| /security/selinux/ |
| D | netlabel.c | 68 static struct netlbl_lsm_secattr *selinux_netlbl_sock_genattr(struct sock *sk) in selinux_netlbl_sock_genattr() argument
71 struct sk_security_struct *sksec = sk->sk_security; in selinux_netlbl_sock_genattr()
101 const struct sock *sk, in selinux_netlbl_sock_getattr() argument
104 struct sk_security_struct *sksec = sk->sk_security; in selinux_netlbl_sock_getattr()
233 struct sock *sk; in selinux_netlbl_skbuff_setsid() local
237 sk = skb_to_full_sk(skb); in selinux_netlbl_skbuff_setsid()
238 if (sk != NULL) { in selinux_netlbl_skbuff_setsid()
239 struct sk_security_struct *sksec = sk->sk_security; in selinux_netlbl_skbuff_setsid()
243 secattr = selinux_netlbl_sock_getattr(sk, sid); in selinux_netlbl_skbuff_setsid()
277 struct sk_security_struct *sksec = asoc->base.sk->sk_security; in selinux_netlbl_sctp_assoc_request()
[all …]
|
| D | hooks.c | 4593 static int sock_has_perm(struct sock *sk, u32 perms) in sock_has_perm() argument
4595 struct sk_security_struct *sksec = sk->sk_security; in sock_has_perm()
4604 ad.u.net->sk = sk; in sock_has_perm()
4651 if (sock->sk) { in selinux_socket_post_create()
4652 sksec = sock->sk->sk_security; in selinux_socket_post_create()
4659 err = selinux_netlbl_socket_post_create(sock->sk, family); in selinux_socket_post_create()
4668 struct sk_security_struct *sksec_a = socka->sk->sk_security; in selinux_socket_socketpair()
4669 struct sk_security_struct *sksec_b = sockb->sk->sk_security; in selinux_socket_socketpair()
4683 struct sock *sk = sock->sk; in selinux_socket_bind() local
4684 struct sk_security_struct *sksec = sk->sk_security; in selinux_socket_bind()
[all …]
|
| /security/selinux/include/ |
| D | netlabel.h | 45 void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family);
46 void selinux_netlbl_sctp_sk_clone(struct sock *sk, struct sock *newsk);
47 int selinux_netlbl_socket_post_create(struct sock *sk, u16 family);
55 int selinux_netlbl_socket_connect(struct sock *sk, struct sockaddr *addr);
56 int selinux_netlbl_socket_connect_locked(struct sock *sk,
111 static inline void selinux_netlbl_inet_csk_clone(struct sock *sk, u16 family) in selinux_netlbl_inet_csk_clone() argument
115 static inline void selinux_netlbl_sctp_sk_clone(struct sock *sk, in selinux_netlbl_sctp_sk_clone() argument
120 static inline int selinux_netlbl_socket_post_create(struct sock *sk, in selinux_netlbl_socket_post_create() argument
138 static inline int selinux_netlbl_socket_connect(struct sock *sk, in selinux_netlbl_socket_connect() argument
143 static inline int selinux_netlbl_socket_connect_locked(struct sock *sk, in selinux_netlbl_socket_connect_locked() argument
|
| /security/apparmor/ |
| D | net.c | 146 struct sock *sk) in aa_label_sk_perm() argument
148 struct aa_sk_ctx *ctx = SK_CTX(sk); in aa_label_sk_perm()
152 AA_BUG(!sk); in aa_label_sk_perm()
156 DEFINE_AUDIT_SK(sa, op, sk); in aa_label_sk_perm()
159 aa_profile_af_sk_perm(profile, &sa, request, sk)); in aa_label_sk_perm()
165 int aa_sk_perm(const char *op, u32 request, struct sock *sk) in aa_sk_perm() argument
170 AA_BUG(!sk); in aa_sk_perm()
175 error = aa_label_sk_perm(label, op, request, sk); in aa_sk_perm()
187 AA_BUG(!sock->sk); in aa_sock_file_perm()
189 return aa_label_sk_perm(label, op, request, sock->sk); in aa_sock_file_perm()
[all …]
|
| D | lsm.c | 808 static int apparmor_sk_alloc_security(struct sock *sk, int family, gfp_t flags) in apparmor_sk_alloc_security() argument
816 SK_CTX(sk) = ctx; in apparmor_sk_alloc_security()
824 static void apparmor_sk_free_security(struct sock *sk) in apparmor_sk_free_security() argument
826 struct aa_sk_ctx *ctx = SK_CTX(sk); in apparmor_sk_free_security()
828 SK_CTX(sk) = NULL; in apparmor_sk_free_security()
837 static void apparmor_sk_clone_security(const struct sock *sk, in apparmor_sk_clone_security() argument
840 struct aa_sk_ctx *ctx = SK_CTX(sk); in apparmor_sk_clone_security()
893 if (sock->sk) { in apparmor_socket_post_create()
