268 	struct smack_known *skp = NULL;  in smk_fetch()  local
279 		skp = ERR_PTR(rc);  in smk_fetch()
281 		skp = NULL;  in smk_fetch()
283 		skp = smk_import_entry(buffer, rc);  in smk_fetch()
287 	return skp;  in smk_fetch()
296 static struct inode_smack *new_inode_smack(struct smack_known *skp)  in new_inode_smack()  argument
304 	isp->smk_inode = skp;  in new_inode_smack()
479 	struct smack_known *skp;  in smack_ptrace_access_check()  local
481 	skp = smk_of_task_struct(ctp);  in smack_ptrace_access_check()
483 	return smk_ptrace_rule_check(current, skp, mode, __func__);  in smack_ptrace_access_check()
497 	struct smack_known *skp;  in smack_ptrace_traceme()  local
499 	skp = smk_of_task(current_security());  in smack_ptrace_traceme()
501 	rc = smk_ptrace_rule_check(ptp, skp, PTRACE_MODE_ATTACH, __func__);  in smack_ptrace_traceme()
514 	struct smack_known *skp = smk_of_current();  in smack_syslog()  local
519 	if (smack_syslog_label != NULL && smack_syslog_label != skp)  in smack_syslog()
760 	struct smack_known *skp;  in smack_set_mnt_opts()  local
777 		skp = smk_of_current();  in smack_set_mnt_opts()
778 		sp->smk_root = skp;  in smack_set_mnt_opts()
779 		sp->smk_default = skp;  in smack_set_mnt_opts()
798 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
799 			if (IS_ERR(skp))  in smack_set_mnt_opts()
800 				return PTR_ERR(skp);  in smack_set_mnt_opts()
801 			sp->smk_default = skp;  in smack_set_mnt_opts()
804 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
805 			if (IS_ERR(skp))  in smack_set_mnt_opts()
806 				return PTR_ERR(skp);  in smack_set_mnt_opts()
807 			sp->smk_floor = skp;  in smack_set_mnt_opts()
810 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
811 			if (IS_ERR(skp))  in smack_set_mnt_opts()
812 				return PTR_ERR(skp);  in smack_set_mnt_opts()
813 			sp->smk_hat = skp;  in smack_set_mnt_opts()
816 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
817 			if (IS_ERR(skp))  in smack_set_mnt_opts()
818 				return PTR_ERR(skp);  in smack_set_mnt_opts()
819 			sp->smk_root = skp;  in smack_set_mnt_opts()
822 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
823 			if (IS_ERR(skp))  in smack_set_mnt_opts()
824 				return PTR_ERR(skp);  in smack_set_mnt_opts()
825 			sp->smk_root = skp;  in smack_set_mnt_opts()
973 	struct smack_known *skp = smk_of_current();  in smack_inode_alloc_security()  local
975 	inode->i_security = new_inode_smack(skp);  in smack_inode_alloc_security()
1033 	struct smack_known *skp = smk_of_current();  in smack_inode_init_security()  local
1043 		may = smk_access_entry(skp->smk_known, dsp->smk_known,  in smack_inode_init_security()
1044 				       &skp->smk_rules);  in smack_inode_init_security()
1305 	struct smack_known *skp;  in smack_inode_setxattr()  local
1336 		skp = size ? smk_import_entry(value, size) : NULL;  in smack_inode_setxattr()
1337 		if (IS_ERR(skp))  in smack_inode_setxattr()
1338 			rc = PTR_ERR(skp);  in smack_inode_setxattr()
1339 		else if (skp == NULL || (check_star &&  in smack_inode_setxattr()
1340 		    (skp == &smack_known_star || skp == &smack_known_web)))  in smack_inode_setxattr()
1369 	struct smack_known *skp;  in smack_inode_post_setxattr()  local
1378 		skp = smk_import_entry(value, size);  in smack_inode_post_setxattr()
1379 		if (!IS_ERR(skp))  in smack_inode_post_setxattr()
1380 			isp->smk_inode = skp;  in smack_inode_post_setxattr()
1382 		skp = smk_import_entry(value, size);  in smack_inode_post_setxattr()
