| /linux/security/apparmor/ |
| A D | secid.c | 46 void aa_secid_update(u32 secid, struct aa_label *label) in aa_secid_update() argument
51 idr_replace(&aa_secids, label, secid); in aa_secid_update()
59 struct aa_label *aa_secid_to_label(u32 secid) in aa_secid_to_label() argument
64 label = idr_find(&aa_secids, secid); in aa_secid_to_label()
70 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) in apparmor_secid_to_secctx() argument
73 struct aa_label *label = aa_secid_to_label(secid); in apparmor_secid_to_secctx()
106 *secid = label->secid; in apparmor_secctx_to_secid()
136 label->secid = AA_SECID_INVALID; in aa_alloc_secid()
141 label->secid = ret; in aa_alloc_secid()
149 void aa_free_secid(u32 secid) in aa_free_secid() argument
[all …]
|
| A D | net.c | 197 secmark->secid = AA_SECID_WILDCARD; in apparmor_secmark_init()
208 secmark->secid = label->secid; in apparmor_secmark_init()
213 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, in aa_secmark_perm() argument
223 if (!profile->secmark[i].secid) { in aa_secmark_perm()
229 if (profile->secmark[i].secid == secid || in aa_secmark_perm()
230 profile->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
247 u32 secid, const struct sock *sk) in apparmor_secmark_check() argument
253 aa_secmark_perm(profile, request, secid, in apparmor_secmark_check()
|
| /linux/net/netfilter/ |
| A D | xt_SECMARK.c | 33 secmark = info->secid; in secmark_tg()
48 info->secid = 0; in checkentry_lsm()
51 &info->secid); in checkentry_lsm()
59 if (!info->secid) { in checkentry_lsm()
65 err = security_secmark_relabel_packet(info->secid); in checkentry_lsm()
129 info->secid = newinfo.secid; in secmark_tg_check_v0()
139 .secid = info->secid, in secmark_tg_v0()
175 .usersize = offsetof(struct xt_secmark_target_info_v1, secid),
|
| /linux/security/integrity/ima/ |
| A D | ima_main.c | 408 u32 secid; in ima_file_mmap() local
441 u32 secid; in ima_file_mprotect() local
449 security_task_getsecid_subj(current, &secid); in ima_file_mprotect()
488 u32 secid; in ima_bprm_check() local
490 security_task_getsecid_subj(current, &secid); in ima_bprm_check()
496 security_cred_getsecid(bprm->cred, &secid); in ima_bprm_check()
513 u32 secid; in ima_file_check() local
692 u32 secid; in ima_read_file() local
742 u32 secid; in ima_post_read_file() local
885 u32 secid; in process_buffer_measurement() local
[all …]
|
| A D | ima.h | 258 const struct cred *cred, u32 secid, int mask,
289 const struct cred *cred, u32 secid, enum ima_hooks func,
440 static inline int ima_filter_rule_match(u32 secid, u32 field, u32 op, in ima_filter_rule_match() argument
|
| /linux/security/apparmor/include/ |
| A D | secid.h | 24 struct aa_label *aa_secid_to_label(u32 secid);
25 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
26 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
31 void aa_free_secid(u32 secid);
32 void aa_secid_update(u32 secid, struct aa_label *label);
|
| A D | net.h | 85 u32 secid; member
110 u32 secid, const struct sock *sk);
|
| /linux/net/netlabel/ |
| A D | netlabel_unlabeled.c | 69 u32 secid; member
77 u32 secid; member
246 entry->secid = secid; in netlbl_unlhsh_add_addr4()
290 entry->secid = secid; in netlbl_unlhsh_add_addr6()
883 u32 secid; in netlbl_unlabel_staticadd() local
907 &secid); in netlbl_unlabel_staticadd()
934 u32 secid; in netlbl_unlabel_staticadddef() local
956 &secid); in netlbl_unlabel_staticadddef()
1073 u32 secid; in netlbl_unlabel_staticlist_gen() local
1113 secid = addr4->secid; in netlbl_unlabel_staticlist_gen()
[all …]
|
| A D | netlabel_user.c | 101 if (audit_info->secid != 0 && in netlbl_audit_start_common()
102 security_secid_to_secctx(audit_info->secid, in netlbl_audit_start_common()
|
| A D | netlabel_user.h | 35 security_task_getsecid_subj(current, &audit_info->secid); in netlbl_netlink_auditinfo()
|
| A D | netlabel_unlabeled.h | 214 u32 secid,
|
| /linux/include/linux/ |
| A D | security.h | 403 int security_kernel_act_as(struct cred *new, u32 secid);
928 *secid = 0; in security_inode_getsecid()
1048 *secid = 0; in security_cred_getsecid()
1124 *secid = 0; in security_task_getsecid_subj()
1129 *secid = 0; in security_task_getsecid_obj()
1202 *secid = 0; in security_ipc_getsecid()
1329 u32 *secid) in security_secctx_to_secid() argument
1419 int security_secmark_relabel_packet(u32 secid);
1592 static inline int security_secmark_relabel_packet(u32 secid) in security_secmark_relabel_packet() argument
1689 struct xfrm_sec_ctx *polsec, u32 secid);
[all …]
|
| A D | lsm_hook_defs.h | 159 LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid)
192 LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid)
