Lines Matching full:sid
792 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_validatetrans()
800 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_validatetrans()
808 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_validatetrans()
886 pr_err("SELinux: %s: unrecognized SID %u\n", in security_bounded_transition()
894 pr_err("SELinux: %s: unrecognized SID %u\n", in security_bounded_transition()
1047 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_xperms_decision()
1054 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_xperms_decision()
1108 * SID pair (@ssid, @tsid) for the permissions in @tclass.
1135 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_av()
1146 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_av()
1191 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_av_user()
1202 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_av_user()
1318 const char *security_get_initial_sid_context(u32 sid) in security_get_initial_sid_context() argument
1320 if (unlikely(sid > SECINITSID_NUM)) in security_get_initial_sid_context()
1322 return initial_sid_to_string[sid]; in security_get_initial_sid_context()
1326 u32 sid, char **scontext, in security_sid_to_context_core() argument
1341 if (sid <= SECINITSID_NUM) { in security_sid_to_context_core()
1343 const char *s = initial_sid_to_string[sid]; in security_sid_to_context_core()
1357 "load_policy on unknown SID %d\n", __func__, sid); in security_sid_to_context_core()
1366 entry = sidtab_search_entry_force(sidtab, sid); in security_sid_to_context_core()
1368 entry = sidtab_search_entry(sidtab, sid); in security_sid_to_context_core()
1370 pr_err("SELinux: %s: unrecognized SID %d\n", in security_sid_to_context_core()
1371 __func__, sid); in security_sid_to_context_core()
1388 * security_sid_to_context - Obtain a context for a given SID.
1390 * @sid: security identifier, SID
1394 * Write the string representation of the context associated with @sid
1399 u32 sid, char **scontext, u32 *scontext_len) in security_sid_to_context() argument
1401 return security_sid_to_context_core(state, sid, scontext, in security_sid_to_context()
1405 int security_sid_to_context_force(struct selinux_state *state, u32 sid, in security_sid_to_context_force() argument
1408 return security_sid_to_context_core(state, sid, scontext, in security_sid_to_context_force()
1413 * security_sid_to_context_inval - Obtain a context for a given SID if it
1416 * @sid: security identifier, SID
1420 * Write the string representation of the context associated with @sid
1426 int security_sid_to_context_inval(struct selinux_state *state, u32 sid, in security_sid_to_context_inval() argument
1429 return security_sid_to_context_core(state, sid, scontext, in security_sid_to_context_inval()
1516 u32 *sid, u32 def_sid, gfp_t gfp_flags, in security_context_to_sid_core() argument
1542 *sid = i; in security_context_to_sid_core()
1546 *sid = SECINITSID_KERNEL; in security_context_to_sid_core()
1549 *sid = SECSID_NULL; in security_context_to_sid_core()
1571 rc = sidtab_context_to_sid(sidtab, &context, sid); in security_context_to_sid_core()
1591 * security_context_to_sid - Obtain a SID for a given security context.
1595 * @sid: security identifier, SID
1598 * Obtains a SID associated with the security context that
1604 const char *scontext, u32 scontext_len, u32 *sid, in security_context_to_sid() argument
1608 sid, SECSID_NULL, gfp, 0); in security_context_to_sid()
1612 const char *scontext, u32 *sid, gfp_t gfp) in security_context_str_to_sid() argument
1615 sid, gfp); in security_context_str_to_sid()
1619 * security_context_to_sid_default - Obtain a SID for a given security context,
1625 * @sid: security identifier, SID
1626 * @def_sid: default SID to assign on error
1629 * Obtains a SID associated with the security context that
1631 * The default SID is passed to the MLS layer to be used to allow
1640 u32 *sid, u32 def_sid, gfp_t gfp_flags) in security_context_to_sid_default() argument
1643 sid, def_sid, gfp_flags, 1); in security_context_to_sid_default()
1648 u32 *sid) in security_context_to_sid_force() argument
1651 sid, SECSID_NULL, GFP_KERNEL, 1); in security_context_to_sid_force()
1779 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_sid()
1786 pr_err("SELinux: %s: unrecognized SID %d\n", in security_compute_sid()
1901 /* Obtain the sid for the context. */ in security_compute_sid()
1916 * security_transition_sid - Compute the SID for a new subject/object.
