Lines Matching refs:isec
311 struct inode_security_struct *isec = selinux_inode(inode); in inode_security_rcu() local
314 if (data_race(likely(isec->initialized == LABEL_INITIALIZED))) in inode_security_rcu()
315 return isec; in inode_security_rcu()
319 return isec; in inode_security_rcu()
327 struct inode_security_struct *isec = selinux_inode(inode); in inode_security() local
330 if (data_race(likely(isec->initialized == LABEL_INITIALIZED))) in inode_security()
331 return isec; in inode_security()
333 return isec; in inode_security()
347 struct inode_security_struct *isec = selinux_inode(inode); in backing_inode_security() local
350 if (data_race(likely(isec->initialized == LABEL_INITIALIZED))) in backing_inode_security()
351 return isec; in backing_inode_security()
353 return isec; in backing_inode_security()
358 struct inode_security_struct *isec = selinux_inode(inode); in inode_free_security() local
361 if (!isec) in inode_free_security()
374 if (!list_empty_careful(&isec->list)) { in inode_free_security()
376 list_del_init(&isec->list); in inode_free_security()
597 struct inode_security_struct *isec = in sb_finish_set_opts() local
600 struct inode *inode = isec->inode; in sb_finish_set_opts()
601 list_del_init(&isec->list); in sb_finish_set_opts()
1130 struct inode_security_struct *isec = backing_inode_security(root); in selinux_sb_show_options() local
1133 rc = show_sid(m, isec->sid); in selinux_sb_show_options()
1433 struct inode_security_struct *isec = selinux_inode(inode); in inode_doinit_with_dentry() local
1440 if (data_race(isec->initialized == LABEL_INITIALIZED)) in inode_doinit_with_dentry()
1443 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1444 if (isec->initialized == LABEL_INITIALIZED) in inode_doinit_with_dentry()
1447 if (isec->sclass == SECCLASS_FILE) in inode_doinit_with_dentry()
1448 isec->sclass = inode_mode_to_security_class(inode->i_mode); in inode_doinit_with_dentry()
1456 if (list_empty(&isec->list)) in inode_doinit_with_dentry()
1457 list_add(&isec->list, &sbsec->isec_head); in inode_doinit_with_dentry()
1462 sclass = isec->sclass; in inode_doinit_with_dentry()
1463 task_sid = isec->task_sid; in inode_doinit_with_dentry()
1464 sid = isec->sid; in inode_doinit_with_dentry()
1465 isec->initialized = LABEL_PENDING; in inode_doinit_with_dentry()
1466 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1585 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1586 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1588 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1591 isec->initialized = LABEL_INITIALIZED; in inode_doinit_with_dentry()
1592 isec->sid = sid; in inode_doinit_with_dentry()
1596 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1600 spin_lock(&isec->lock); in inode_doinit_with_dentry()
1601 if (isec->initialized == LABEL_PENDING) { in inode_doinit_with_dentry()
1602 isec->initialized = LABEL_INVALID; in inode_doinit_with_dentry()
1603 isec->sid = sid; in inode_doinit_with_dentry()
1605 spin_unlock(&isec->lock); in inode_doinit_with_dentry()
1683 struct inode_security_struct *isec; in inode_has_perm() local
1690 isec = selinux_inode(inode); in inode_has_perm()
1692 return avc_has_perm(sid, isec->sid, isec->sclass, perms, adp); in inode_has_perm()
1704 struct inode_security_struct *isec = selinux_inode(inode); in dentry_has_perm() local
1709 if (data_race(unlikely(isec->initialized != LABEL_INITIALIZED))) in dentry_has_perm()
1723 struct inode_security_struct *isec = selinux_inode(inode); in path_has_perm() local
1728 if (data_race(unlikely(isec->initialized != LABEL_INITIALIZED))) in path_has_perm()
1895 struct inode_security_struct *dsec, *isec; in may_link() local
1902 isec = backing_inode_security(dentry); in may_link()
1929 rc = avc_has_perm(sid, isec->sid, isec->sclass, av, &ad); in may_link()
2110 struct inode_security_struct *isec; in selinux_binder_transfer_file() local
