| /security/apparmor/ |
| D | secid.c | 46 void aa_secid_update(u32 secid, struct aa_label *label) in aa_secid_update() argument
51 idr_replace(&aa_secids, label, secid); in aa_secid_update()
59 struct aa_label *aa_secid_to_label(u32 secid) in aa_secid_to_label() argument
64 label = idr_find(&aa_secids, secid); in aa_secid_to_label()
70 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) in apparmor_secid_to_secctx() argument
73 struct aa_label *label = aa_secid_to_label(secid); in apparmor_secid_to_secctx()
98 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) in apparmor_secctx_to_secid() argument
106 *secid = label->secid; in apparmor_secctx_to_secid()
136 label->secid = AA_SECID_INVALID; in aa_alloc_secid()
141 label->secid = ret; in aa_alloc_secid()
[all …]
|
| D | net.c | 197 secmark->secid = AA_SECID_WILDCARD; in apparmor_secmark_init()
208 secmark->secid = label->secid; in apparmor_secmark_init()
213 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, in aa_secmark_perm() argument
223 if (!profile->secmark[i].secid) { in aa_secmark_perm()
229 if (profile->secmark[i].secid == secid || in aa_secmark_perm()
230 profile->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
247 u32 secid, const struct sock *sk) in apparmor_secmark_check() argument
253 aa_secmark_perm(profile, request, secid, in apparmor_secmark_check()
|
| D | Makefile | 8 resource.o secid.o file.o policy_ns.o label.o mount.o net.o
|
| D | lsm.c | 731 static void apparmor_task_getsecid(struct task_struct *p, u32 *secid) in apparmor_task_getsecid() argument
734 *secid = label->secid; in apparmor_task_getsecid()
1132 struct sk_buff *skb, u32 *secid) in apparmor_socket_getpeersec_dgram() argument
|
| D | label.c | 334 aa_free_secid(label->secid); in aa_label_destroy()
|
| /security/apparmor/include/ |
| D | secid.h | 24 struct aa_label *aa_secid_to_label(u32 secid);
25 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
26 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
31 void aa_free_secid(u32 secid);
32 void aa_secid_update(u32 secid, struct aa_label *label);
|
| D | net.h | 85 u32 secid; member
110 u32 secid, const struct sock *sk);
|
| D | label.h | 132 u32 secid; member
|
| /security/integrity/ima/ |
| D | ima_main.c | 203 u32 secid, char *buf, loff_t size, int mask, in process_measurement() argument
228 action = ima_get_action(file_mnt_user_ns(file), inode, cred, secid, in process_measurement()
425 u32 secid; in ima_file_mmap() local
428 security_task_getsecid_subj(current, &secid); in ima_file_mmap()
429 return process_measurement(file, current_cred(), secid, NULL, in ima_file_mmap()
458 u32 secid; in ima_file_mprotect() local
466 security_task_getsecid_subj(current, &secid); in ima_file_mprotect()
469 current_cred(), secid, MAY_EXEC, MMAP_CHECK, in ima_file_mprotect()
505 u32 secid; in ima_bprm_check() local
507 security_task_getsecid_subj(current, &secid); in ima_bprm_check()
[all …]
|
| D | ima.h | 258 const struct cred *cred, u32 secid, int mask,
289 const struct cred *cred, u32 secid, enum ima_hooks func,
440 static inline int ima_filter_rule_match(u32 secid, u32 field, u32 op, in ima_filter_rule_match() argument
|
| D | ima_appraise.c | 74 u32 secid; in ima_must_appraise() local
79 security_task_getsecid_subj(current, &secid); in ima_must_appraise()
80 return ima_match_policy(mnt_userns, inode, current_cred(), secid, in ima_must_appraise()
|
| D | ima_api.c | 189 const struct cred *cred, u32 secid, int mask, in ima_get_action() argument
198 return ima_match_policy(mnt_userns, inode, cred, secid, func, mask, in ima_get_action()
|
| D | ima_policy.c | 537 u32 secid, enum ima_hooks func, int mask, in ima_match_rules() argument
612 rc = ima_filter_rule_match(secid, lsm_rule->lsm[i].type, in ima_match_rules()
691 const struct cred *cred, u32 secid, enum ima_hooks func, in ima_match_policy() argument
