Lines Matching refs:sid
218 tsec->osid = tsec->sid = SECINITSID_KERNEL; in cred_init_security()
229 return tsec->sid; in cred_sid()
237 u32 sid; in task_sid_subj() local
240 sid = cred_sid(rcu_dereference(task->cred)); in task_sid_subj()
242 return sid; in task_sid_subj()
250 u32 sid; in task_sid_obj() local
253 sid = cred_sid(__task_cred(task)); in task_sid_obj()
255 return sid; in task_sid_obj()
438 static int may_context_mount_sb_relabel(u32 sid, in may_context_mount_sb_relabel() argument
446 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
452 tsec->sid, sid, SECCLASS_FILESYSTEM, in may_context_mount_sb_relabel()
457 static int may_context_mount_inode_relabel(u32 sid, in may_context_mount_inode_relabel() argument
464 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
470 sid, sbsec->sid, SECCLASS_FILESYSTEM, in may_context_mount_inode_relabel()
521 u32 sid; in sb_check_xattr_support() local
554 SECCLASS_DIR, &sid); in sb_check_xattr_support()
561 sbsec->sid = sid; in sb_check_xattr_support()
637 static int parse_sid(struct super_block *sb, const char *s, u32 *sid) in parse_sid() argument
640 sid, GFP_KERNEL); in parse_sid()
714 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, in selinux_set_mnt_opts()
732 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, in selinux_set_mnt_opts()
818 sbsec->sid = fscontext_sid; in selinux_set_mnt_opts()
837 sbsec->sid = context_sid; in selinux_set_mnt_opts()
857 root_isec->sid = rootcontext_sid; in selinux_set_mnt_opts()
903 if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid) in selinux_cmp_sb_context()
912 if (oldroot->sid != newroot->sid) in selinux_cmp_sb_context()
965 newsbsec->sid = oldsbsec->sid; in selinux_sb_clone_mnt_opts()
982 u32 sid = oldsbsec->mntpoint_sid; in selinux_sb_clone_mnt_opts() local
985 newsbsec->sid = sid; in selinux_sb_clone_mnt_opts()
988 newisec->sid = sid; in selinux_sb_clone_mnt_opts()
990 newsbsec->mntpoint_sid = sid; in selinux_sb_clone_mnt_opts()
996 newisec->sid = oldisec->sid; in selinux_sb_clone_mnt_opts()
1086 static int show_sid(struct seq_file *m, u32 sid) in show_sid() argument
1092 rc = security_sid_to_context(&selinux_state, sid, in show_sid()
1122 rc = show_sid(m, sbsec->sid); in selinux_sb_show_options()
1145 rc = show_sid(m, isec->sid); in selinux_sb_show_options()
1347 u32 *sid) in selinux_genfs_get_sid() argument
1371 path, tclass, sid); in selinux_genfs_get_sid()
1374 *sid = SECINITSID_UNLABELED; in selinux_genfs_get_sid()
1383 u32 def_sid, u32 *sid) in inode_doinit_use_xattr() argument
1421 *sid = def_sid; in inode_doinit_use_xattr()
1425 rc = security_context_to_sid_default(&selinux_state, context, rc, sid, in inode_doinit_use_xattr()
1448 u32 task_sid, sid = 0; in inode_doinit_with_dentry() local
1477 sid = isec->sid; in inode_doinit_with_dentry()
1486 sid = sbsec->def_sid; in inode_doinit_with_dentry()
1519 &sid); in inode_doinit_with_dentry()
1525 sid = task_sid; in inode_doinit_with_dentry()
1529 sid = sbsec->sid; in inode_doinit_with_dentry()
1532 rc = security_transition_sid(&selinux_state, task_sid, sid, in inode_doinit_with_dentry()
1533 sclass, NULL, &sid); in inode_doinit_with_dentry()
1538 sid = sbsec->mntpoint_sid; in inode_doinit_with_dentry()
1542 sid = sbsec->sid; in inode_doinit_with_dentry()
