/xen/xen/xsm/flask/policy/ |
A D | initial_sids | 6 sid xen 7 sid dom0 8 sid domio 9 sid domxen 11 sid security 12 sid ioport 13 sid iomem 14 sid irq 15 sid device 16 sid domU [all …]
|
A D | access_vectors | 8 # executing the hypercall, and the target is the xen initial sid (type xen_t). 485 # sid <-> context string conversions
|
/xen/xen/xsm/flask/ss/ |
A D | sidtab.c | 17 #define SIDTAB_HASH(sid) (sid & SIDTAB_HASH_MASK) argument 53 while ( cur != NULL && sid > cur->sid ) in sidtab_insert() 59 if ( cur && sid == cur->sid ) in sidtab_insert() 71 newnode->sid = sid; in sidtab_insert() 109 while ( cur != NULL && sid > cur->sid ) in sidtab_search() 112 if ( cur == NULL || sid != cur->sid ) in sidtab_search() 118 while ( cur != NULL && sid > cur->sid ) in sidtab_search() 120 if ( !cur || sid != cur->sid ) in sidtab_search() 217 u32 sid; in sidtab_context_to_sid() local 223 if ( !sid ) in sidtab_context_to_sid() [all …]
|
A D | sidtab.h | 17 u32 sid; /* security identifier */ member 37 int sidtab_insert(struct sidtab *s, u32 sid, struct context *context); 38 struct context *sidtab_search(struct sidtab *s, u32 sid); 41 int (*apply) (u32 sid, struct context *context, void *args), void *args); 44 int (*apply) (u32 sid, struct context *context, void *args), void *args); 46 int sidtab_context_to_sid(struct sidtab *s, struct context *context, u32 *sid);
|
A D | services.c | 1498 if ( !c->sid ) in security_irq_sid() 1538 if ( !c->sid ) in security_iomem_sid() 1569 if (!c->sid) in security_iterate_iomem_sids() 1657 if (!c->sid) in security_iterate_ioport_sids() 1980 add->sid = sid; in security_ocontext_add() 1998 if ( c->sid == sid ) in security_ocontext_add() 2029 c->u.ioport.high_ioport == high && c->sid == sid) in security_ocontext_add() 2062 c->u.iomem.high_iomem == high && c->sid == sid) in security_ocontext_add() 2093 if ( c->sid == sid ) in security_ocontext_add() 2246 if ( sid ) in security_devicetree_setlabel() [all …]
|
A D | policydb.h | 162 u32 sid; member
|
A D | policydb.c | 756 if ( sidtab_insert(s, c->sid, &c->context) ) in policydb_load_isids() 2014 c->sid = le32_to_cpu(buf[0]); in policydb_read()
|
/xen/tools/flask/policy/policy/ |
A D | initial_sids | 5 sid xen gen_context(system_u:system_r:xen_t,s0) 6 sid dom0 gen_context(system_u:system_r:dom0_t,s0) 7 sid domxen gen_context(system_u:system_r:domxen_t,s0) 8 sid domio gen_context(system_u:system_r:domio_t,s0) 10 sid security gen_context(system_u:system_r:security_t,s0) 11 sid irq gen_context(system_u:object_r:irq_t,s0) 12 sid iomem gen_context(system_u:object_r:iomem_t,s0) 13 sid ioport gen_context(system_u:object_r:ioport_t,s0) 14 sid device gen_context(system_u:object_r:device_t,s0) 17 sid domU gen_context(system_u:system_r:domU_t,s0) [all …]
|
/xen/xen/xsm/flask/ |
A D | flask_op.c | 503 u32 sid = arg->sid; in flask_devicetree_label() local 515 rv = security_devicetree_setlabel(buf, sid); in flask_devicetree_label() 572 arg->sid = dsec->sid; in flask_get_peer_sid() 599 rc = avc_has_perm(dsec->sid, arg->sid, SECCLASS_DOMAIN2, DOMAIN2__RELABELSELF, &ad); in flask_relabel_domain() 605 rc = avc_has_perm(csec->sid, dsec->sid, SECCLASS_DOMAIN2, DOMAIN2__RELABELFROM, &ad); in flask_relabel_domain() 609 rc = avc_has_perm(csec->sid, arg->sid, SECCLASS_DOMAIN2, DOMAIN2__RELABELTO, &ad); in flask_relabel_domain() 614 rc = avc_has_perm(dsec->sid, arg->sid, SECCLASS_DOMAIN, DOMAIN__TRANSITION, &ad); in flask_relabel_domain() 618 dsec->sid = arg->sid; in flask_relabel_domain() 619 dsec->self_sid = arg->sid; in flask_relabel_domain() 620 security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, in flask_relabel_domain() [all …]
|
