| /Linux-v4.19/security/apparmor/ |
| D | secid.c | 52 void aa_secid_update(u32 secid, struct aa_label *label) in aa_secid_update() argument
57 idr_replace(&aa_secids, label, secid); in aa_secid_update()
65 struct aa_label *aa_secid_to_label(u32 secid) in aa_secid_to_label() argument
70 label = idr_find(&aa_secids, secid); in aa_secid_to_label()
76 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) in apparmor_secid_to_secctx() argument
79 struct aa_label *label = aa_secid_to_label(secid); in apparmor_secid_to_secctx()
104 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) in apparmor_secctx_to_secid() argument
112 *secid = label->secid; in apparmor_secctx_to_secid()
142 label->secid = AA_SECID_INVALID; in aa_alloc_secid()
147 label->secid = ret; in aa_alloc_secid()
[all …]
|
| /Linux-v4.19/security/apparmor/include/ |
| D | secid.h | 25 struct aa_label *aa_secid_to_label(u32 secid);
26 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
27 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
32 void aa_free_secid(u32 secid);
33 void aa_secid_update(u32 secid, struct aa_label *label);
|
| /Linux-v4.19/security/integrity/ima/ |
| D | ima_main.c | 170 u32 secid, char *buf, loff_t size, int mask, in process_measurement() argument
193 action = ima_get_action(inode, cred, secid, mask, func, &pcr); in process_measurement()
336 u32 secid; in ima_file_mmap() local
339 security_task_getsecid(current, &secid); in ima_file_mmap()
340 return process_measurement(file, current_cred(), secid, NULL, in ima_file_mmap()
363 u32 secid; in ima_bprm_check() local
365 security_task_getsecid(current, &secid); in ima_bprm_check()
366 ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, in ima_bprm_check()
371 security_cred_getsecid(bprm->cred, &secid); in ima_bprm_check()
372 return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, in ima_bprm_check()
[all …]
|
| D | ima.h | 194 int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid,
215 int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid,
309 static inline int security_filter_rule_match(u32 secid, u32 field, u32 op, in security_filter_rule_match() argument
|
| D | ima_appraise.c | 53 u32 secid; in ima_must_appraise() local
58 security_task_getsecid(current, &secid); in ima_must_appraise()
59 return ima_match_policy(inode, current_cred(), secid, func, mask, in ima_must_appraise()
|
| D | ima_api.c | 178 int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, in ima_get_action() argument
185 return ima_match_policy(inode, cred, secid, func, mask, flags, pcr); in ima_get_action()
|
| /Linux-v4.19/net/netlabel/ |
| D | netlabel_unlabeled.c | 83 u32 secid; member
91 u32 secid; member
247 u32 secid) in netlbl_unlhsh_add_addr4() argument
259 entry->secid = secid; in netlbl_unlhsh_add_addr4()
287 u32 secid) in netlbl_unlhsh_add_addr6() argument
303 entry->secid = secid; in netlbl_unlhsh_add_addr6()
382 u32 secid, in netlbl_unlhsh_add() argument
424 ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, secid); in netlbl_unlhsh_add()
437 ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, secid); in netlbl_unlhsh_add()
454 if (security_secid_to_secctx(secid, in netlbl_unlhsh_add()
[all …]
|
| D | netlabel_user.c | 115 if (audit_info->secid != 0 && in netlbl_audit_start_common()
116 security_secid_to_secctx(audit_info->secid, in netlbl_audit_start_common()
|
| D | netlabel_user.h | 51 security_task_getsecid(current, &audit_info->secid); in netlbl_netlink_auditinfo()
|
| D | netlabel_unlabeled.h | 228 u32 secid,
|
| /Linux-v4.19/net/netfilter/ |
| D | xt_SECMARK.c | 42 secmark = info->secid; in secmark_tg()
57 info->secid = 0; in checkentry_lsm()
60 &info->secid); in checkentry_lsm()
68 if (!info->secid) { in checkentry_lsm()
74 err = security_secmark_relabel_packet(info->secid); in checkentry_lsm()
|
| /Linux-v4.19/drivers/dio/ |
| D | dio.c | 119 u_char prid, secid, i; in dio_find() local
147 secid = DIO_SECID(va); in dio_find()
148 id = DIO_ENCODE_ID(prid, secid); in dio_find()
194 u_char prid, secid = 0; /* primary, secondary ID bytes */ in dio_init() local
234 secid = DIO_SECID(va); in dio_init()
235 dev->id = DIO_ENCODE_ID(prid, secid); in dio_init()
243 printk(":%02X", secid); in dio_init()
|
| /Linux-v4.19/include/linux/ |
| D | security.h | 315 void security_inode_getsecid(struct inode *inode, u32 *secid);
340 void security_cred_getsecid(const struct cred *c, u32 *secid);
341 int security_kernel_act_as(struct cred *new, u32 secid);
353 void security_task_getsecid(struct task_struct *p, u32 *secid);
370 void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