1574 sbsec->flags, &sid); in inode_doinit_with_dentry()
1583 sid, &sid); in inode_doinit_with_dentry()
1602 isec->sid = sid; in inode_doinit_with_dentry()
1613 isec->sid = sid; in inode_doinit_with_dentry()
1657 u32 sid = cred_sid(cred); in cred_has_capability() local
1678 sid, sid, sclass, av, 0, &avd); in cred_has_capability()
1681 sid, sid, sclass, av, &avd, rc, &ad); in cred_has_capability()
1697 u32 sid; in inode_has_perm() local
1704 sid = cred_sid(cred); in inode_has_perm()
1708 sid, isec->sid, isec->sclass, perms, adp); in inode_has_perm()
1756 static int bpf_fd_pass(struct file *file, u32 sid);
1774 u32 sid = cred_sid(cred); in file_has_perm() local
1780 if (sid != fsec->sid) { in file_has_perm()
1782 sid, fsec->sid, in file_has_perm()
1825 return security_transition_sid(&selinux_state, tsec->sid, in selinux_determine_inode_label()
1826 dsec->sid, tclass, in selinux_determine_inode_label()
1841 u32 sid, newsid; in may_create() local
1848 sid = tsec->sid; in may_create()
1854 sid, dsec->sid, SECCLASS_DIR, in may_create()
1866 sid, newsid, tclass, FILE__CREATE, &ad); in may_create()
1871 newsid, sbsec->sid, in may_create()
1888 u32 sid = current_sid(); in may_link() local
1901 sid, dsec->sid, SECCLASS_DIR, av, &ad); in may_link()
1922 sid, isec->sid, isec->sclass, av, &ad); in may_link()
1933 u32 sid = current_sid(); in may_rename() local
1947 sid, old_dsec->sid, SECCLASS_DIR, in may_rename()
1952 sid, old_isec->sid, in may_rename()
1958 sid, old_isec->sid, in may_rename()
1969 sid, new_dsec->sid, SECCLASS_DIR, av, &ad); in may_rename()
1976 sid, new_isec->sid, in may_rename()
1993 u32 sid = cred_sid(cred); in superblock_has_perm() local
1997 sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad); in superblock_has_perm()
2108 u32 sid = task_sid_binder(to); in selinux_binder_transfer_file() local
2118 if (sid != fsec->sid) { in selinux_binder_transfer_file()
2120 sid, fsec->sid, in selinux_binder_transfer_file()
2129 rc = bpf_fd_pass(file, sid); in selinux_binder_transfer_file()
2139 sid, isec->sid, isec->sclass, file_to_av(file), in selinux_binder_transfer_file()
2146 u32 sid = current_sid(); in selinux_ptrace_access_check() local
2151 sid, csid, SECCLASS_FILE, FILE__READ, NULL); in selinux_ptrace_access_check()
2154 sid, csid, SECCLASS_PROCESS, PROCESS__PTRACE, NULL); in selinux_ptrace_access_check()
2287 u32 sid = 0; in ptrace_parent_sid() local
2293 sid = task_sid_obj(tracer); in ptrace_parent_sid()
2296 return sid; in ptrace_parent_sid()
2311 if (new_tsec->sid == old_tsec->sid) in check_nnp_nosuid()
2327 old_tsec->sid, new_tsec->sid, in check_nnp_nosuid()
2338 rc = security_bounded_transition(&selinux_state, old_tsec->sid, in check_nnp_nosuid()
2339 new_tsec->sid); in check_nnp_nosuid()
2370 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2371 new_tsec->osid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2379 new_tsec->sid = old_tsec->exec_sid; in selinux_bprm_creds_for_exec()
2389 rc = security_transition_sid(&selinux_state, old_tsec->sid, in selinux_bprm_creds_for_exec()
2390 isec->sid, SECCLASS_PROCESS, NULL, in selinux_bprm_creds_for_exec()
2391 &new_tsec->sid); in selinux_bprm_creds_for_exec()
2401 new_tsec->sid = old_tsec->sid; in selinux_bprm_creds_for_exec()