A D | hooks.c | 43 return dsec->sid; in domain_sid() 55 return dsec->sid; in domain_target_sid() 328 u32 sid = 0; in flask_show_security_evtchn() local 344 if ( !sid ) in flask_show_security_evtchn() 518 dsec->sid = ssidref; in flask_domain_create() 522 rc = security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, in flask_domain_create() 579 rc = avc_has_perm(dsec->sid, tsec->sid, SECCLASS_DOMAIN, DOMAIN__SET_TARGET, NULL); in flask_set_target() 584 rc = security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, in flask_set_target() 851 u32 sid, ctx_len; in flask_show_irq_sid() local 905 u32 sid, dsid; in flask_map_domain_irq() local [all …]
|
/xen/tools/libxc/ |
A D | xc_flask.c | 86 int xc_flask_context_to_sid(xc_interface *xch, char *buf, uint32_t size, uint32_t *sid) in xc_flask_context_to_sid() argument 105 *sid = op.u.sid_context.sid; in xc_flask_context_to_sid() 112 int xc_flask_sid_to_context(xc_interface *xch, int sid, char *buf, uint32_t size) in xc_flask_sid_to_context() argument 125 op.u.sid_context.sid = sid; in xc_flask_sid_to_context() 246 uint32_t sid; in xc_flask_add() local 250 err = xc_flask_context_to_sid(xch, scontext, strlen(scontext), &sid); in xc_flask_add() 256 op.u.ocontext.sid = sid; in xc_flask_add() 432 int xc_flask_relabel_domain(xc_interface *xch, uint32_t domid, uint32_t sid) in xc_flask_relabel_domain() argument 437 op.u.relabel.sid = sid; in xc_flask_relabel_domain()
|
/xen/xen/include/public/xsm/ |
A D | flask_op.h | 43 uint32_t sid; member 138 uint32_t sid; member 146 uint32_t sid; member 152 uint32_t sid; member 157 uint32_t sid; member
|
/xen/xen/xsm/flask/include/ |
A D | security.h | 77 int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len); 96 typedef int (*security_iterate_fn)(void *data, u32 sid, unsigned long start, 105 unsigned long high, u32 sid); 109 int security_devicetree_setlabel(char *path, u32 sid);
|
A D | objsec.h | 21 u32 sid; /* current SID */ member
|
/xen/xen/drivers/passthrough/vtd/ |
A D | iommu.h | 302 u16 sid; member 320 u16 sid; member 384 sid : 16, member 415 sid : 16, member
|
A D | qinval.c | 96 qinval_entry->q.cc_inv_dsc.lo.sid = source_id; in queue_invalidate_context_sync() 258 qinval_entry->q.dev_iotlb_inv_dsc.lo.sid = PCI_BDF2(pdev->bus, pdev->devfn); in qinval_device_iotlb_sync() 322 u16 sid, u8 fm, u64 type, in flush_context_qi() argument 341 return queue_invalidate_context_sync(iommu, did, sid, fm, in flush_context_qi()
|
A D | utils.c | 238 p->remap.svt, p->remap.sq, p->remap.sid, in vtd_dump_iommu_info() 245 p->post.svt, p->post.sq, p->post.sid, p->post.vector, in vtd_dump_iommu_info()
|
A D | intremap.c | 122 unsigned int svt, unsigned int sq, unsigned int sid) in set_ire_sid() argument 126 ire->remap.sid = sid; in set_ire_sid()
|
/xen/tools/python/xen/lowlevel/xc/ |
A D | xc.c | 1728 uint32_t sid; in pyflask_context_to_sid() local 1742 ret = xc_flask_context_to_sid(xc_handle, ctx, strlen(ctx), &sid); in pyflask_context_to_sid() 1751 return PyLongOrInt_FromLong(sid); in pyflask_context_to_sid() 1758 uint32_t sid; in pyflask_sid_to_context() local 1766 &sid) ) in pyflask_sid_to_context() 1774 ret = xc_flask_sid_to_context(xc_handle, sid, ctx, ctx_len); in pyflask_sid_to_context()
|
/xen/xen/drivers/passthrough/arm/ |
A D | smmu.c | 2144 u32 smr, sid, mask; in arm_smmu_device_cfg_probe() local 2161 sid = (smr >> SMR_ID_SHIFT) & SMR_ID_MASK; in arm_smmu_device_cfg_probe() 2162 if ((mask & sid) != sid) { in arm_smmu_device_cfg_probe() 2165 mask, sid); in arm_smmu_device_cfg_probe()
|
/xen/tools/libxc/include/ |
A D | xenctrl.h | 2345 int xc_flask_context_to_sid(xc_interface *xc_handle, char *buf, uint32_t size, uint32_t *sid); 2346 int xc_flask_sid_to_context(xc_interface *xc_handle, int sid, char *buf, uint32_t size); 2372 int xc_flask_relabel_domain(xc_interface *xch, uint32_t domid, uint32_t sid);
|
/xen/docs/misc/ |
A D | vtd-pi.txt | 190 u16 sid; 208 u16 sid;
|