Home
last modified time | relevance | path

Searched refs:secid (Results 1 – 25 of 54) sorted by relevance

123

/openbmc/linux/security/apparmor/
H A Dsecid.c47 void aa_secid_update(u32 secid, struct aa_label *label) in aa_secid_update() argument
52 __xa_store(&aa_secids, secid, label, 0); in aa_secid_update()
59 struct aa_label *aa_secid_to_label(u32 secid) in aa_secid_to_label() argument
61 return xa_load(&aa_secids, secid); in aa_secid_to_label()
64 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) in apparmor_secid_to_secctx() argument
67 struct aa_label *label = aa_secid_to_label(secid); in apparmor_secid_to_secctx()
93 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) in apparmor_secctx_to_secid() argument
101 *secid = label->secid; in apparmor_secctx_to_secid()
125 ret = __xa_alloc(&aa_secids, &label->secid, label, in aa_alloc_secid()
130 label->secid = AA_SECID_INVALID; in aa_alloc_secid()
[all …]
H A Dnet.c205 secmark->secid = AA_SECID_WILDCARD; in apparmor_secmark_init()
216 secmark->secid = label->secid; in apparmor_secmark_init()
221 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, in aa_secmark_perm() argument
233 if (!rules->secmark[i].secid) { in aa_secmark_perm()
239 if (rules->secmark[i].secid == secid || in aa_secmark_perm()
240 rules->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
257 u32 secid, const struct sock *sk) in apparmor_secmark_check() argument
263 aa_secmark_perm(profile, request, secid, in apparmor_secmark_check()
/openbmc/linux/net/netfilter/
H A Dxt_SECMARK.c33 secmark = info->secid; in secmark_tg()
48 info->secid = 0; in checkentry_lsm()
51 &info->secid); in checkentry_lsm()
59 if (!info->secid) { in checkentry_lsm()
65 err = security_secmark_relabel_packet(info->secid); in checkentry_lsm()
129 info->secid = newinfo.secid; in secmark_tg_check_v0()
139 .secid = info->secid, in secmark_tg_v0()
175 .usersize = offsetof(struct xt_secmark_target_info_v1, secid),
197 .usersize = offsetof(struct xt_secmark_target_info_v1, secid),
/openbmc/linux/security/apparmor/include/
H A Dsecid.h27 struct aa_label *aa_secid_to_label(u32 secid);
28 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
29 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
34 void aa_free_secid(u32 secid);
35 void aa_secid_update(u32 secid, struct aa_label *label);
H A Dnet.h86 u32 secid; member
114 u32 secid, const struct sock *sk);
/openbmc/linux/security/integrity/ima/
H A Dima_main.c208 u32 secid, char *buf, loff_t size, int mask, in process_measurement() argument
233 action = ima_get_action(file_mnt_idmap(file), inode, cred, secid, in process_measurement()
433 u32 secid; in ima_file_mmap() local
439 security_current_getsecid_subj(&secid); in ima_file_mmap()
442 ret = process_measurement(file, current_cred(), secid, NULL, in ima_file_mmap()
449 return process_measurement(file, current_cred(), secid, NULL, in ima_file_mmap()
478 u32 secid; in ima_file_mprotect() local
486 security_current_getsecid_subj(&secid); in ima_file_mprotect()
489 current_cred(), secid, MAY_EXEC, MMAP_CHECK, in ima_file_mprotect()
492 current_cred(), secid, MAY_EXEC, in ima_file_mprotect()
[all …]
H A Dima.h259 const struct cred *cred, u32 secid, int mask,
290 const struct cred *cred, u32 secid, enum ima_hooks func,
442 static inline int ima_filter_rule_match(u32 secid, u32 field, u32 op, in ima_filter_rule_match() argument
/openbmc/linux/net/netlabel/
H A Dnetlabel_unlabeled.c69 u32 secid; member
77 u32 secid; member
234 u32 secid) in netlbl_unlhsh_add_addr4() argument
246 entry->secid = secid; in netlbl_unlhsh_add_addr4()
274 u32 secid) in netlbl_unlhsh_add_addr6() argument
290 entry->secid = secid; in netlbl_unlhsh_add_addr6()
369 u32 secid, in netlbl_unlhsh_add() argument
411 ret_val = netlbl_unlhsh_add_addr4(iface, addr4, mask4, secid); in netlbl_unlhsh_add()
424 ret_val = netlbl_unlhsh_add_addr6(iface, addr6, mask6, secid); in netlbl_unlhsh_add()
441 if (security_secid_to_secctx(secid, in netlbl_unlhsh_add()
[all …]
H A Dnetlabel_user.c101 if (audit_info->secid != 0 && in netlbl_audit_start_common()
102 security_secid_to_secctx(audit_info->secid, in netlbl_audit_start_common()
H A Dnetlabel_user.h35 security_current_getsecid_subj(&audit_info->secid); in netlbl_netlink_auditinfo()
H A Dnetlabel_unlabeled.h214 u32 secid,
/openbmc/linux/drivers/dio/
H A Ddio.c124 u_char prid, secid, i; in dio_find() local
153 secid = DIO_SECID(va); in dio_find()
154 id = DIO_ENCODE_ID(prid, secid); in dio_find()
199 u_char prid, secid = 0; /* primary, secondary ID bytes */ in dio_init() local
244 secid = DIO_SECID(va); in dio_init()
245 dev->id = DIO_ENCODE_ID(prid, secid); in dio_init()
253 printk(":%02X", secid); in dio_init()
/openbmc/linux/include/linux/
H A Dsecurity.h383 void security_inode_getsecid(struct inode *inode, u32 *secid);
413 void security_cred_getsecid(const struct cred *c, u32 *secid);
414 int security_kernel_act_as(struct cred *new, u32 secid);
433 void security_current_getsecid_subj(u32 *secid);