2407 if (new_tsec->sid == old_tsec->sid) { in selinux_bprm_creds_for_exec()
2409 old_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2416 old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2422 new_tsec->sid, isec->sid, in selinux_bprm_creds_for_exec()
2430 old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2443 ptsid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2458 old_tsec->sid, new_tsec->sid, in selinux_bprm_creds_for_exec()
2531 if (new_tsec->sid == new_tsec->osid) in selinux_bprm_committing_creds()
2551 new_tsec->osid, new_tsec->sid, SECCLASS_PROCESS, in selinux_bprm_committing_creds()
2574 u32 osid, sid; in selinux_bprm_committed_creds() local
2578 sid = tsec->sid; in selinux_bprm_committed_creds()
2580 if (sid == osid) in selinux_bprm_committed_creds()
2591 osid, sid, SECCLASS_PROCESS, PROCESS__SIGINH, NULL); in selinux_bprm_committed_creds()
2622 sbsec->sid = SECINITSID_UNLABELED; in selinux_sb_alloc_security()
2708 u32 sid; in selinux_sb_mnt_opts_compat() local
2726 rc = parse_sid(sb, opts->fscontext, &sid); in selinux_sb_mnt_opts_compat()
2729 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, sid)) in selinux_sb_mnt_opts_compat()
2733 rc = parse_sid(sb, opts->context, &sid); in selinux_sb_mnt_opts_compat()
2736 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, sid)) in selinux_sb_mnt_opts_compat()
2743 rc = parse_sid(sb, opts->rootcontext, &sid); in selinux_sb_mnt_opts_compat()
2746 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid)) in selinux_sb_mnt_opts_compat()
2750 rc = parse_sid(sb, opts->defcontext, &sid); in selinux_sb_mnt_opts_compat()
2753 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, sid)) in selinux_sb_mnt_opts_compat()
2763 u32 sid; in selinux_sb_remount() local
2773 rc = parse_sid(sb, opts->fscontext, &sid); in selinux_sb_remount()
2776 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, sid)) in selinux_sb_remount()
2780 rc = parse_sid(sb, opts->context, &sid); in selinux_sb_remount()
2783 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, sid)) in selinux_sb_remount()
2789 rc = parse_sid(sb, opts->rootcontext, &sid); in selinux_sb_remount()
2792 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid)) in selinux_sb_remount()
2796 rc = parse_sid(sb, opts->defcontext, &sid); in selinux_sb_remount()
2799 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, sid)) in selinux_sb_remount()
2932 u32 sid = current_sid(); in selinux_inode_alloc_security() local
2937 isec->sid = SECINITSID_UNLABELED; in selinux_inode_alloc_security()
2939 isec->task_sid = sid; in selinux_inode_alloc_security()
3014 isec->sid = newsid; in selinux_inode_init_security()
3066 isec->sid = context_isec->sid; in selinux_inode_init_security_anon()
3070 &selinux_state, tsec->sid, tsec->sid, in selinux_inode_init_security_anon()
3071 isec->sclass, name, &isec->sid); in selinux_inode_init_security_anon()
3086 tsec->sid, in selinux_inode_init_security_anon()
3087 isec->sid, in selinux_inode_init_security_anon()
3147 u32 sid; in selinux_inode_follow_link() local
3153 sid = cred_sid(cred); in selinux_inode_follow_link()
3159 sid, isec->sid, isec->sclass, FILE__READ, &ad); in selinux_inode_follow_link()
3173 current_sid(), isec->sid, isec->sclass, perms, in audit_inode_permission()