710 if (!ima_match_rules(entry, mnt_userns, inode, cred, secid, in ima_match_policy()
|
| /security/ |
| D | security.c | 1480 void security_inode_getsecid(struct inode *inode, u32 *secid) in security_inode_getsecid() argument
1482 call_void_hook(inode_getsecid, inode, secid); in security_inode_getsecid()
1742 void security_cred_getsecid(const struct cred *c, u32 *secid) in security_cred_getsecid() argument
1744 *secid = 0; in security_cred_getsecid()
1745 call_void_hook(cred_getsecid, c, secid); in security_cred_getsecid()
1749 int security_kernel_act_as(struct cred *new, u32 secid) in security_kernel_act_as() argument
1751 return call_int_hook(kernel_act_as, 0, new, secid); in security_kernel_act_as()
1845 void security_task_getsecid_subj(struct task_struct *p, u32 *secid) in security_task_getsecid_subj() argument
1847 *secid = 0; in security_task_getsecid_subj()
1848 call_void_hook(task_getsecid_subj, p, secid); in security_task_getsecid_subj()
[all …]
|
| /security/selinux/ |
| D | xfrm.c | 345 struct xfrm_sec_ctx *polsec, u32 secid) in selinux_xfrm_state_alloc_acquire() argument
355 if (secid == 0) in selinux_xfrm_state_alloc_acquire()
358 rc = security_sid_to_context(&selinux_state, secid, &ctx_str, in selinux_xfrm_state_alloc_acquire()
371 ctx->ctx_sid = secid; in selinux_xfrm_state_alloc_acquire()
|
| D | netlabel.c | 110 (secattr->attr.secid == sid)) in selinux_netlbl_sock_getattr()
286 ep->secid, &secattr); in selinux_netlbl_sctp_assoc_request()
333 rc = security_netlbl_sid_to_secattr(&selinux_state, req->secid, in selinux_netlbl_inet_conn_request()
|
| D | hooks.c | 3579 static void selinux_inode_getsecid(struct inode *inode, u32 *secid) in selinux_inode_getsecid() argument
3582 *secid = isec->sid; in selinux_inode_getsecid()
4110 static void selinux_cred_getsecid(const struct cred *c, u32 *secid) in selinux_cred_getsecid() argument
4112 *secid = cred_sid(c); in selinux_cred_getsecid()
4119 static int selinux_kernel_act_as(struct cred *new, u32 secid) in selinux_kernel_act_as() argument
4126 sid, secid, in selinux_kernel_act_as()
4131 tsec->sid = secid; in selinux_kernel_act_as()
4259 static void selinux_task_getsecid_subj(struct task_struct *p, u32 *secid) in selinux_task_getsecid_subj() argument
4261 *secid = task_sid_subj(p); in selinux_task_getsecid_subj()
4264 static void selinux_task_getsecid_obj(struct task_struct *p, u32 *secid) in selinux_task_getsecid_obj() argument
[all …]
|
| /security/smack/ |
| D | smack_access.c | 527 skp->smk_netlabel.attr.secid = skp->smk_secid; in smack_populate_secattr()
613 struct smack_known *smack_from_secid(const u32 secid) in smack_from_secid() argument
619 if (skp->smk_secid == secid) { in smack_from_secid()
|
| D | smack_lsm.c | 1503 static void smack_inode_getsecid(struct inode *inode, u32 *secid) in smack_inode_getsecid() argument
1507 *secid = skp->smk_secid; in smack_inode_getsecid()
1992 static void smack_cred_getsecid(const struct cred *cred, u32 *secid) in smack_cred_getsecid() argument
1998 *secid = skp->smk_secid; in smack_cred_getsecid()
2009 static int smack_kernel_act_as(struct cred *new, u32 secid) in smack_kernel_act_as() argument
2013 new_tsp->smk_task = smack_from_secid(secid); in smack_kernel_act_as()
2099 static void smack_task_getsecid_subj(struct task_struct *p, u32 *secid) in smack_task_getsecid_subj() argument
2103 *secid = skp->smk_secid; in smack_task_getsecid_subj()
2113 static void smack_task_getsecid_obj(struct task_struct *p, u32 *secid) in smack_task_getsecid_obj() argument
2117 *secid = skp->smk_secid; in smack_task_getsecid_obj()
[all …]
|
| D | smackfs.c | 188 nap->secid = skp->smk_secid; in smk_netlabel_audit_set()
|
| /security/selinux/include/ |
| D | xfrm.h | 23 struct xfrm_sec_ctx *polsec, u32 secid);
|
| /security/selinux/ss/ |
| D | services.c | 3904 *sid = secattr->attr.secid; in security_netlbl_secattr_to_sid()
3982 secattr->attr.secid = sid; in security_netlbl_sid_to_secattr()
|