| /linux/security/apparmor/ |
| H A D | secid.c | 45 struct aa_label *aa_secid_to_label(u32 secid) in aa_secid_to_label() argument
47 return xa_load(&aa_secids, secid); in aa_secid_to_label()
80 int apparmor_secid_to_secctx(u32 secid, struct lsm_context *cp) in apparmor_secid_to_secctx() argument
82 struct aa_label *label = aa_secid_to_label(secid); in apparmor_secid_to_secctx()
96 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) in apparmor_secctx_to_secid() argument
104 *secid = label->secid; in apparmor_secctx_to_secid()
132 ret = __xa_alloc(&aa_secids, &label->secid, label, in aa_alloc_secid()
137 label->secid = AA_SECID_INVALID; in aa_alloc_secid()
148 void aa_free_secid(u32 secid) in aa_free_secid() argument
153 __xa_erase(&aa_secids, secid); in aa_free_secid()
|
| H A D | net.c | 343 secmark->secid = AA_SECID_WILDCARD; in apparmor_secmark_init()
354 secmark->secid = label->secid; in apparmor_secmark_init()
359 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, in aa_secmark_perm() argument
370 if (!rules->secmark[i].secid) { in aa_secmark_perm()
376 if (rules->secmark[i].secid == secid || in aa_secmark_perm()
377 rules->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
394 u32 secid, const struct sock *sk) in apparmor_secmark_check() argument
400 aa_secmark_perm(profile, request, secid, in apparmor_secmark_check()
|
| /linux/net/netfilter/ |
| H A D | xt_SECMARK.c | 33 secmark = info->secid; in secmark_tg()
48 info->secid = 0; in checkentry_lsm()
51 &info->secid); in checkentry_lsm()
59 if (!info->secid) { in checkentry_lsm()
65 err = security_secmark_relabel_packet(info->secid); in checkentry_lsm()
129 info->secid = newinfo.secid; in secmark_tg_check_v0()
139 .secid = info->secid, in secmark_tg_v0()
175 .usersize = offsetof(struct xt_secmark_target_info_v1, secid),
197 .usersize = offsetof(struct xt_secmark_target_info_v1, secid),
|
| /linux/net/netlabel/ |
| H A D | netlabel_unlabeled.c | 69 u32 secid; member
77 u32 secid; member
234 u32 secid) in netlbl_unlhsh_add_addr4() argument
246 entry->secid = secid; in netlbl_unlhsh_add_addr4()
274 u32 secid) in netlbl_unlhsh_add_addr6() argument
290 entry->secid = secid; in netlbl_unlhsh_add_addr6()
369 u32 secid, in netlbl_unlhsh_add() argument
410 ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, secid); in netlbl_unlhsh_add()
423 ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, secid); in netlbl_unlhsh_add()
440 if (security_secid_to_secctx(secid, &ctx) >= 0) { in netlbl_unlhsh_add()
[all …]
|
| H A D | netlabel_unlabeled.h | 214 u32 secid,
|
| /linux/security/apparmor/include/ |
| H A D | secid.h | 27 struct aa_label *aa_secid_to_label(u32 secid);
28 int apparmor_secid_to_secctx(u32 secid, struct lsm_context *cp);
30 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
35 void aa_free_secid(u32 secid);
|
| H A D | net.h | 81 u32 secid; member
117 u32 secid, const struct sock *sk);
|
| /linux/rust/helpers/ |
| H A D | security.c | 6 void rust_helper_security_cred_getsecid(const struct cred *c, u32 *secid) in rust_helper_security_cred_getsecid() argument
8 security_cred_getsecid(c, secid); in rust_helper_security_cred_getsecid()
11 int rust_helper_security_secid_to_secctx(u32 secid, struct lsm_context *cp) in rust_helper_security_secid_to_secctx() argument
13 return security_secid_to_secctx(secid, cp); in rust_helper_security_secid_to_secctx()
|
| /linux/drivers/dio/ |
| H A D | dio.c | 124 u_char prid, secid, i; in dio_find() local
153 secid = DIO_SECID(va); in dio_find()
154 id = DIO_ENCODE_ID(prid, secid); in dio_find()
199 u_char prid, secid = 0; /* primary, secondary ID bytes */ in dio_init() local
244 secid = DIO_SECID(va); in dio_init()
245 dev->id = DIO_ENCODE_ID(prid, secid); in dio_init()
253 printk(":%02X", secid); in dio_init()
|
| /linux/rust/kernel/ |
| H A D | cred.rs | 62 let mut secid = 0; in get_secid() localVariable
64 unsafe { bindings::security_cred_getsecid(self.0.get(), &mut secid) }; in get_secid()
65 secid in get_secid()
|
| H A D | security.rs | 64 pub fn from_secid(secid: u32) -> Result<Self> { in from_secid()
69 to_result(unsafe { bindings::security_secid_to_secctx(secid, &mut ctx) })?; in from_secid()
|
| /linux/include/uapi/linux/netfilter/ |
| H A D | xt_SECMARK.h | 19 __u32 secid; member
26 __u32 secid; member
|
| /linux/fs/cachefiles/ |
| H A D | security.c | 21 _enter("{%u}", cache->have_secid ? cache->secid : 0); in cachefiles_get_security_ID()