3184 u32 sid; in selinux_inode_permission() local
3203 sid = cred_sid(cred); in selinux_inode_permission()
3209 sid, isec->sid, isec->sclass, perms, 0, in selinux_inode_permission()
3276 u32 newsid, sid = current_sid(); in selinux_inode_setxattr() local
3304 sid, isec->sid, isec->sclass, in selinux_inode_setxattr()
3345 sid, newsid, isec->sclass, in selinux_inode_setxattr()
3350 rc = security_validate_transition(&selinux_state, isec->sid, newsid, in selinux_inode_setxattr()
3351 sid, isec->sclass); in selinux_inode_setxattr()
3357 sbsec->sid, in selinux_inode_setxattr()
3398 isec->sid = newsid; in selinux_inode_post_setxattr()
3518 isec->sid, &context, in selinux_inode_getsecurity()
3521 error = security_sid_to_context(&selinux_state, isec->sid, in selinux_inode_getsecurity()
3560 isec->sid = newsid; in selinux_inode_setsecurity()
3581 *secid = isec->sid; in selinux_inode_getsecid()
3586 u32 sid; in selinux_inode_copy_up() local
3598 selinux_inode_getsecid(d_inode(src), &sid); in selinux_inode_copy_up()
3599 tsec->create_sid = sid; in selinux_inode_copy_up()
3661 rc = security_transition_sid(&selinux_state, tsec->sid, in selinux_kernfs_init_security()
3700 u32 sid = current_sid(); in selinux_file_permission() local
3707 if (sid == fsec->sid && fsec->isid == isec->sid && in selinux_file_permission()
3718 u32 sid = current_sid(); in selinux_file_alloc_security() local
3720 fsec->sid = sid; in selinux_file_alloc_security()
3721 fsec->fown_sid = sid; in selinux_file_alloc_security()
3748 if (ssid != fsec->sid) { in ioctl_has_perm()
3750 ssid, fsec->sid, in ioctl_has_perm()
3763 ssid, isec->sid, isec->sclass, in ioctl_has_perm()
3815 u32 sid = cred_sid(cred); in file_map_prot_check() local
3827 sid, sid, SECCLASS_PROCESS, in file_map_prot_check()
3856 u32 sid = current_sid(); in selinux_mmap_addr() local
3858 sid, sid, SECCLASS_MEMPROTECT, in selinux_mmap_addr()
3892 u32 sid = cred_sid(cred); in selinux_file_mprotect() local
3903 sid, sid, SECCLASS_PROCESS, in selinux_file_mprotect()
3910 sid, sid, SECCLASS_PROCESS, in selinux_file_mprotect()
3988 u32 sid = task_sid_obj(tsk); in selinux_file_send_sigiotask() local
4003 fsec->fown_sid, sid, in selinux_file_send_sigiotask()
4028 fsec->isid = isec->sid; in selinux_file_open()
4046 u32 sid = current_sid(); in selinux_task_alloc() local
4049 sid, sid, SECCLASS_PROCESS, PROCESS__FORK, NULL); in selinux_task_alloc()
4088 u32 sid = current_sid(); in selinux_kernel_act_as() local
4092 sid, secid, in selinux_kernel_act_as()
4097 tsec->sid = secid; in selinux_kernel_act_as()
4113 u32 sid = current_sid(); in selinux_kernel_create_files_as() local
4117 sid, isec->sid, in selinux_kernel_create_files_as()
4123 tsec->create_sid = isec->sid; in selinux_kernel_create_files_as()
4144 u32 sid = current_sid(); in selinux_kernel_module_from_file() local
4150 sid, sid, SECCLASS_SYSTEM, in selinux_kernel_module_from_file()
4159 if (sid != fsec->sid) { in selinux_kernel_module_from_file()
4161 sid, fsec->sid, SECCLASS_FD, FD__USE, &ad); in selinux_kernel_module_from_file()
4168 sid, isec->sid, SECCLASS_SYSTEM, in selinux_kernel_module_from_file()
4332 u32 sid = task_sid_obj(p); in selinux_task_to_inode() local
4336 isec->sid = sid; in selinux_task_to_inode()