210 struct task_struct *p, u32 *secid)
212 struct task_struct *p, u32 *secid)
231 u32 *secid)
262 LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata,
308 struct sk_buff *skb, u32 *secid)
313 LSM_HOOK(void, LSM_RET_VOID, sk_getsecid, struct sock *sk, u32 *secid)
321 LSM_HOOK(int, 0, secmark_relabel_packet, u32 secid)
359 struct xfrm_sec_ctx *polsec, u32 secid)
[all …]
|
| /linux/drivers/dio/ |
| A D | dio.c | 119 u_char prid, secid, i; in dio_find() local
148 secid = DIO_SECID(va); in dio_find()
149 id = DIO_ENCODE_ID(prid, secid); in dio_find()
195 u_char prid, secid = 0; /* primary, secondary ID bytes */ in dio_init() local
236 secid = DIO_SECID(va); in dio_init()
237 dev->id = DIO_ENCODE_ID(prid, secid); in dio_init()
245 printk(":%02X", secid); in dio_init()
|
| /linux/security/ |
| A D | security.c | 1467 call_void_hook(inode_getsecid, inode, secid); in security_inode_getsecid()
1710 *secid = 0; in security_cred_getsecid()
1711 call_void_hook(cred_getsecid, c, secid); in security_cred_getsecid()
1813 *secid = 0; in security_task_getsecid_subj()
1814 call_void_hook(task_getsecid_subj, p, secid); in security_task_getsecid_subj()
1820 *secid = 0; in security_task_getsecid_obj()
1821 call_void_hook(task_getsecid_obj, p, secid); in security_task_getsecid_obj()
1903 *secid = 0; in security_ipc_getsecid()
1904 call_void_hook(ipc_getsecid, ipcp, secid); in security_ipc_getsecid()
2102 *secid = 0; in security_secctx_to_secid()
[all …]
|
| /linux/include/uapi/linux/netfilter/ |
| A D | xt_SECMARK.h | 19 __u32 secid; member
26 __u32 secid; member
|
| /linux/include/net/ |
| A D | scm.h | 36 u32 secid; /* Passed security ID */ member
49 security_socket_getpeersec_dgram(sock, NULL, &scm->secid); in unix_get_peersec_dgram()
100 err = security_secid_to_secctx(scm->secid, &secdata, &seclen); in scm_passec()
|
| A D | netlabel.h | 100 u32 secid; member
204 u32 secid; member
418 u32 secid,
526 u32 secid, in netlbl_cfg_unlbl_static_add() argument
|
| /linux/security/selinux/ |
| A D | xfrm.c | 345 struct xfrm_sec_ctx *polsec, u32 secid) in selinux_xfrm_state_alloc_acquire() argument
355 if (secid == 0) in selinux_xfrm_state_alloc_acquire()
358 rc = security_sid_to_context(&selinux_state, secid, &ctx_str, in selinux_xfrm_state_alloc_acquire()
371 ctx->ctx_sid = secid; in selinux_xfrm_state_alloc_acquire()
|
| A D | netlabel.c | 111 (secattr->attr.secid == sid)) in selinux_netlbl_sock_getattr()
287 asoc->secid, &secattr); in selinux_netlbl_sctp_assoc_request()
335 rc = security_netlbl_sid_to_secattr(&selinux_state, req->secid, in selinux_netlbl_inet_conn_request()
|
| A D | hooks.c | 3569 *secid = isec->sid; in selinux_inode_getsecid()
4066 *secid = cred_sid(c); in selinux_cred_getsecid()
4080 sid, secid, in selinux_kernel_act_as()
4085 tsec->sid = secid; in selinux_kernel_act_as()
4301 u32 secid; in selinux_task_kill() local
4309 secid = current_sid(); in selinux_task_kill()
5276 *secid = peer_secid; in selinux_socket_getpeersec_dgram()
5327 *secid = sksec->sid; in selinux_sk_getsecid()
5409 asoc->secid = conn_sid; in selinux_sctp_assoc_request()
5531 req->secid = connsid; in selinux_inet_conn_request()
[all …]
|
| /linux/Documentation/networking/ |
| A D | secid.rst | 4 LSM/SeLinux secid
9 The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
|
| /linux/kernel/ |
| A D | cred.c | 780 int set_security_override(struct cred *new, u32 secid) in set_security_override() argument
782 return security_kernel_act_as(new, secid); in set_security_override()
798 u32 secid; in set_security_override_from_ctx() local
801 ret = security_secctx_to_secid(secctx, strlen(secctx), &secid); in set_security_override_from_ctx()
805 return set_security_override(new, secid); in set_security_override_from_ctx()
|
| /linux/security/smack/ |
| A D | smack_lsm.c | 1483 *secid = skp->smk_secid; in smack_inode_getsecid()
1975 *secid = skp->smk_secid; in smack_cred_getsecid()
2080 *secid = skp->smk_secid; in smack_task_getsecid_subj()
2094 *secid = skp->smk_secid; in smack_task_getsecid_obj()
3258 *secid = iskp->smk_secid; in smack_ipc_getsecid()
3736 return smack_from_secid(sap->attr.secid); in smack_from_secattr()
4038 struct sk_buff *skb, u32 *secid) in smack_socket_getpeersec_dgram() argument
4086 *secid = s; in smack_socket_getpeersec_dgram()
4531 skp = smack_from_secid(secid); in smack_audit_rule_match()
4594 *secid = skp->smk_secid; in smack_secctx_to_secid()
[all …]
|
| A D | smack_access.c | 527 skp->smk_netlabel.attr.secid = skp->smk_secid; in smack_populate_secattr()
613 struct smack_known *smack_from_secid(const u32 secid) in smack_from_secid() argument
619 if (skp->smk_secid == secid) { in smack_from_secid()
|