2135 isec = backing_inode_security(dentry); in selinux_binder_transfer_file()
2136 return avc_has_perm(sid, isec->sid, isec->sclass, file_to_av(file), in selinux_binder_transfer_file()
2340 struct inode_security_struct *isec; in selinux_bprm_creds_for_exec() local
2350 isec = inode_security(inode); in selinux_bprm_creds_for_exec()
2352 if (WARN_ON(isec->sclass != SECCLASS_FILE && in selinux_bprm_creds_for_exec()
2353 isec->sclass != SECCLASS_MEMFD_FILE)) in selinux_bprm_creds_for_exec()
2390 isec->sid, SECCLASS_PROCESS, NULL, in selinux_bprm_creds_for_exec()
2408 rc = avc_has_perm(old_crsec->sid, isec->sid, isec->sclass, in selinux_bprm_creds_for_exec()
2419 rc = avc_has_perm(new_crsec->sid, isec->sid, isec->sclass, in selinux_bprm_creds_for_exec()
2901 struct inode_security_struct *isec = selinux_inode(inode); in selinux_inode_alloc_security() local
2904 spin_lock_init(&isec->lock); in selinux_inode_alloc_security()
2905 INIT_LIST_HEAD(&isec->list); in selinux_inode_alloc_security()
2906 isec->inode = inode; in selinux_inode_alloc_security()
2907 isec->sid = SECINITSID_UNLABELED; in selinux_inode_alloc_security()
2908 isec->sclass = SECCLASS_FILE; in selinux_inode_alloc_security()
2909 isec->task_sid = sid; in selinux_inode_alloc_security()
2910 isec->initialized = LABEL_INVALID; in selinux_inode_alloc_security()
2985 struct inode_security_struct *isec = selinux_inode(inode); in selinux_inode_init_security() local
2986 isec->sclass = newsclass; in selinux_inode_init_security()
2987 isec->sid = newsid; in selinux_inode_init_security()
2988 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security()
3014 struct inode_security_struct *isec; in selinux_inode_init_security_anon() local
3028 isec = selinux_inode(inode); in selinux_inode_init_security_anon()
3044 isec->sclass = context_isec->sclass; in selinux_inode_init_security_anon()
3045 isec->sid = context_isec->sid; in selinux_inode_init_security_anon()
3048 isec->sclass = SECCLASS_MEMFD_FILE; in selinux_inode_init_security_anon()
3050 isec->sclass = SECCLASS_ANON_INODE; in selinux_inode_init_security_anon()
3053 isec->sclass, name, &isec->sid); in selinux_inode_init_security_anon()
3058 isec->initialized = LABEL_INITIALIZED; in selinux_inode_init_security_anon()
3068 isec->sid, in selinux_inode_init_security_anon()
3069 isec->sclass, in selinux_inode_init_security_anon()
3126 struct inode_security_struct *isec; in selinux_inode_follow_link() local
3131 isec = inode_security_rcu(inode, rcu); in selinux_inode_follow_link()
3132 if (IS_ERR(isec)) in selinux_inode_follow_link()
3133 return PTR_ERR(isec); in selinux_inode_follow_link()
3135 return avc_has_perm(sid, isec->sid, isec->sclass, FILE__READ, &ad); in selinux_inode_follow_link()
3143 struct inode_security_struct *isec = selinux_inode(inode); in audit_inode_permission() local
3148 return slow_avc_audit(current_sid(), isec->sid, isec->sclass, perms, in audit_inode_permission()
3177 struct inode_security_struct *isec, in task_avdcache_search() argument
3183 if (isec->sclass != SECCLASS_DIR) in task_avdcache_search()
3194 if (tsec->avdcache.dir[iter].isid == isec->sid) { in task_avdcache_search()
3217 struct inode_security_struct *isec, in task_avdcache_update() argument
3224 if (isec->sclass != SECCLASS_DIR) in task_avdcache_update()
3230 tsec->avdcache.dir[spot].isid = isec->sid; in task_avdcache_update()
3252 struct inode_security_struct *isec; in selinux_inode_permission() local
3267 isec = inode_security_rcu(inode, requested & MAY_NOT_BLOCK); in selinux_inode_permission()
3268 if (IS_ERR(isec)) in selinux_inode_permission()
3269 return PTR_ERR(isec); in selinux_inode_permission()
3272 rc = task_avdcache_search(tsec, isec, &avdc); in selinux_inode_permission()
3284 rc = avc_has_perm_noaudit(sid, isec->sid, isec->sclass, in selinux_inode_permission()
3289 task_avdcache_update(tsec, isec, &avd, audited); in selinux_inode_permission()