4582 static int selinux_skb_peerlbl_sid(struct sk_buff *skb, u16 family, u32 *sid) in selinux_skb_peerlbl_sid() argument
4597 nlbl_type, xfrm_sid, sid); in selinux_skb_peerlbl_sid()
4643 return security_transition_sid(&selinux_state, tsec->sid, tsec->sid, in socket_sockcreate_sid()
4653 if (sksec->sid == SECINITSID_KERNEL) in sock_has_perm()
4661 current_sid(), sksec->sid, sksec->sclass, perms, in sock_has_perm()
4682 tsec->sid, newsid, secclass, SOCKET__CREATE, NULL); in selinux_socket_create()
4692 u32 sid = SECINITSID_KERNEL; in selinux_socket_post_create() local
4696 err = socket_sockcreate_sid(tsec, sclass, &sid); in selinux_socket_post_create()
4702 isec->sid = sid; in selinux_socket_post_create()
4708 sksec->sid = sid; in selinux_socket_post_create()
4725 sksec_a->peer_sid = sksec_b->sid; in selinux_socket_socketpair()
4726 sksec_b->peer_sid = sksec_a->sid; in selinux_socket_socketpair()
4756 u32 sid, node_perm; in selinux_socket_bind() local
4808 snum, &sid); in selinux_socket_bind()
4812 sksec->sid, sid, in selinux_socket_bind()
4842 err = sel_netnode_sid(addrp, family_sa, &sid); in selinux_socket_bind()
4852 sksec->sid, sid, in selinux_socket_bind()
4900 u32 sid, perm; in selinux_socket_connect_helper() local
4930 err = sel_netport_sid(sk->sk_protocol, snum, &sid); in selinux_socket_connect_helper()
4951 sksec->sid, sid, sksec->sclass, perm, &ad); in selinux_socket_connect_helper()
4984 u32 sid; in selinux_socket_accept() local
4993 sid = isec->sid; in selinux_socket_accept()
4998 newisec->sid = sid; in selinux_socket_accept()
5064 sksec_sock->sid, sksec_other->sid, in selinux_socket_unix_stream_connect()
5071 sksec_new->peer_sid = sksec_sock->sid; in selinux_socket_unix_stream_connect()
5072 err = security_sid_mls_copy(&selinux_state, sksec_other->sid, in selinux_socket_unix_stream_connect()
5073 sksec_sock->sid, &sksec_new->sid); in selinux_socket_unix_stream_connect()
5078 sksec_sock->peer_sid = sksec_new->sid; in selinux_socket_unix_stream_connect()
5096 ssec->sid, osec->sid, osec->sclass, SOCKET__SENDTO, in selinux_socket_unix_may_send()
5130 u32 sk_sid = sksec->sid; in selinux_sock_rcv_skb_compat()
5154 err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); in selinux_sock_rcv_skb_compat()
5164 u32 sk_sid = sksec->sid; in selinux_socket_sock_rcv_skb()
5283 peer_secid = isec->sid; in selinux_socket_getpeersec_dgram()
5303 sksec->sid = SECINITSID_UNLABELED; in selinux_sk_alloc_security()
5325 newsksec->sid = sksec->sid; in selinux_sk_clone_security()
5339 *secid = sksec->sid; in selinux_sk_getsecid()
5351 isec->sid = sksec->sid; in selinux_sock_graft()
5417 err = selinux_conn_sid(sksec->sid, peer_sid, &conn_sid); in selinux_sctp_assoc_request()
5522 newsksec->sid = ep->secid; in selinux_sctp_sk_clone()
5540 err = selinux_conn_sid(sksec->sid, peersid, &connsid); in selinux_inet_conn_request()
5554 newsksec->sid = req->secid; in selinux_inet_csk_clone()
5578 static int selinux_secmark_relabel_packet(u32 sid) in selinux_secmark_relabel_packet() argument
5584 tsid = __tsec->sid; in selinux_secmark_relabel_packet()
5587 tsid, sid, SECCLASS_PACKET, PACKET__RELABELTO, in selinux_secmark_relabel_packet()
5614 tunsec->sid = current_sid(); in selinux_tun_dev_alloc_security()
5627 u32 sid = current_sid(); in selinux_tun_dev_create() local
