hooks.c - OpenGrok cross reference for /openbmc/linux/security/selinux/hooks.c

Deleted Added

sdiffudifftextold (44f10dbe..)new (6bcdfd2c..)

hooks.c (44f10dbefd5e41b3385af91f855a57aa2afaf40e)	hooks.c (6bcdfd2cac5559c680aef8dd4c5facada55ab623)
1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * NSA Security-Enhanced Linux (SELinux) security module 4 * 5 * This file contains the SELinux hook function implementations. 6 * 7 * Authors: Stephen Smalley, <sds@tycho.nsa.gov> 8 * Chris Vance, <cvance@nai.com> --- 90 unchanged lines hidden (view full) --- 99#include "netnode.h" 100#include "netport.h" 101#include "ibpkey.h" 102#include "xfrm.h" 103#include "netlabel.h" 104#include "audit.h" 105#include "avc_ss.h" 106	1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * NSA Security-Enhanced Linux (SELinux) security module 4 * 5 * This file contains the SELinux hook function implementations. 6 * 7 * Authors: Stephen Smalley, <sds@tycho.nsa.gov> 8 * Chris Vance, <cvance@nai.com> --- 90 unchanged lines hidden (view full) --- 99#include "netnode.h" 100#include "netport.h" 101#include "ibpkey.h" 102#include "xfrm.h" 103#include "netlabel.h" 104#include "audit.h" 105#include "avc_ss.h" 106
	107#define SELINUX_INODE_INIT_XATTRS 1 108
107struct selinux_state selinux_state; 108 109/* SECMARK reference count / 110static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); 111 112#ifdef CONFIG_SECURITY_SELINUX_DEVELOP 113static int selinux_enforcing_boot __initdata; 114 --- 2727 unchanged lines hidden* (view full) --- 2842 2843 tsec = selinux_cred(new); 2844 tsec->create_sid = newsid; 2845 return 0; 2846} 2847 2848static int selinux_inode_init_security(struct inode inode, struct inode dir, 2849 const struct qstr *qstr,	109struct selinux_state selinux_state; 110 111/* SECMARK reference count / 112static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); 113 114#ifdef CONFIG_SECURITY_SELINUX_DEVELOP 115static int selinux_enforcing_boot __initdata; 116 --- 2727 unchanged lines hidden* (view full) --- 2844 2845 tsec = selinux_cred(new); 2846 tsec->create_sid = newsid; 2847 return 0; 2848} 2849 2850static int selinux_inode_init_security(struct inode inode, struct inode dir, 2851 const struct qstr *qstr,
2850 const char name, 2851 void value, size_t *len)	2852 struct xattr xattrs, int xattr_count)
2852{ 2853 const struct task_security_struct tsec = selinux_cred(current_cred()); 2854 struct superblock_security_struct sbsec;	2853{ 2854 const struct task_security_struct tsec = selinux_cred(current_cred()); 2855 struct superblock_security_struct sbsec;
	2856 struct xattr *xattr = lsm_get_xattr_slot(xattrs, xattr_count);
2855 u32 newsid, clen; 2856 int rc; 2857 char context; 2858 2859 sbsec = selinux_superblock(dir->i_sb); 2860 2861 newsid = tsec->create_sid; 2862 --- 10 unchanged lines hidden* (view full) --- 2873 isec->sid = newsid; 2874 isec->initialized = LABEL_INITIALIZED; 2875 } 2876 2877 if (!selinux_initialized() \|\| 2878 !(sbsec->flags & SBLABEL_MNT)) 2879 return -EOPNOTSUPP; 2880	2857 u32 newsid, clen; 2858 int rc; 2859 char context; 2860 2861 sbsec = selinux_superblock(dir->i_sb); 2862 2863 newsid = tsec->create_sid; 2864 --- 10 unchanged lines hidden* (view full) --- 2875 isec->sid = newsid; 2876 isec->initialized = LABEL_INITIALIZED; 2877 } 2878 2879 if (!selinux_initialized() \|\| 2880 !(sbsec->flags & SBLABEL_MNT)) 2881 return -EOPNOTSUPP; 2882
2881 if (name) 2882 *name = XATTR_SELINUX_SUFFIX; 2883 2884 if (value && len) {	2883 if (xattr) {
2885 rc = security_sid_to_context_force(newsid, 2886 &context, &clen); 2887 if (rc) 2888 return rc;	2884 rc = security_sid_to_context_force(newsid, 2885 &context, &clen); 2886 if (rc) 2887 return rc;
2889 value = context; 2890 len = clen;	2888 xattr->value = context; 2889 xattr->value_len = clen; 2890 xattr->name = XATTR_SELINUX_SUFFIX;
2891 } 2892 2893 return 0; 2894} 2895 2896static int selinux_inode_init_security_anon(struct inode inode, 2897 const struct qstr name, 2898 const struct inode context_inode) --- 3911 unchanged lines hidden* (view full) --- 6810 6811struct lsm_blob_sizes selinux_blob_sizes __ro_after_init = { 6812 .lbs_cred = sizeof(struct task_security_struct), 6813 .lbs_file = sizeof(struct file_security_struct), 6814 .lbs_inode = sizeof(struct inode_security_struct), 6815 .lbs_ipc = sizeof(struct ipc_security_struct), 6816 .lbs_msg_msg = sizeof(struct msg_security_struct), 6817 .lbs_superblock = sizeof(struct superblock_security_struct),	2891 } 2892 2893 return 0; 2894} 2895 2896static int selinux_inode_init_security_anon(struct inode inode, 2897 const struct qstr name, 2898 const struct inode context_inode) --- 3911 unchanged lines hidden* (view full) --- 6810 6811struct lsm_blob_sizes selinux_blob_sizes __ro_after_init = { 6812 .lbs_cred = sizeof(struct task_security_struct), 6813 .lbs_file = sizeof(struct file_security_struct), 6814 .lbs_inode = sizeof(struct inode_security_struct), 6815 .lbs_ipc = sizeof(struct ipc_security_struct), 6816 .lbs_msg_msg = sizeof(struct msg_security_struct), 6817 .lbs_superblock = sizeof(struct superblock_security_struct),
	6818 .lbs_xattr_count = SELINUX_INODE_INIT_XATTRS,
6818}; 6819 6820#ifdef CONFIG_PERF_EVENTS 6821static int selinux_perf_event_open(struct perf_event_attr attr, int type) 6822{ 6823 u32 requested, sid = current_sid(); 6824 6825 if (type == PERF_SECURITY_OPEN) --- 545 unchanged lines hidden* ---	6819}; 6820 6821#ifdef CONFIG_PERF_EVENTS 6822static int selinux_perf_event_open(struct perf_event_attr attr, int type) 6823{ 6824 u32 requested, sid = current_sid(); 6825 6826 if (type == PERF_SECURITY_OPEN) --- 545 unchanged lines hidden* ---