1383 		if (!IS_ERR(skp))  in smack_inode_post_setxattr()
1384 			isp->smk_task = skp;  in smack_inode_post_setxattr()
1386 		skp = smk_import_entry(value, size);  in smack_inode_post_setxattr()
1387 		if (!IS_ERR(skp))  in smack_inode_post_setxattr()
1388 			isp->smk_mmap = skp;  in smack_inode_post_setxattr()
1549 	struct smack_known *skp = smk_of_inode(inode);  in smack_inode_getsecid()  local
1551 	*secid = skp->smk_secid;  in smack_inode_getsecid()
1583 	struct smack_known *skp = smk_of_current();  in smack_file_alloc_security()  local
1585 	file->f_security = skp;  in smack_file_alloc_security()
1720 	struct smack_known *skp;  in smack_mmap_file()  local
1748 	skp = smk_of_current();  in smack_mmap_file()
1757 	list_for_each_entry_rcu(srp, &skp->smk_rules, list) {  in smack_mmap_file()
1842 	struct smack_known *skp;  in smack_file_send_sigiotask()  local
1854 	skp = file->f_security;  in smack_file_send_sigiotask()
1855 	rc = smk_access(skp, tkp, MAY_DELIVER, NULL);  in smack_file_send_sigiotask()
1856 	rc = smk_bu_note("sigiotask", skp, tkp, MAY_DELIVER, rc);  in smack_file_send_sigiotask()
1862 	smack_log(skp->smk_known, tkp->smk_known, MAY_DELIVER, rc, &ad);  in smack_file_send_sigiotask()
2062 	struct smack_known *skp;  in smack_cred_getsecid()  local
2065 	skp = smk_of_task(c->security);  in smack_cred_getsecid()
2066 	*secid = skp->smk_secid;  in smack_cred_getsecid()
2116 	struct smack_known *skp = smk_of_task_struct(p);  in smk_curacc_on_task()  local
2121 	rc = smk_curacc(skp, access, &ad);  in smk_curacc_on_task()
2169 	struct smack_known *skp = smk_of_task_struct(p);  in smack_task_getsecid()  local
2171 	*secid = skp->smk_secid;  in smack_task_getsecid()
2258 	struct smack_known *skp;  in smack_task_kill()  local
2281 	skp = smk_of_task(cred->security);  in smack_task_kill()
2282 	rc = smk_access(skp, tkp, MAY_DELIVER, &ad);  in smack_task_kill()
2283 	rc = smk_bu_note("USB signal", skp, tkp, MAY_DELIVER, rc);  in smack_task_kill()
2297 	struct smack_known *skp = smk_of_task_struct(p);  in smack_task_to_inode()  local
2299 	isp->smk_inode = skp;  in smack_task_to_inode()
2319 	struct smack_known *skp = smk_of_current();  in smack_sk_alloc_security()  local
2333 		ssp->smk_in = skp;  in smack_sk_alloc_security()
2334 		ssp->smk_out = skp;  in smack_sk_alloc_security()
2483 	struct smack_known *skp;  in smack_netlabel()  local
2502 		skp = ssp->smk_out;  in smack_netlabel()
2503 		rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel);  in smack_netlabel()
2525 	struct smack_known *skp;  in smack_netlabel_send()  local
2544 		skp = ssp->smk_out;  in smack_netlabel_send()
2545 		rc = smk_access(skp, hkp, MAY_WRITE, &ad);  in smack_netlabel_send()
2546 		rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc);  in smack_netlabel_send()
2693 	struct smack_known *skp = NULL;  in smk_ipv6_port_check()  local
2698 		skp = smack_ipv6host_label(address);  in smk_ipv6_port_check()
2701 		skp = ssp->smk_out;  in smk_ipv6_port_check()
2708 	if (skp != NULL && object != NULL)  in smk_ipv6_port_check()
2709 		return smk_ipv6_check(skp, object, address, act);  in smk_ipv6_port_check()
2710 	if (skp == NULL)  in smk_ipv6_port_check()
2711 		skp = smack_net_ambient;  in smk_ipv6_port_check()
2719 		return smk_ipv6_check(skp, object, address, act);  in smk_ipv6_port_check()
2739 	return smk_ipv6_check(skp, object, address, act);  in smk_ipv6_port_check()
2758 	struct smack_known *skp;  in smack_inode_setsecurity()  local
