_buff *skb, u16 family, u32 *sid) in selinux_skb_peerlbl_sid() argument 4626 err = selinux_netlbl_skbuff_getsid(skb, family, &nlbl_type, &nlbl_sid); in selinux_skb_peerlbl_sid() 4699 static int selinux_socket_create(int family, int type, in selinux_socket_create() argument 4710 secclass = socket_type_to_security_class(family, type, protocol); in selinux_socket_create() 4719 static int selinux_socket_post_create(struct socket *sock, int family, in selinux_socket_post_create() argument [all …]
|
/security/apparmor/ |
D | net.c | 75 if (address_family_names[sa->u.net->family]) in audit_net_cb() 77 address_family_names[sa->u.net->family]); in audit_net_cb() 80 sa->u.net->family); in audit_net_cb() 109 u32 request, u16 family, int type) in aa_profile_af_perm() argument 115 AA_BUG(family >= AF_MAX); in aa_profile_af_perm() 124 buffer[0] = cpu_to_be16(family); in aa_profile_af_perm() 134 int aa_af_perm(struct aa_label *label, const char *op, u32 request, u16 family, in aa_af_perm() argument 138 DEFINE_AUDIT_NET(sa, op, NULL, family, type, protocol); in aa_af_perm() 141 aa_profile_af_perm(profile, &sa, request, family, in aa_af_perm()
|
D | lsm.c | 781 static int apparmor_sk_alloc_security(struct sock *sk, int family, gfp_t flags) in apparmor_sk_alloc_security() argument 828 static int apparmor_socket_create(int family, int type, int protocol, int kern) in apparmor_socket_create() argument 837 error = af_select(family, in apparmor_socket_create() 838 create_perm(label, family, type, protocol), in apparmor_socket_create() 840 family, type, protocol)); in apparmor_socket_create() 856 static int apparmor_socket_post_create(struct socket *sock, int family, in apparmor_socket_post_create() argument
|
/security/tomoyo/ |
D | network.c | 364 const char *family, const u8 protocol, in tomoyo_audit_net_log() argument 367 return tomoyo_supervisor(r, "network %s %s %s %s\n", family, in tomoyo_audit_net_log() 628 u8 family; in tomoyo_sock_family() local 632 family = sk->sk_family; in tomoyo_sock_family() 633 switch (family) { in tomoyo_sock_family() 637 return family; in tomoyo_sock_family() 653 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_listen_permission() local 658 if (!family || (type != SOCK_STREAM && type != SOCK_SEQPACKET)) in tomoyo_socket_listen_permission() 670 if (family == PF_UNIX) in tomoyo_socket_listen_permission() 690 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_connect_permission() local [all …]
|
/security/apparmor/include/ |
D | net.h | 58 .family = (F)}; \ 93 u32 request, u16 family, int type); 94 int aa_af_perm(struct aa_label *label, const char *op, u32 request, u16 family,
|
/security/smack/ |
D | smack_lsm.c | 2261 static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) in smack_sk_alloc_security() argument 2497 ad.a.u.net->family = sap->sin_family; in smk_ipv4_check() 2536 ad.a.u.net->family = PF_INET6; in smk_ipv6_check() 2778 static int smack_socket_post_create(struct socket *sock, int family, in smack_socket_post_create() argument 2795 if (family != PF_INET) in smack_socket_post_create() 3895 static struct smack_known *smack_from_netlbl(const struct sock *sk, u16 family, in smack_from_netlbl() argument 3907 if (netlbl_skbuff_getattr(skb, family, &secattr) == 0) { in smack_from_netlbl() 3910 netlbl_cache_add(skb, family, &skp->smk_netlabel); in smack_from_netlbl() 3931 u16 family = sk->sk_family; in smack_socket_sock_rcv_skb() local 3939 if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP)) in smack_socket_sock_rcv_skb() [all …]
|
/security/safesetid/ |
D | Kconfig | 8 SafeSetID is an LSM module that gates the setid family of syscalls to
|
/security/ |
D | security.c | 2213 int security_socket_create(int family, int type, int protocol, int kern) in security_socket_create() argument 2215 return call_int_hook(socket_create, 0, family, type, protocol, kern); in security_socket_create() 2218 int security_socket_post_create(struct socket *sock, int family, in security_socket_post_create() argument 2221 return call_int_hook(socket_post_create, 0, sock, family, type, in security_socket_post_create() 2307 int security_sk_alloc(struct sock *sk, int family, gfp_t priority) in security_sk_alloc() argument 2309 return call_int_hook(sk_alloc_security, 0, sk, family, priority); in security_sk_alloc()
|
D | lsm_audit.c | 374 switch (a->u.net->family) { in dump_common_audit_data()
|