894 struct aa_sk_ctx *ctx = SK_CTX(sock->sk); in apparmor_socket_post_create()
911 AA_BUG(!sock->sk); in apparmor_socket_bind()
[all …]
|
| /security/apparmor/include/ |
| D | net.h | 57 struct lsm_network_audit NAME ## _net = { .sk = (SK), \
99 struct sock *sk) in aa_profile_af_sk_perm() argument
101 return aa_profile_af_perm(profile, sa, request, sk->sk_family, in aa_profile_af_sk_perm()
102 sk->sk_type); in aa_profile_af_sk_perm()
104 int aa_sk_perm(const char *op, u32 request, struct sock *sk);
110 u32 secid, const struct sock *sk);
|
| /security/smack/ |
| D | smack_netfilter.c | 25 struct sock *sk = skb_to_full_sk(skb); in smack_ip_output() local
29 if (sk && sk->sk_security) { in smack_ip_output()
30 ssp = sk->sk_security; in smack_ip_output()
|
| D | smack_lsm.c | 1500 if (sock == NULL || sock->sk == NULL) in smack_inode_getsecurity()
1503 ssp = sock->sk->sk_security; in smack_inode_getsecurity()
1891 ssp = sock->sk->sk_security; in smack_file_receive()
2308 static int smack_sk_alloc_security(struct sock *sk, int family, gfp_t gfp_flags) in smack_sk_alloc_security() argument
2329 sk->sk_security = ssp; in smack_sk_alloc_security()
2340 static void smack_sk_free_security(struct sock *sk) in smack_sk_free_security() argument
2345 if (sk->sk_family == PF_INET6) { in smack_sk_free_security()
2348 if (spp->smk_sock != sk) in smack_sk_free_security()
2356 kfree(sk->sk_security); in smack_sk_free_security()
2366 static void smack_sk_clone_security(const struct sock *sk, struct sock *newsk) in smack_sk_clone_security() argument
[all …]
|
| D | smack.h | 472 struct sock *sk) in smk_ad_setfield_u_net_sk() argument
474 a->a.u.net->sk = sk; in smk_ad_setfield_u_net_sk()
500 struct sock *sk) in smk_ad_setfield_u_net_sk() argument
|
| /security/ |
| D | lsm_audit.c | 310 if (a->u.net->sk) { in dump_common_audit_data()
311 const struct sock *sk = a->u.net->sk; in dump_common_audit_data() local
317 switch (sk->sk_family) { in dump_common_audit_data()
319 struct inet_sock *inet = inet_sk(sk); in dump_common_audit_data()
331 struct inet_sock *inet = inet_sk(sk); in dump_common_audit_data()
333 print_ipv6_addr(ab, &sk->sk_v6_rcv_saddr, in dump_common_audit_data()
336 print_ipv6_addr(ab, &sk->sk_v6_daddr, in dump_common_audit_data()
343 u = unix_sk(sk); in dump_common_audit_data()
|
| D | security.c | 2126 int security_netlink_send(struct sock *sk, struct sk_buff *skb) in security_netlink_send() argument
2128 return call_int_hook(netlink_send, 0, sk, skb); in security_netlink_send()
2309 int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) in security_sock_rcv_skb() argument
2311 return call_int_hook(socket_sock_rcv_skb, 0, sk, skb); in security_sock_rcv_skb()
2329 int security_sk_alloc(struct sock *sk, int family, gfp_t priority) in security_sk_alloc() argument
2331 return call_int_hook(sk_alloc_security, 0, sk, family, priority); in security_sk_alloc()
2334 void security_sk_free(struct sock *sk) in security_sk_free() argument
2336 call_void_hook(sk_free_security, sk); in security_sk_free()
2339 void security_sk_clone(const struct sock *sk, struct sock *newsk) in security_sk_clone() argument
2341 call_void_hook(sk_clone_security, sk, newsk); in security_sk_clone()
[all …]
|
| /security/tomoyo/ |
| D | network.c | 626 static u8 tomoyo_sock_family(struct sock *sk) in tomoyo_sock_family() argument
632 family = sk->sk_family; in tomoyo_sock_family()
653 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_listen_permission()
690 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_connect_permission()
710 return tomoyo_check_inet_address(addr, addr_len, sock->sk->sk_protocol, in tomoyo_socket_connect_permission()
727 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_bind_permission()
745 return tomoyo_check_inet_address(addr, addr_len, sock->sk->sk_protocol, in tomoyo_socket_bind_permission()
762 const u8 family = tomoyo_sock_family(sock->sk); in tomoyo_socket_sendmsg_permission()
776 sock->sk->sk_protocol, &address); in tomoyo_socket_sendmsg_permission()
|