2767 	skp = smk_import_entry(value, size);  in smack_inode_setsecurity()
2768 	if (IS_ERR(skp))  in smack_inode_setsecurity()
2769 		return PTR_ERR(skp);  in smack_inode_setsecurity()
2772 		nsp->smk_inode = skp;  in smack_inode_setsecurity()
2789 		ssp->smk_in = skp;  in smack_inode_setsecurity()
2791 		ssp->smk_out = skp;  in smack_inode_setsecurity()
2968 	struct smack_known *skp = smk_of_current();  in smack_msg_msg_alloc_security()  local
2970 	msg->security = skp;  in smack_msg_msg_alloc_security()
3004 	struct smack_known *skp = smk_of_current();  in smack_ipc_alloc_security()  local
3006 	isp->security = skp;  in smack_ipc_alloc_security()
3356 	struct smack_known *skp;  in smack_d_instantiate()  local
3502 		skp = smk_fetch(XATTR_NAME_SMACK, inode, dp);  in smack_d_instantiate()
3503 		if (!IS_ERR_OR_NULL(skp))  in smack_d_instantiate()
3504 			final = skp;  in smack_d_instantiate()
3539 		skp = smk_fetch(XATTR_NAME_SMACKEXEC, inode, dp);  in smack_d_instantiate()
3540 		if (IS_ERR(skp) || skp == &smack_known_star ||  in smack_d_instantiate()
3541 		    skp == &smack_known_web)  in smack_d_instantiate()
3542 			skp = NULL;  in smack_d_instantiate()
3543 		isp->smk_task = skp;  in smack_d_instantiate()
3545 		skp = smk_fetch(XATTR_NAME_SMACKMMAP, inode, dp);  in smack_d_instantiate()
3546 		if (IS_ERR(skp) || skp == &smack_known_star ||  in smack_d_instantiate()
3547 		    skp == &smack_known_web)  in smack_d_instantiate()
3548 			skp = NULL;  in smack_d_instantiate()
3549 		isp->smk_mmap = skp;  in smack_d_instantiate()
3579 	struct smack_known *skp = smk_of_task_struct(p);  in smack_getprocattr()  local
3586 	cp = kstrdup(skp->smk_known, GFP_KERNEL);  in smack_getprocattr()
3610 	struct smack_known *skp;  in smack_setprocattr()  local
3623 	skp = smk_import_entry(value, size);  in smack_setprocattr()
3624 	if (IS_ERR(skp))  in smack_setprocattr()
3625 		return PTR_ERR(skp);  in smack_setprocattr()
3631 	if (skp == &smack_known_web || skp == &smack_known_star)  in smack_setprocattr()
3637 			if (sklep->smk_label == skp) {  in smack_setprocattr()
3650 	tsp->smk_task = skp;  in smack_setprocattr()
3672 	struct smack_known *skp;  in smack_unix_stream_connect()  local
3684 		skp = ssp->smk_out;  in smack_unix_stream_connect()
3690 		rc = smk_access(skp, okp, MAY_WRITE, &ad);  in smack_unix_stream_connect()
3691 		rc = smk_bu_note("UDS connect", skp, okp, MAY_WRITE, rc);  in smack_unix_stream_connect()
3694 			skp = ssp->smk_in;  in smack_unix_stream_connect()
3695 			rc = smk_access(okp, skp, MAY_WRITE, &ad);  in smack_unix_stream_connect()
3696 			rc = smk_bu_note("UDS connect", okp, skp,  in smack_unix_stream_connect()
3800 	struct smack_known *skp;  in smack_from_secattr()  local
3817 		list_for_each_entry_rcu(skp, &smack_known_list, list) {  in smack_from_secattr()
3818 			if (sap->attr.mls.lvl != skp->smk_netlabel.attr.mls.lvl)  in smack_from_secattr()
3824 				if ((skp->smk_netlabel.flags &  in smack_from_secattr()
3833 					skp->smk_netlabel.attr.mls.cat,  in smack_from_secattr()
3846 			return skp;  in smack_from_secattr()
3926 	struct smack_known *skp = NULL;  in smack_socket_sock_rcv_skb()  local
3950 			skp = smack_from_secid(skb->secmark);  in smack_socket_sock_rcv_skb()
3961 			skp = smack_from_secattr(&secattr, ssp);  in smack_socket_sock_rcv_skb()
3963 			skp = smack_net_ambient;  in smack_socket_sock_rcv_skb()
3982 		rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);  in smack_socket_sock_rcv_skb()
