services.c - OpenGrok cross reference for /openbmc/linux/security/selinux/ss/services.c

Deleted Added

sdiffudifftextold (274f62e1..)new (6b6bc620..)

services.c (274f62e1e5c74e7cbc5c965ec02b7c590da4b2fe)	services.c (6b6bc6205d98796361962ee282a063f18ba8dc57)
1/* 2 * Implementation of the security services. 3 * 4 * Authors : Stephen Smalley, <sds@tycho.nsa.gov> 5 * James Morris <jmorris@redhat.com> 6 * 7 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> 8 * --- 2137 unchanged lines hidden (view full) --- 2146 policydb_destroy(policydb); 2147 goto out; 2148 } 2149 2150 security_load_policycaps(state); 2151 state->initialized = 1; 2152 seqno = ++state->ss->latest_granting; 2153 selinux_complete_init();	1/* 2 * Implementation of the security services. 3 * 4 * Authors : Stephen Smalley, <sds@tycho.nsa.gov> 5 * James Morris <jmorris@redhat.com> 6 * 7 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> 8 * --- 2137 unchanged lines hidden (view full) --- 2146 policydb_destroy(policydb); 2147 goto out; 2148 } 2149 2150 security_load_policycaps(state); 2151 state->initialized = 1; 2152 seqno = ++state->ss->latest_granting; 2153 selinux_complete_init();
2154 avc_ss_reset(seqno);	2154 avc_ss_reset(state->avc, seqno);
2155 selnl_notify_policyload(seqno); 2156 selinux_status_update_policyload(state, seqno); 2157 selinux_netlbl_cache_invalidate(); 2158 selinux_xfrm_notify_policyload(); 2159 goto out; 2160 } 2161 2162#if 0 --- 65 unchanged lines hidden (view full) --- 2228 seqno = ++state->ss->latest_granting; 2229 write_unlock_irq(&state->ss->policy_rwlock); 2230 2231 /* Free the old policydb and SID table. */ 2232 policydb_destroy(oldpolicydb); 2233 sidtab_destroy(&oldsidtab); 2234 kfree(oldmapping); 2235	2155 selnl_notify_policyload(seqno); 2156 selinux_status_update_policyload(state, seqno); 2157 selinux_netlbl_cache_invalidate(); 2158 selinux_xfrm_notify_policyload(); 2159 goto out; 2160 } 2161 2162#if 0 --- 65 unchanged lines hidden (view full) --- 2228 seqno = ++state->ss->latest_granting; 2229 write_unlock_irq(&state->ss->policy_rwlock); 2230 2231 /* Free the old policydb and SID table. */ 2232 policydb_destroy(oldpolicydb); 2233 sidtab_destroy(&oldsidtab); 2234 kfree(oldmapping); 2235
2236 avc_ss_reset(seqno);	2236 avc_ss_reset(state->avc, seqno);
2237 selnl_notify_policyload(seqno); 2238 selinux_status_update_policyload(state, seqno); 2239 selinux_netlbl_cache_invalidate(); 2240 selinux_xfrm_notify_policyload(); 2241 2242 rc = 0; 2243 goto out; 2244 --- 399 unchanged lines hidden (view full) --- 2644 rc = -ENOMEM; 2645 mysids2 = kcalloc(mynel, sizeof(*mysids2), GFP_KERNEL); 2646 if (!mysids2) { 2647 kfree(mysids); 2648 goto out; 2649 } 2650 for (i = 0, j = 0; i < mynel; i++) { 2651 struct av_decision dummy_avd;	2237 selnl_notify_policyload(seqno); 2238 selinux_status_update_policyload(state, seqno); 2239 selinux_netlbl_cache_invalidate(); 2240 selinux_xfrm_notify_policyload(); 2241 2242 rc = 0; 2243 goto out; 2244 --- 399 unchanged lines hidden (view full) --- 2644 rc = -ENOMEM; 2645 mysids2 = kcalloc(mynel, sizeof(*mysids2), GFP_KERNEL); 2646 if (!mysids2) { 2647 kfree(mysids); 2648 goto out; 2649 } 2650 for (i = 0, j = 0; i < mynel; i++) { 2651 struct av_decision dummy_avd;
2652 rc = avc_has_perm_noaudit(fromsid, mysids[i],	2652 rc = avc_has_perm_noaudit(state, 2653 fromsid, mysids[i],
2653 SECCLASS_PROCESS, /* kernel value / 2654 PROCESS__TRANSITION, AVC_STRICT, 2655 &dummy_avd); 2656 if (!rc) 2657 mysids2[j++] = mysids[i]; 2658 cond_resched(); 2659 } 2660 rc = 0; --- 241 unchanged lines hidden* (view full) --- 2902 goto out; 2903 } 2904 2905 seqno = ++state->ss->latest_granting; 2906 rc = 0; 2907out: 2908 write_unlock_irq(&state->ss->policy_rwlock); 2909 if (!rc) {	2654 SECCLASS_PROCESS, /* kernel value / 2655 PROCESS__TRANSITION, AVC_STRICT, 2656 &dummy_avd); 2657 if (!rc) 2658 mysids2[j++] = mysids[i]; 2659 cond_resched(); 2660 } 2661 rc = 0; --- 241 unchanged lines hidden* (view full) --- 2903 goto out; 2904 } 2905 2906 seqno = ++state->ss->latest_granting; 2907 rc = 0; 2908out: 2909 write_unlock_irq(&state->ss->policy_rwlock); 2910 if (!rc) {
2910 avc_ss_reset(seqno);	2911 avc_ss_reset(state->avc, seqno);
2911 selnl_notify_policyload(seqno); 2912 selinux_status_update_policyload(state, seqno); 2913 selinux_xfrm_notify_policyload(); 2914 } 2915 return rc; 2916} 2917 2918int security_get_bool_value(struct selinux_state state, --- 810 unchanged lines hidden* ---	2912 selnl_notify_policyload(seqno); 2913 selinux_status_update_policyload(state, seqno); 2914 selinux_xfrm_notify_policyload(); 2915 } 2916 return rc; 2917} 2918 2919int security_get_bool_value(struct selinux_state state, --- 810 unchanged lines hidden* ---