1924 * Compute a SID to use for labeling a new subject or object in the
1925 * class @tclass based on a SID pair (@ssid, @tsid).
1927 * if insufficient memory is available, or %0 if the new SID was
1949 * security_member_sid - Compute the SID for member selection.
1956 * Compute a SID to use when selecting a member of a polyinstantiated
1957 * object of class @tclass based on a SID pair (@ssid, @tsid).
1959 * if insufficient memory is available, or %0 if the SID was
1974 * security_change_sid - Compute the SID for object relabeling.
1981 * Compute a SID to use for relabeling an object of class @tclass
1982 * based on a SID pair (@ssid, @tsid).
1984 * if insufficient memory is available, or %0 if the SID was
2111 while (oc && oc->sid[0] != SECINITSID_UNLABELED) in convert_context()
2281 * validate it and convert the SID table as necessary.
2344 * in the new SID table. in security_load_policy()
2357 " representation of contexts in the new SID" in security_load_policy()
2383 * ocontext_to_sid - Helper to safely get sid for an ocontext
2384 * @sidtab: SID table
2387 * @out_sid: pointer to the resulting SID value
2389 * For all ocontexts except OCON_ISID the SID fields are populated
2390 * on-demand when needed. Since updating the SID value is an SMP-sensitive
2400 u32 sid; in ocontext_to_sid() local
2403 sid = smp_load_acquire(&c->sid[index]); in ocontext_to_sid()
2404 if (!sid) { in ocontext_to_sid()
2405 rc = sidtab_context_to_sid(sidtab, &c->context[index], &sid); in ocontext_to_sid()
2411 * when they see the SID. in ocontext_to_sid()
2413 smp_store_release(&c->sid[index], sid); in ocontext_to_sid()
2415 *out_sid = sid; in ocontext_to_sid()
2420 * security_port_sid - Obtain the SID for a port.
2474 * security_ib_pkey_sid - Obtain the SID for a pkey.
2528 * security_ib_endport_sid - Obtain the SID for a subnet management interface.
2583 * security_netif_sid - Obtain the SID for a network interface.
2586 * @if_sid: interface SID
2646 * security_node_sid - Obtain the SID for a node (host).
2737 * @fromsid: starting SID
2759 u32 *mysids = NULL, *mysids2, sid; in security_get_user_sids() local
2807 rc = sidtab_context_to_sid(sidtab, &usercon, &sid); in security_get_user_sids()
2815 mysids[mynel++] = sid; in security_get_user_sids()
2825 mysids[mynel++] = sid; in security_get_user_sids()
2861 * __security_genfs_sid - Helper to obtain a SID for a file in a filesystem
2866 * @sid: SID for path
2868 * Obtain a SID to use for a file in a filesystem that
2879 u32 *sid) in __security_genfs_sid() argument
2893 *sid = SECINITSID_UNLABELED; in __security_genfs_sid()
2914 return ocontext_to_sid(sidtab, c, 0, sid); in __security_genfs_sid()
2918 * security_genfs_sid - Obtain a SID for a file in a filesystem
2923 * @sid: SID for path
2932 u32 *sid) in security_genfs_sid() argument
2938 *sid = SECINITSID_UNLABELED; in security_genfs_sid()
2946 orig_sclass, sid); in security_genfs_sid()
2956 u32 *sid) in selinux_policy_genfs_sid() argument
2959 return __security_genfs_sid(policy, fstype, path, orig_sclass, sid); in selinux_policy_genfs_sid()
2979 sbsec->sid = SECINITSID_UNLABELED; in security_fs_use()
2998 rc = ocontext_to_sid(sidtab, c, 0, &sbsec->sid); in security_fs_use()
3007 SECCLASS_DIR, &sbsec->sid); in security_fs_use()
3205 * security_sid_mls_copy() - computes a new sid based on the given
3206 * sid and the mls portion of mls_sid.