3983 		rc = smk_bu_note("IPv4 delivery", skp, ssp->smk_in,  in smack_socket_sock_rcv_skb()
3996 			skp = smack_from_secid(skb->secmark);  in smack_socket_sock_rcv_skb()
3998 			skp = smack_ipv6host_label(&sadd);  in smack_socket_sock_rcv_skb()
3999 		if (skp == NULL)  in smack_socket_sock_rcv_skb()
4000 			skp = smack_net_ambient;  in smack_socket_sock_rcv_skb()
4007 		rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);  in smack_socket_sock_rcv_skb()
4008 		rc = smk_bu_note("IPv6 delivery", skp, ssp->smk_in,  in smack_socket_sock_rcv_skb()
4074 	struct smack_known *skp;  in smack_socket_getpeersec_dgram()  local
4109 			skp = smack_from_secattr(&secattr, ssp);  in smack_socket_getpeersec_dgram()
4110 			s = skp->smk_secid;  in smack_socket_getpeersec_dgram()
4137 	struct smack_known *skp = smk_of_current();  in smack_sock_graft()  local
4144 	ssp->smk_in = skp;  in smack_sock_graft()
4145 	ssp->smk_out = skp;  in smack_sock_graft()
4162 	struct smack_known *skp;  in smack_inet_conn_request()  local
4195 		skp = smack_from_secid(skb->secmark);  in smack_inet_conn_request()
4203 		skp = smack_from_secattr(&secattr, ssp);  in smack_inet_conn_request()
4205 		skp = &smack_known_huh;  in smack_inet_conn_request()
4222 	rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);  in smack_inet_conn_request()
4223 	rc = smk_bu_note("IPv4 connect", skp, ssp->smk_in, MAY_WRITE, rc);  in smack_inet_conn_request()
4231 	req->peer_secid = skp->smk_secid;  in smack_inet_conn_request()
4245 		rc = netlbl_req_setattr(req, &skp->smk_netlabel);  in smack_inet_conn_request()
4263 	struct smack_known *skp;  in smack_inet_csk_clone()  local
4266 		skp = smack_from_secid(req->peer_secid);  in smack_inet_csk_clone()
4267 		ssp->smk_packet = skp;  in smack_inet_csk_clone()
4294 	struct smack_known *skp = smk_of_task(cred->security);  in smack_key_alloc()  local
4296 	key->security = skp;  in smack_key_alloc()
4372 	struct smack_known *skp = key->security;  in smack_key_getsecurity()  local
4381 	copy = kstrdup(skp->smk_known, GFP_KERNEL);  in smack_key_getsecurity()
4419 	struct smack_known *skp;  in smack_audit_rule_init()  local
4429 	skp = smk_import_entry(rulestr, 0);  in smack_audit_rule_init()
4430 	if (IS_ERR(skp))  in smack_audit_rule_init()
4431 		return PTR_ERR(skp);  in smack_audit_rule_init()
4433 	*rule = skp->smk_known;  in smack_audit_rule_init()
4475 	struct smack_known *skp;  in smack_audit_rule_match()  local
4486 	skp = smack_from_secid(secid);  in smack_audit_rule_match()
4494 		return (rule == skp->smk_known);  in smack_audit_rule_match()
4496 		return (rule != skp->smk_known);  in smack_audit_rule_match()
4528 	struct smack_known *skp = smack_from_secid(secid);  in smack_secid_to_secctx()  local
4531 		*secdata = skp->smk_known;  in smack_secid_to_secctx()
4532 	*seclen = strlen(skp->smk_known);  in smack_secid_to_secctx()
4546 	struct smack_known *skp = smk_find_entry(secdata);  in smack_secctx_to_secid()  local
4548 	if (skp)  in smack_secctx_to_secid()
4549 		*secid = skp->smk_secid;  in smack_secctx_to_secid()
4573 	struct smack_known *skp = smk_of_inode(inode);  in smack_inode_getsecctx()  local
4575 	*ctx = skp->smk_known;  in smack_inode_getsecctx()
4576 	*ctxlen = strlen(skp->smk_known);  in smack_inode_getsecctx()
4584 	struct smack_known *skp;  in smack_inode_copy_up()  local
4600 	skp = isp->smk_inode;  in smack_inode_copy_up()
4601 	tsp->smk_task = skp;  in smack_inode_copy_up()