3377 struct inode_security_struct *isec; in selinux_inode_setxattr() local
3400 isec = backing_inode_security(dentry); in selinux_inode_setxattr()
3401 rc = avc_has_perm(sid, isec->sid, isec->sclass, in selinux_inode_setxattr()
3441 rc = avc_has_perm(sid, newsid, isec->sclass, in selinux_inode_setxattr()
3446 rc = security_validate_transition(isec->sid, newsid, in selinux_inode_setxattr()
3447 sid, isec->sclass); in selinux_inode_setxattr()
3482 struct inode_security_struct *isec; in selinux_inode_post_setxattr() local
3509 isec = backing_inode_security(dentry); in selinux_inode_post_setxattr()
3510 spin_lock(&isec->lock); in selinux_inode_post_setxattr()
3511 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_post_setxattr()
3512 isec->sid = newsid; in selinux_inode_post_setxattr()
3513 isec->initialized = LABEL_INITIALIZED; in selinux_inode_post_setxattr()
3514 spin_unlock(&isec->lock); in selinux_inode_post_setxattr()
3618 struct inode_security_struct *isec; in selinux_inode_getsecurity() local
3637 isec = inode_security(inode); in selinux_inode_getsecurity()
3639 error = security_sid_to_context_force(isec->sid, &context, in selinux_inode_getsecurity()
3642 error = security_sid_to_context(isec->sid, in selinux_inode_getsecurity()
3659 struct inode_security_struct *isec = inode_security_novalidate(inode); in selinux_inode_setsecurity() local
3679 spin_lock(&isec->lock); in selinux_inode_setsecurity()
3680 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_inode_setsecurity()
3681 isec->sid = newsid; in selinux_inode_setsecurity()
3682 isec->initialized = LABEL_INITIALIZED; in selinux_inode_setsecurity()
3683 spin_unlock(&isec->lock); in selinux_inode_setsecurity()
3701 struct inode_security_struct *isec = inode_security_novalidate(inode); in selinux_inode_getlsmprop() local
3703 prop->selinux.secid = isec->sid; in selinux_inode_getlsmprop()
3825 struct inode_security_struct *isec; in selinux_file_permission() local
3832 isec = inode_security(inode); in selinux_file_permission()
3833 if (sid == fsec->sid && fsec->isid == isec->sid && in selinux_file_permission()
3873 struct inode_security_struct *isec; in ioctl_has_perm() local
3897 isec = inode_security(inode); in ioctl_has_perm()
3898 rc = avc_has_extended_perms(ssid, isec->sid, isec->sclass, requested, in ioctl_has_perm()
4259 struct inode_security_struct *isec; in selinux_file_open() local
4262 isec = inode_security(file_inode(file)); in selinux_file_open()
4270 fsec->isid = isec->sid; in selinux_file_open()
4359 struct inode_security_struct *isec = inode_security(inode); in selinux_kernel_create_files_as() local
4364 ret = avc_has_perm(sid, isec->sid, in selinux_kernel_create_files_as()
4370 crsec->create_sid = isec->sid; in selinux_kernel_create_files_as()
4388 struct inode_security_struct *isec; in selinux_kernel_load_from_file() local
4406 isec = inode_security(file_inode(file)); in selinux_kernel_load_from_file()
4407 return avc_has_perm(sid, isec->sid, SECCLASS_SYSTEM, requested, &ad); in selinux_kernel_load_from_file()
4602 struct inode_security_struct *isec = selinux_inode(inode); in selinux_task_to_inode() local
4605 spin_lock(&isec->lock); in selinux_task_to_inode()
4606 isec->sclass = inode_mode_to_security_class(inode->i_mode); in selinux_task_to_inode()
4607 isec->sid = sid; in selinux_task_to_inode()
4608 isec->initialized = LABEL_INITIALIZED; in selinux_task_to_inode()
4609 spin_unlock(&isec->lock); in selinux_task_to_inode()
4959 struct inode_security_struct *isec = inode_security_novalidate(SOCK_INODE(sock)); in selinux_socket_post_create() local
4971 isec->sclass = sclass; in selinux_socket_post_create()
4972 isec->sid = sid; in selinux_socket_post_create()
4973 isec->initialized = LABEL_INITIALIZED; in selinux_socket_post_create()
5247 struct inode_security_struct *isec; in selinux_socket_accept() local