397 int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
398 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
803 static inline void security_inode_getsecid(struct inode *inode, u32 *secid) in security_inode_getsecid() argument
805 *secid = 0; in security_inode_getsecid()
917 static inline int security_kernel_act_as(struct cred *cred, u32 secid) in security_kernel_act_as() argument
[all …]
|
| D | lsm_hooks.h | 1555 void (*inode_getsecid)(struct inode *inode, u32 *secid);
1585 void (*cred_getsecid)(const struct cred *c, u32 *secid);
1586 int (*kernel_act_as)(struct cred *new, u32 secid);
1598 void (*task_getsecid)(struct task_struct *p, u32 *secid);
1616 void (*ipc_getsecid)(struct kern_ipc_perm *ipcp, u32 *secid);
1652 int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
1653 int (*secctx_to_secid)(const char *secdata, u32 seclen, u32 *secid);
1690 struct sk_buff *skb, u32 *secid);
1694 void (*sk_getsecid)(struct sock *sk, u32 *secid);
1701 int (*secmark_relabel_packet)(u32 secid);
[all …]
|
| /Linux-v4.19/security/ |
| D | security.c | 854 void security_inode_getsecid(struct inode *inode, u32 *secid) in security_inode_getsecid() argument
856 call_void_hook(inode_getsecid, inode, secid); in security_inode_getsecid()
1019 void security_cred_getsecid(const struct cred *c, u32 *secid) in security_cred_getsecid() argument
1021 *secid = 0; in security_cred_getsecid()
1022 call_void_hook(cred_getsecid, c, secid); in security_cred_getsecid()
1026 int security_kernel_act_as(struct cred *new, u32 secid) in security_kernel_act_as() argument
1028 return call_int_hook(kernel_act_as, 0, new, secid); in security_kernel_act_as()
1101 void security_task_getsecid(struct task_struct *p, u32 *secid) in security_task_getsecid() argument
1103 *secid = 0; in security_task_getsecid()
1104 call_void_hook(task_getsecid, p, secid); in security_task_getsecid()
[all …]
|
| /Linux-v4.19/include/net/ |
| D | scm.h | 36 u32 secid; /* Passed security ID */ member
49 security_socket_getpeersec_dgram(sock, NULL, &scm->secid); in unix_get_peersec_dgram()
100 err = security_secid_to_secctx(scm->secid, &secdata, &seclen); in scm_passec()
|
| D | netlabel.h | 114 u32 secid; member
218 u32 secid; member
432 u32 secid,
540 u32 secid, in netlbl_cfg_unlbl_static_add() argument
|
| D | af_unix.h | 38 u32 secid; /* Security ID */ member
|
| /Linux-v4.19/security/selinux/ |
| D | xfrm.c | 347 struct xfrm_sec_ctx *polsec, u32 secid) in selinux_xfrm_state_alloc_acquire() argument
357 if (secid == 0) in selinux_xfrm_state_alloc_acquire()
360 rc = security_sid_to_context(&selinux_state, secid, &ctx_str, in selinux_xfrm_state_alloc_acquire()
373 ctx->ctx_sid = secid; in selinux_xfrm_state_alloc_acquire()
|
| D | netlabel.c | 124 (secattr->attr.secid == sid)) in selinux_netlbl_sock_getattr()
303 ep->secid, &secattr); in selinux_netlbl_sctp_assoc_request()
351 rc = security_netlbl_sid_to_secattr(&selinux_state, req->secid, in selinux_netlbl_inet_conn_request()
|
| /Linux-v4.19/include/uapi/linux/netfilter/ |
| D | xt_SECMARK.h | 19 __u32 secid; member
|
| /Linux-v4.19/kernel/ |
| D | cred.c | 653 int set_security_override(struct cred *new, u32 secid) in set_security_override() argument
655 return security_kernel_act_as(new, secid); in set_security_override()
671 u32 secid; in set_security_override_from_ctx() local
674 ret = security_secctx_to_secid(secctx, strlen(secctx), &secid); in set_security_override_from_ctx()
678 return set_security_override(new, secid); in set_security_override_from_ctx()
|
| /Linux-v4.19/security/smack/ |
| D | smack_lsm.c | 1547 static void smack_inode_getsecid(struct inode *inode, u32 *secid) in smack_inode_getsecid() argument
1551 *secid = skp->smk_secid; in smack_inode_getsecid()
2060 static void smack_cred_getsecid(const struct cred *c, u32 *secid) in smack_cred_getsecid() argument
2066 *secid = skp->smk_secid; in smack_cred_getsecid()
2077 static int smack_kernel_act_as(struct cred *new, u32 secid) in smack_kernel_act_as() argument
2081 new_tsp->smk_task = smack_from_secid(secid); in smack_kernel_act_as()
2167 static void smack_task_getsecid(struct task_struct *p, u32 *secid) in smack_task_getsecid() argument
2171 *secid = skp->smk_secid; in smack_task_getsecid()
3337 static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid) in smack_ipc_getsecid() argument
3341 *secid = iskp->smk_secid; in smack_ipc_getsecid()
[all …]
|
| /Linux-v4.19/Documentation/networking/ |
| D | secid.txt | 3 The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
|
| /Linux-v4.19/security/selinux/include/ |
| D | xfrm.h | 23 struct xfrm_sec_ctx *polsec, u32 secid);
|
