Lines Matching full:security

3  *  NSA Security-Enhanced Linux (SELinux) security module
29 * 3. Testing addition of sk_policy's with security context via setsockopt
33 #include <linux/security.h>
63 * Returns true if the xfrm contains a security blob for SELinux.
67 return selinux_authorizable_ctx(x->security); in selinux_authorizable_xfrm()
71 * Allocates a xfrm_sec_state and populates it using the supplied security
183 if (!xp->security) in selinux_xfrm_state_pol_flow_match()
184 if (x->security) in selinux_xfrm_state_pol_flow_match()
191 if (!x->security) in selinux_xfrm_state_pol_flow_match()
199 state_sid = x->security->ctx_sid; in selinux_xfrm_state_pol_flow_match()
224 return x->security->ctx_sid; in selinux_xfrm_skb_sid_egress()
239 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_skb_sid_ingress()
293 * LSM hook implementation that copies security data structure from old to new
315 * LSM hook implementation that frees xfrm_sec_ctx security information.
332 * the supplied security context, and assigns it to the xfrm_state.
337 return selinux_xfrm_alloc_user(&x->security, uctx, GFP_KERNEL); in selinux_xfrm_state_alloc()
375 x->security = ctx; in selinux_xfrm_state_alloc_acquire()
383 * LSM hook implementation that frees xfrm_state security information.
387 selinux_xfrm_free(x->security); in selinux_xfrm_state_free()
395 return selinux_xfrm_delete(x->security); in selinux_xfrm_state_delete()
417 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_sock_rcv_skb()
434 * If we have no security association, then we need to determine
436 * If we do have a authorizable security association, then it has already been