5256 isec = inode_security_novalidate(SOCK_INODE(sock)); in selinux_socket_accept()
5257 spin_lock(&isec->lock); in selinux_socket_accept()
5258 sclass = isec->sclass; in selinux_socket_accept()
5259 sid = isec->sid; in selinux_socket_accept()
5260 spin_unlock(&isec->lock); in selinux_socket_accept()
5530 struct inode_security_struct *isec; in selinux_socket_getpeersec_dgram() local
5531 isec = inode_security_novalidate(SOCK_INODE(sock)); in selinux_socket_getpeersec_dgram()
5532 peer_secid = isec->sid; in selinux_socket_getpeersec_dgram()
5586 struct inode_security_struct *isec = in selinux_sock_graft() local
5592 isec->sid = sksec->sid; in selinux_sock_graft()
5593 sksec->sclass = isec->sclass; in selinux_sock_graft()
6311 static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass) in ipc_init_security() argument
6313 isec->sclass = sclass; in ipc_init_security()
6314 isec->sid = current_sid(); in ipc_init_security()
6320 struct ipc_security_struct *isec; in ipc_has_perm() local
6324 isec = selinux_ipc(ipc_perms); in ipc_has_perm()
6329 return avc_has_perm(sid, isec->sid, isec->sclass, perms, &ad); in ipc_has_perm()
6345 struct ipc_security_struct *isec; in selinux_msg_queue_alloc_security() local
6349 isec = selinux_ipc(msq); in selinux_msg_queue_alloc_security()
6350 ipc_init_security(isec, SECCLASS_MSGQ); in selinux_msg_queue_alloc_security()
6355 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_alloc_security()
6361 struct ipc_security_struct *isec; in selinux_msg_queue_associate() local
6365 isec = selinux_ipc(msq); in selinux_msg_queue_associate()
6370 return avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_associate()
6404 struct ipc_security_struct *isec; in selinux_msg_queue_msgsnd() local
6410 isec = selinux_ipc(msq); in selinux_msg_queue_msgsnd()
6421 rc = security_transition_sid(sid, isec->sid, in selinux_msg_queue_msgsnd()
6431 rc = avc_has_perm(sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6439 rc = avc_has_perm(msec->sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6449 struct ipc_security_struct *isec; in selinux_msg_queue_msgrcv() local
6455 isec = selinux_ipc(msq); in selinux_msg_queue_msgrcv()
6461 rc = avc_has_perm(sid, isec->sid, in selinux_msg_queue_msgrcv()
6472 struct ipc_security_struct *isec; in selinux_shm_alloc_security() local
6476 isec = selinux_ipc(shp); in selinux_shm_alloc_security()
6477 ipc_init_security(isec, SECCLASS_SHM); in selinux_shm_alloc_security()
6482 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, in selinux_shm_alloc_security()
6488 struct ipc_security_struct *isec; in selinux_shm_associate() local
6492 isec = selinux_ipc(shp); in selinux_shm_associate()
6497 return avc_has_perm(sid, isec->sid, SECCLASS_SHM, in selinux_shm_associate()
6550 struct ipc_security_struct *isec; in selinux_sem_alloc_security() local
6554 isec = selinux_ipc(sma); in selinux_sem_alloc_security()
6555 ipc_init_security(isec, SECCLASS_SEM); in selinux_sem_alloc_security()
6560 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, in selinux_sem_alloc_security()
6566 struct ipc_security_struct *isec; in selinux_sem_associate() local
6570 isec = selinux_ipc(sma); in selinux_sem_associate()
6575 return avc_has_perm(sid, isec->sid, SECCLASS_SEM, in selinux_sem_associate()
6655 struct ipc_security_struct *isec = selinux_ipc(ipcp); in selinux_ipc_getlsmprop() local
6656 prop->selinux.secid = isec->sid; in selinux_ipc_getlsmprop()
6974 struct inode_security_struct *isec = selinux_inode(inode); in selinux_inode_invalidate_secctx() local
6976 spin_lock(&isec->lock); in selinux_inode_invalidate_secctx()
6977 isec->initialized = LABEL_INVALID; in selinux_inode_invalidate_secctx()
6978 spin_unlock(&isec->lock); in selinux_inode_invalidate_secctx()
7475 struct inode_security_struct *isec = selinux_inode(inode); in selinux_uring_cmd() local
7481 return avc_has_perm(current_sid(), isec->sid, in selinux_uring_cmd()