30 ret = set_security_override(new, cache->secid); in cachefiles_get_security_ID()
|
| /linux/security/selinux/ |
| H A D | xfrm.c | 339 struct xfrm_sec_ctx *polsec, u32 secid) in selinux_xfrm_state_alloc_acquire() argument
349 if (secid == 0) in selinux_xfrm_state_alloc_acquire()
352 rc = security_sid_to_context(secid, &ctx_str, in selinux_xfrm_state_alloc_acquire()
365 ctx->ctx_sid = secid; in selinux_xfrm_state_alloc_acquire()
|
| H A D | netlabel.c | 112 (secattr->attr.secid == sid)) in selinux_netlbl_sock_getattr()
291 rc = security_netlbl_sid_to_secattr(asoc->secid, &secattr); in selinux_netlbl_sctp_assoc_request()
339 rc = security_netlbl_sid_to_secattr(req->secid, &secattr); in selinux_netlbl_inet_conn_request()
|
| /linux/Documentation/networking/ |
| H A D | secid.rst | 4 LSM/SeLinux secid
9 The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
|
| /linux/include/linux/ |
| H A D | security.h | 498 void security_cred_getsecid(const struct cred *c, u32 *secid);
500 int security_kernel_act_as(struct cred *new, u32 secid);
569 int security_secid_to_secctx(u32 secid, struct lsm_context *cp);
572 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
1247 static inline void security_cred_getsecid(const struct cred *c, u32 *secid) in security_cred_getsecid() argument
1249 *secid = 0; in security_cred_getsecid()
1256 static inline int security_kernel_act_as(struct cred *cred, u32 secid) in security_kernel_act_as() argument
1549 static inline int security_secid_to_secctx(u32 secid, struct lsm_context *cp) in security_secid_to_secctx() argument
1563 u32 *secid) in security_secctx_to_secid() argument
1664 int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid);
[all …]
|
| H A D | lsm_hook_defs.h | 222 LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid)
225 LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid)
300 LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, struct lsm_context *cp)
303 LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid)
347 struct sk_buff *skb, u32 *secid)
352 LSM_HOOK(void, LSM_RET_VOID, sk_getsecid, const struct sock *sk, u32 *secid)
360 LSM_HOOK(int, 0, secmark_relabel_packet, u32 secid)
399 struct xfrm_sec_ctx *polsec, u32 secid)
405 LSM_HOOK(int, 0, xfrm_decode_session, struct sk_buff *skb, u32 *secid,
|
| /linux/include/net/ |
| H A D | scm.h | 49 u32 secid; /* Passed security ID */ member
62 security_socket_getpeersec_dgram(sock, NULL, &scm->secid); in unix_get_peersec_dgram()
|
| H A D | netlabel.h | 203 u32 secid; member
422 u32 secid,
532 u32 secid, in netlbl_cfg_unlbl_static_add() argument
|
| /linux/kernel/ |
| H A D | cred.c | 638 int set_security_override(struct cred *new, u32 secid) in set_security_override() argument
640 return security_kernel_act_as(new, secid); in set_security_override()
656 u32 secid; in set_security_override_from_ctx() local
659 ret = security_secctx_to_secid(secctx, strlen(secctx), &secid); in set_security_override_from_ctx()
663 return set_security_override(new, secid); in set_security_override_from_ctx()
|
| /linux/include/linux/lsm/ |
| H A D | bpf.h | 12 u32 secid; member
|
| H A D | selinux.h | 12 u32 secid; member
|
| /linux/security/ |
| H A D | security.c | 3341 void security_cred_getsecid(const struct cred *c, u32 *secid) in security_cred_getsecid() argument
3343 *secid = 0; in security_cred_getsecid()
3344 call_void_hook(cred_getsecid, c, secid); in security_cred_getsecid()
3373 int security_kernel_act_as(struct cred *new, u32 secid) in security_kernel_act_as() argument
3375 return call_int_hook(kernel_act_as, new, secid); in security_kernel_act_as()
4374 int security_secid_to_secctx(u32 secid, struct lsm_context *cp) in security_secid_to_secctx() argument
4376 return call_int_hook(secid_to_secctx, secid, cp); in security_secid_to_secctx()
4422 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) in security_secctx_to_secid() argument
4424 *secid = 0; in security_secctx_to_secid()
4425 return call_int_hook(secctx_to_secid, secdata, seclen, secid); in security_secctx_to_secid()
[all …]
|
| /linux/security/smack/ |
| H A D | smack_access.c | 532 skp->smk_netlabel.attr.secid = skp->smk_secid; in smack_populate_secattr()
618 struct smack_known *smack_from_secid(const u32 secid) in smack_from_secid() argument
624 if (skp->smk_secid == secid) { in smack_from_secid()
|