5637 sid, sid, SECCLASS_TUN_SOCKET, TUN_SOCKET__CREATE, in selinux_tun_dev_create()
5646 current_sid(), tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_attach_queue()
5662 sksec->sid = tunsec->sid; in selinux_tun_dev_attach()
5671 u32 sid = current_sid(); in selinux_tun_dev_open() local
5675 sid, tunsec->sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_open()
5680 sid, sid, SECCLASS_TUN_SOCKET, in selinux_tun_dev_open()
5684 tunsec->sid = sid; in selinux_tun_dev_open()
5769 u32 sid; in selinux_ip_output() local
5798 sid = sksec->sid; in selinux_ip_output()
5800 sid = SECINITSID_KERNEL; in selinux_ip_output()
5801 if (selinux_netlbl_skbuff_setsid(skb, family, sid) != 0) in selinux_ip_output()
5847 sksec->sid, skb->secmark, in selinux_ip_postroute_compat()
5851 if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto)) in selinux_ip_postroute_compat()
5951 if (selinux_conn_sid(sksec->sid, skb_sid, &peer_sid)) in selinux_ip_postroute()
5958 peer_sid = sksec->sid; in selinux_ip_postroute()
6076 isec->sid = current_sid(); in ipc_init_security()
6084 u32 sid = current_sid(); in ipc_has_perm() local
6092 sid, isec->sid, isec->sclass, perms, &ad); in ipc_has_perm()
6100 msec->sid = SECINITSID_UNLABELED; in selinux_msg_msg_alloc_security()
6110 u32 sid = current_sid(); in selinux_msg_queue_alloc_security() local
6120 sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_alloc_security()
6129 u32 sid = current_sid(); in selinux_msg_queue_associate() local
6137 sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_associate()
6177 u32 sid = current_sid(); in selinux_msg_queue_msgsnd() local
6186 if (msec->sid == SECINITSID_UNLABELED) { in selinux_msg_queue_msgsnd()
6191 rc = security_transition_sid(&selinux_state, sid, isec->sid, in selinux_msg_queue_msgsnd()
6192 SECCLASS_MSG, NULL, &msec->sid); in selinux_msg_queue_msgsnd()
6202 sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6207 sid, msec->sid, SECCLASS_MSG, in selinux_msg_queue_msgsnd()
6212 msec->sid, isec->sid, SECCLASS_MSGQ, in selinux_msg_queue_msgsnd()
6225 u32 sid = task_sid_obj(target); in selinux_msg_queue_msgrcv() local
6235 sid, isec->sid, in selinux_msg_queue_msgrcv()
6239 sid, msec->sid, in selinux_msg_queue_msgrcv()
6249 u32 sid = current_sid(); in selinux_shm_alloc_security() local
6259 sid, isec->sid, SECCLASS_SHM, in selinux_shm_alloc_security()
6268 u32 sid = current_sid(); in selinux_shm_associate() local
6276 sid, isec->sid, SECCLASS_SHM, in selinux_shm_associate()
6334 u32 sid = current_sid(); in selinux_sem_alloc_security() local
6344 sid, isec->sid, SECCLASS_SEM, in selinux_sem_alloc_security()
6353 u32 sid = current_sid(); in selinux_sem_associate() local
6361 sid, isec->sid, SECCLASS_SEM, in selinux_sem_associate()
6442 *secid = isec->sid; in selinux_ipc_getsecid()
6455 u32 sid; in selinux_getprocattr() local
6464 current_sid(), __tsec->sid, in selinux_getprocattr()
6471 sid = __tsec->sid; in selinux_getprocattr()
6473 sid = __tsec->osid; in selinux_getprocattr()
6475 sid = __tsec->exec_sid; in selinux_getprocattr()
6477 sid = __tsec->create_sid; in selinux_getprocattr()
6479 sid = __tsec->keycreate_sid; in selinux_getprocattr()
6481 sid = __tsec->sockcreate_sid; in selinux_getprocattr()
6488 if (!sid) in selinux_getprocattr()
