784 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
792 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
800 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
873 		pr_err("SELinux: %s: unrecognized SID %u\n",  in security_bounded_transition()
881 		pr_err("SELinux: %s: unrecognized SID %u\n",  in security_bounded_transition()
1033 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_xperms_decision()
1040 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_xperms_decision()
1093  * SID pair (@ssid, @tsid) for the permissions in @tclass.
1119 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av()
1130 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av()
1174 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av_user()
1185 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av_user()
1301 const char *security_get_initial_sid_context(u32 sid)  in security_get_initial_sid_context()  argument
1303 	if (unlikely(sid > SECINITSID_NUM))  in security_get_initial_sid_context()
1305 	return initial_sid_to_string[sid];  in security_get_initial_sid_context()
1308 static int security_sid_to_context_core(u32 sid, char **scontext,  in security_sid_to_context_core()  argument
1323 		if (sid <= SECINITSID_NUM) {  in security_sid_to_context_core()
1334 			if (sid == SECINITSID_INIT)  in security_sid_to_context_core()
1335 				sid = SECINITSID_KERNEL;  in security_sid_to_context_core()
1337 			s = initial_sid_to_string[sid];  in security_sid_to_context_core()
1350 		       "load_policy on unknown SID %d\n", __func__, sid);  in security_sid_to_context_core()
1359 		entry = sidtab_search_entry_force(sidtab, sid);  in security_sid_to_context_core()
1361 		entry = sidtab_search_entry(sidtab, sid);  in security_sid_to_context_core()
1363 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_to_context_core()
1364 			__func__, sid);  in security_sid_to_context_core()
1381  * security_sid_to_context - Obtain a context for a given SID.
1382  * @sid: security identifier, SID
1386  * Write the string representation of the context associated with @sid
1390 int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context()  argument
1392 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context()
1396 int security_sid_to_context_force(u32 sid,  in security_sid_to_context_force()  argument
1399 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context_force()
1404  * security_sid_to_context_inval - Obtain a context for a given SID if it
1406  * @sid: security identifier, SID
1410  * Write the string representation of the context associated with @sid
1416 int security_sid_to_context_inval(u32 sid,  in security_sid_to_context_inval()  argument
1419 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context_inval()
1505 					u32 *sid, u32 def_sid, gfp_t gfp_flags,  in security_context_to_sid_core()  argument
1531 				*sid = i;  in security_context_to_sid_core()
1535 		*sid = SECINITSID_KERNEL;  in security_context_to_sid_core()
1538 	*sid = SECSID_NULL;  in security_context_to_sid_core()
1560 	rc = sidtab_context_to_sid(sidtab, &context, sid);  in security_context_to_sid_core()
1580  * security_context_to_sid - Obtain a SID for a given security context.
1583  * @sid: security identifier, SID
1586  * Obtains a SID associated with the security context that
1591 int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid,  in security_context_to_sid()  argument
1595 					    sid, SECSID_NULL, gfp, 0);  in security_context_to_sid()
1598 int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp)  in security_context_str_to_sid()  argument
1601 				       sid, gfp);  in security_context_str_to_sid()
1605  * security_context_to_sid_default - Obtain a SID for a given security context,
1610  * @sid: security identifier, SID
1611  * @def_sid: default SID to assign on error
1614  * Obtains a SID associated with the security context that
1616  * The default SID is passed to the MLS layer to be used to allow
1624 				    u32 *sid, u32 def_sid, gfp_t gfp_flags)  in security_context_to_sid_default()  argument
1627 					    sid, def_sid, gfp_flags, 1);  in security_context_to_sid_default()
1631 				  u32 *sid)  in security_context_to_sid_force()  argument
1634 					    sid, SECSID_NULL, GFP_KERNEL, 1);  in security_context_to_sid_force()
1759 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_sid()
1766 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_sid()
1881 	/* Obtain the sid for the context. */  in security_compute_sid()
1896  * security_transition_sid - Compute the SID for a new subject/object.
1903  * Compute a SID to use for labeling a new subject or object in the
1904  * class @tclass based on a SID pair (@ssid, @tsid).
1906  * if insufficient memory is available, or %0 if the new SID was
1926  * security_member_sid - Compute the SID for member selection.
1932  * Compute a SID to use when selecting a member of a polyinstantiated
1933  * object of class @tclass based on a SID pair (@ssid, @tsid).
1935  * if insufficient memory is available, or %0 if the SID was
1949  * security_change_sid - Compute the SID for object relabeling.
1955  * Compute a SID to use for relabeling an object of class @tclass
1956  * based on a SID pair (@ssid, @tsid).
1958  * if insufficient memory is available, or %0 if the SID was
2081 		while (oc && oc->sid[0] != SECINITSID_UNLABELED)  in services_convert_context()
2246  * validate it and convert the SID table as necessary.
2304 	 * in the new SID table.  in security_load_policy()
2322 			" representation of contexts in the new SID"  in security_load_policy()
2348  * ocontext_to_sid - Helper to safely get sid for an ocontext
2349  * @sidtab: SID table
2352  * @out_sid: pointer to the resulting SID value
2354  * For all ocontexts except OCON_ISID the SID fields are populated
2355  * on-demand when needed. Since updating the SID value is an SMP-sensitive
2365 	u32 sid;  in ocontext_to_sid()  local
2368 	sid = smp_load_acquire(&c->sid[index]);  in ocontext_to_sid()
2369 	if (!sid) {  in ocontext_to_sid()
2370 		rc = sidtab_context_to_sid(sidtab, &c->context[index], &sid);  in ocontext_to_sid()
2376 		 * when they see the SID.  in ocontext_to_sid()
2378 		smp_store_release(&c->sid[index], sid);  in ocontext_to_sid()
2380 	*out_sid = sid;  in ocontext_to_sid()
2385  * security_port_sid - Obtain the SID for a port.