3209 u32 sid, u32 mls_sid, u32 *new_sid) in security_sid_mls_copy() argument
3222 *new_sid = sid; in security_sid_mls_copy()
3236 *new_sid = sid; in security_sid_mls_copy()
3241 context1 = sidtab_search(sidtab, sid); in security_sid_mls_copy()
3243 pr_err("SELinux: %s: unrecognized SID %d\n", in security_sid_mls_copy()
3244 __func__, sid); in security_sid_mls_copy()
3251 pr_err("SELinux: %s: unrecognized SID %d\n", in security_sid_mls_copy()
3300 * @nlbl_sid: NetLabel SID
3302 * @xfrm_sid: XFRM SID
3303 * @peer_sid: network peer sid
3307 * resolved into a single SID it is returned via @peer_sid and the function
3311 * | function return | @sid
3335 * single or absent peer SID/label */ in security_net_peersid_resolve()
3341 * and is treated as if nlbl_sid == SECSID_NULL when a XFRM SID/label in security_net_peersid_resolve()
3369 pr_err("SELinux: %s: unrecognized SID %d\n", in security_net_peersid_resolve()
3376 pr_err("SELinux: %s: unrecognized SID %d\n", in security_net_peersid_resolve()
3385 * information so if the MLS portion of the NetLabel SID in security_net_peersid_resolve()
3386 * matches the MLS portion of the labeled XFRM SID/label in security_net_peersid_resolve()
3387 * then pass along the XFRM SID as it is the most in security_net_peersid_resolve()
3693 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule) in selinux_audit_rule_match() argument
3719 ctxt = sidtab_search(policy->sidtab, sid); in selinux_audit_rule_match()
3721 WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n", in selinux_audit_rule_match()
3722 sid); in selinux_audit_rule_match()
3830 * @sid: the SELinux SID
3839 u32 sid) in security_netlbl_cache_add() argument
3852 *sid_cache = sid; in security_netlbl_cache_add()
3859 * security_netlbl_secattr_to_sid - Convert a NetLabel secattr to a SELinux SID
3862 * @sid: the SELinux SID
3866 * SELinux SID. If the @secattr field does not contain a full SELinux
3867 * SID/context then use SECINITSID_NETMSG as the foundation. If possible the
3869 * allow the @secattr to be used by NetLabel to cache the secattr to SID
3876 u32 *sid) in security_netlbl_secattr_to_sid() argument
3886 *sid = SECSID_NULL; in security_netlbl_secattr_to_sid()
3898 *sid = *(u32 *)secattr->cache->data; in security_netlbl_secattr_to_sid()
3900 *sid = secattr->attr.secid; in security_netlbl_secattr_to_sid()
3923 rc = sidtab_context_to_sid(sidtab, &ctx_new, sid); in security_netlbl_secattr_to_sid()
3932 security_netlbl_cache_add(secattr, *sid); in security_netlbl_secattr_to_sid()
3934 *sid = SECSID_NULL; in security_netlbl_secattr_to_sid()
3942 * security_netlbl_sid_to_secattr - Convert a SELinux SID to a NetLabel secattr
3944 * @sid: the SELinux SID
3948 * Convert the given SELinux SID in @sid into a NetLabel security attribute.
3953 u32 sid, struct netlbl_lsm_secattr *secattr) in security_netlbl_sid_to_secattr() argument
3968 ctx = sidtab_search(policy->sidtab, sid); in security_netlbl_sid_to_secattr()
3978 secattr->attr.secid = sid; in security_netlbl_sid_to_secattr()