434 void security_task_getsecid_obj(struct task_struct *p, u32 *secid);
452 void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
481 int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
482 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
952 static inline void security_inode_getsecid(struct inode *inode, u32 *secid) in security_inode_getsecid() argument
954 *secid = 0; in security_inode_getsecid()
[all …]
H A Dlsm_hook_defs.h164 LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid)
199 LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid)
200 LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid)
218 LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid)
220 struct task_struct *p, u32 *secid)
240 u32 *secid)
271 LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata,
273 LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid)
317 struct sk_buff *skb, u32 *secid)
322 LSM_HOOK(void, LSM_RET_VOID, sk_getsecid, const struct sock *sk, u32 *secid)
[all …]
/openbmc/linux/include/uapi/linux/netfilter/
H A Dxt_SECMARK.h19 __u32 secid; member
26 __u32 secid; member
/openbmc/linux/security/
H A Dsecurity.c2490 void security_inode_getsecid(struct inode *inode, u32 *secid) in security_inode_getsecid() argument
2492 call_void_hook(inode_getsecid, inode, secid); in security_inode_getsecid()
2999 void security_cred_getsecid(const struct cred *c, u32 *secid) in security_cred_getsecid() argument
3001 *secid = 0; in security_cred_getsecid()
3002 call_void_hook(cred_getsecid, c, secid); in security_cred_getsecid()
3016 int security_kernel_act_as(struct cred *new, u32 secid) in security_kernel_act_as() argument
3018 return call_int_hook(kernel_act_as, 0, new, secid); in security_kernel_act_as()
3257 void security_current_getsecid_subj(u32 *secid) in security_current_getsecid_subj() argument
3259 *secid = 0; in security_current_getsecid_subj()
3260 call_void_hook(current_getsecid_subj, secid); in security_current_getsecid_subj()
[all …]
/openbmc/linux/fs/cachefiles/
H A Dsecurity.c21 _enter("{%u}", cache->have_secid ? cache->secid : 0); in cachefiles_get_security_ID()
30 ret = set_security_override(new, cache->secid); in cachefiles_get_security_ID()
/openbmc/linux/security/selinux/
H A Dxfrm.c342 struct xfrm_sec_ctx *polsec, u32 secid) in selinux_xfrm_state_alloc_acquire() argument
352 if (secid == 0) in selinux_xfrm_state_alloc_acquire()
355 rc = security_sid_to_context(secid, &ctx_str, in selinux_xfrm_state_alloc_acquire()
368 ctx->ctx_sid = secid; in selinux_xfrm_state_alloc_acquire()
H A Dnetlabel.c110 (secattr->attr.secid == sid)) in selinux_netlbl_sock_getattr()
289 rc = security_netlbl_sid_to_secattr(asoc->secid, &secattr); in selinux_netlbl_sctp_assoc_request()
337 rc = security_netlbl_sid_to_secattr(req->secid, &secattr); in selinux_netlbl_inet_conn_request()
/openbmc/linux/Documentation/networking/
H A Dsecid.rst4 LSM/SeLinux secid
9 The secid member in the flow structure is used in LSMs (e.g. SELinux) to indicate
/openbmc/linux/include/net/
H A Dscm.h37 u32 secid; /* Passed security ID */ member
50 security_socket_getpeersec_dgram(sock, NULL, &scm->secid); in unix_get_peersec_dgram()
101 err = security_secid_to_secctx(scm->secid, &secdata, &seclen); in scm_passec()
H A Dnetlabel.h100 u32 secid; member
204 u32 secid; member
418 u32 secid,
526 u32 secid, in netlbl_cfg_unlbl_static_add() argument
/openbmc/linux/kernel/
H A Dcred.c685 int set_security_override(struct cred *new, u32 secid) in set_security_override() argument
687 return security_kernel_act_as(new, secid); in set_security_override()
703 u32 secid; in set_security_override_from_ctx() local
706 ret = security_secctx_to_secid(secctx, strlen(secctx), &secid); in set_security_override_from_ctx()
710 return set_security_override(new, secid); in set_security_override_from_ctx()
/openbmc/linux/security/smack/
H A Dsmack_lsm.c1622 static void smack_inode_getsecid(struct inode *inode, u32 *secid) in smack_inode_getsecid() argument
1626 *secid = skp->smk_secid; in smack_inode_getsecid()
2112 static void smack_cred_getsecid(const struct cred *cred, u32 *secid) in smack_cred_getsecid() argument
2118 *secid = skp->smk_secid; in smack_cred_getsecid()
2129 static int smack_kernel_act_as(struct cred *new, u32 secid) in smack_kernel_act_as() argument
2133 new_tsp->smk_task = smack_from_secid(secid); in smack_kernel_act_as()
2218 static void smack_current_getsecid_subj(u32 *secid) in smack_current_getsecid_subj() argument
2222 *secid = skp->smk_secid; in smack_current_getsecid_subj()
2232 static void smack_task_getsecid_obj(struct task_struct *p, u32 *secid) in smack_task_getsecid_obj() argument
2236 *secid = skp->smk_secid; in smack_task_getsecid_obj()
[all …]
H A Dsmack_access.c524 skp->smk_netlabel.attr.secid = skp->smk_secid; in smack_populate_secattr()
610 struct smack_known *smack_from_secid(const u32 secid) in smack_from_secid() argument
616 if (skp->smk_secid == secid) { in smack_from_secid()

123