2437  * security_ib_pkey_sid - Obtain the SID for a pkey.
2489  * security_ib_endport_sid - Obtain the SID for a subnet management interface.
2542  * security_netif_sid - Obtain the SID for a network interface.
2544  * @if_sid: interface SID
2603  * security_node_sid - Obtain the SID for a node (host).
2691  * @fromsid: starting SID
2712 	u32 *mysids = NULL, *mysids2, sid;  in security_get_user_sids()  local
2760 			rc = sidtab_context_to_sid(sidtab, &usercon, &sid);  in security_get_user_sids()
2768 				mysids[mynel++] = sid;  in security_get_user_sids()
2778 				mysids[mynel++] = sid;  in security_get_user_sids()
2813  * __security_genfs_sid - Helper to obtain a SID for a file in a filesystem
2818  * @sid: SID for path
2820  * Obtain a SID to use for a file in a filesystem that
2831 				       u32 *sid)  in __security_genfs_sid()  argument
2844 	*sid = SECINITSID_UNLABELED;  in __security_genfs_sid()
2865 	return ocontext_to_sid(sidtab, c, 0, sid);  in __security_genfs_sid()
2869  * security_genfs_sid - Obtain a SID for a file in a filesystem
2873  * @sid: SID for path
2881 		       u32 *sid)  in security_genfs_sid()  argument
2887 		*sid = SECINITSID_UNLABELED;  in security_genfs_sid()
2895 					      orig_sclass, sid);  in security_genfs_sid()
2905 			u32 *sid)  in selinux_policy_genfs_sid()  argument
2908 	return __security_genfs_sid(policy, fstype, path, orig_sclass, sid);  in selinux_policy_genfs_sid()
2927 		sbsec->sid = SECINITSID_UNLABELED;  in security_fs_use()
2946 		rc = ocontext_to_sid(sidtab, c, 0, &sbsec->sid);  in security_fs_use()
2955 					SECCLASS_DIR, &sbsec->sid);  in security_fs_use()
3153  * security_sid_mls_copy() - computes a new sid based on the given
3154  * sid and the mls portion of mls_sid.
3156 int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)  in security_sid_mls_copy()  argument
3169 		*new_sid = sid;  in security_sid_mls_copy()
3183 		*new_sid = sid;  in security_sid_mls_copy()
3188 	context1 = sidtab_search(sidtab, sid);  in security_sid_mls_copy()
3190 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_mls_copy()
3191 			__func__, sid);  in security_sid_mls_copy()
3198 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_mls_copy()
3246  * @nlbl_sid: NetLabel SID
3248  * @xfrm_sid: XFRM SID
3249  * @peer_sid: network peer sid
3253  * resolved into a single SID it is returned via @peer_sid and the function
3257  *                                 | function return |      @sid
3280 	 * single or absent peer SID/label */  in security_net_peersid_resolve()
3286 	 * and is treated as if nlbl_sid == SECSID_NULL when a XFRM SID/label  in security_net_peersid_resolve()
3314 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_net_peersid_resolve()
3321 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_net_peersid_resolve()
3330 	 * information so if the MLS portion of the NetLabel SID  in security_net_peersid_resolve()
3331 	 * matches the MLS portion of the labeled XFRM SID/label  in security_net_peersid_resolve()
3332 	 * then pass along the XFRM SID as it is the most  in security_net_peersid_resolve()
3636 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule)  in selinux_audit_rule_match()  argument
3662 	ctxt = sidtab_search(policy->sidtab, sid);  in selinux_audit_rule_match()
3664 		WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n",  in selinux_audit_rule_match()
3665 			  sid);  in selinux_audit_rule_match()
3773  * @sid: the SELinux SID
3782 				      u32 sid)  in security_netlbl_cache_add()  argument
3795 	*sid_cache = sid;  in security_netlbl_cache_add()
3802  * security_netlbl_secattr_to_sid - Convert a NetLabel secattr to a SELinux SID
3804  * @sid: the SELinux SID
3808  * SELinux SID.  If the @secattr field does not contain a full SELinux
3809  * SID/context then use SECINITSID_NETMSG as the foundation.  If possible the
3811  * allow the @secattr to be used by NetLabel to cache the secattr to SID
3817 				   u32 *sid)  in security_netlbl_secattr_to_sid()  argument
3827 		*sid = SECSID_NULL;  in security_netlbl_secattr_to_sid()
3839 		*sid = *(u32 *)secattr->cache->data;  in security_netlbl_secattr_to_sid()
3841 		*sid = secattr->attr.secid;  in security_netlbl_secattr_to_sid()
3864 		rc = sidtab_context_to_sid(sidtab, &ctx_new, sid);  in security_netlbl_secattr_to_sid()
3873 		security_netlbl_cache_add(secattr, *sid);  in security_netlbl_secattr_to_sid()
3875 		*sid = SECSID_NULL;  in security_netlbl_secattr_to_sid()
3883  * security_netlbl_sid_to_secattr - Convert a SELinux SID to a NetLabel secattr
3884  * @sid: the SELinux SID
3888  * Convert the given SELinux SID in @sid into a NetLabel security attribute.
3892 int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)  in security_netlbl_sid_to_secattr()  argument
3907 	ctx = sidtab_search(policy->sidtab, sid);  in security_netlbl_sid_to_secattr()
3917 	secattr->attr.secid = sid;  in security_netlbl_sid_to_secattr()