6491 error = security_sid_to_context(&selinux_state, sid, value, &len); in selinux_getprocattr()
6505 u32 mysid = current_sid(), sid = 0, ptsid; in selinux_setprocattr() local
6544 &sid, GFP_KERNEL); in selinux_setprocattr()
6569 value, size, &sid); in selinux_setprocattr()
6587 tsec->exec_sid = sid; in selinux_setprocattr()
6589 tsec->create_sid = sid; in selinux_setprocattr()
6591 if (sid) { in selinux_setprocattr()
6592 error = avc_has_perm(&selinux_state, mysid, sid, in selinux_setprocattr()
6597 tsec->keycreate_sid = sid; in selinux_setprocattr()
6599 tsec->sockcreate_sid = sid; in selinux_setprocattr()
6602 if (sid == 0) in selinux_setprocattr()
6609 tsec->sid, sid); in selinux_setprocattr()
6616 tsec->sid, sid, SECCLASS_PROCESS, in selinux_setprocattr()
6626 ptsid, sid, SECCLASS_PROCESS, in selinux_setprocattr()
6632 tsec->sid = sid; in selinux_setprocattr()
6721 ksec->sid = tsec->keycreate_sid; in selinux_key_alloc()
6723 ksec->sid = tsec->sid; in selinux_key_alloc()
6743 u32 perm, sid; in selinux_key_permission() local
6775 sid = cred_sid(cred); in selinux_key_permission()
6780 sid, ksec->sid, SECCLASS_KEY, perm, NULL); in selinux_key_permission()
6790 rc = security_sid_to_context(&selinux_state, ksec->sid, in selinux_key_getsecurity()
6802 u32 sid = current_sid(); in selinux_watch_key() local
6805 sid, ksec->sid, SECCLASS_KEY, KEY__VIEW, NULL); in selinux_watch_key()
6815 u32 sid = 0; in selinux_ib_pkey_access() local
6819 err = sel_ib_pkey_sid(subnet_prefix, pkey_val, &sid); in selinux_ib_pkey_access()
6828 sec->sid, sid, in selinux_ib_pkey_access()
6838 u32 sid = 0; in selinux_ib_endport_manage_subnet() local
6843 &sid); in selinux_ib_endport_manage_subnet()
6853 sec->sid, sid, in selinux_ib_endport_manage_subnet()
6865 sec->sid = current_sid(); in selinux_ib_alloc_security()
6881 u32 sid = current_sid(); in selinux_bpf() local
6887 sid, sid, SECCLASS_BPF, BPF__MAP_CREATE, in selinux_bpf()
6892 sid, sid, SECCLASS_BPF, BPF__PROG_LOAD, in selinux_bpf()
6922 static int bpf_fd_pass(struct file *file, u32 sid) in bpf_fd_pass() argument
6933 sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6941 sid, bpfsec->sid, SECCLASS_BPF, in bpf_fd_pass()
6951 u32 sid = current_sid(); in selinux_bpf_map() local
6956 sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_map()
6962 u32 sid = current_sid(); in selinux_bpf_prog() local
6967 sid, bpfsec->sid, SECCLASS_BPF, in selinux_bpf_prog()
6979 bpfsec->sid = current_sid(); in selinux_bpf_map_alloc()
7001 bpfsec->sid = current_sid(); in selinux_bpf_prog_alloc()
7019 u32 sid = current_sid(); in selinux_lockdown() local
7036 sid, sid, SECCLASS_LOCKDOWN, in selinux_lockdown()
7040 sid, sid, SECCLASS_LOCKDOWN, in selinux_lockdown()
7056 u32 requested, sid = current_sid(); in selinux_perf_event_open() local
7069 return avc_has_perm(&selinux_state, sid, sid, SECCLASS_PERF_EVENT, in selinux_perf_event_open()
7081 perfsec->sid = current_sid(); in selinux_perf_event_alloc()
7098 u32 sid = current_sid(); in selinux_perf_event_read() local
7100 return avc_has_perm(&selinux_state, sid, perfsec->sid, in selinux_perf_event_read()
7107 u32 sid = current_sid(); in selinux_perf_event_write() local
7109 return avc_has_perm(&selinux_state, sid, perfsec->sid, in selinux_perf_event_write()