/linux-master/security/apparmor/include/ |
H A D | secid.h | 5 * This file contains AppArmor security identifier (secid) definitions 18 /* secid value that will not be allocated */ 21 /* secid value that matches any other secid */ 24 /* sysctl to enable displaying mode when converting secid to secctx */ 27 struct aa_label *aa_secid_to_label(u32 secid); 28 int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); 29 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); 34 void aa_free_secid(u32 secid); 35 void aa_secid_update(u32 secid, struc [all...] |
H A D | net.h | 90 u32 secid; member in struct:aa_secmark 118 u32 secid, const struct sock *sk);
|
/linux-master/security/apparmor/ |
H A D | secid.c | 5 * This file contains AppArmor security identifier (secid) manipulation fns 9 * AppArmor allocates a unique secid for every label used. If a label 10 * is replaced it receives the secid of the label it is replacing. 22 #include "include/secid.h" 37 * TODO: allow policy to reserve a secid range? 38 * TODO: add secid pinning 43 * aa_secid_update - update a secid mapping to a new label 44 * @secid: secid to update 45 * @label: label the secid wil 47 aa_secid_update(u32 secid, struct aa_label *label) argument 59 aa_secid_to_label(u32 secid) argument 64 apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) argument 93 apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) argument 141 aa_free_secid(u32 secid) argument [all...] |
H A D | net.c | 17 #include "include/secid.h" 205 secmark->secid = AA_SECID_WILDCARD; 216 secmark->secid = label->secid; 221 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, argument 233 if (!rules->secmark[i].secid) { 239 if (rules->secmark[i].secid == secid || 240 rules->secmark[i].secid == AA_SECID_WILDCARD) { 257 u32 secid, cons 256 apparmor_secmark_check(struct aa_label *label, char *op, u32 request, u32 secid, const struct sock *sk) argument [all...] |
H A D | Makefile | 8 resource.o secid.o file.o policy_ns.o label.o mount.o net.o \
|
/linux-master/include/uapi/linux/netfilter/ |
H A D | xt_SECMARK.h | 19 __u32 secid; member in struct:xt_secmark_target_info 26 __u32 secid; member in struct:xt_secmark_target_info_v1
|
/linux-master/net/netfilter/ |
H A D | xt_SECMARK.c | 33 secmark = info->secid; 48 info->secid = 0; 51 &info->secid); 59 if (!info->secid) { 65 err = security_secmark_relabel_packet(info->secid); 129 info->secid = newinfo.secid; 139 .secid = info->secid, 175 .usersize = offsetof(struct xt_secmark_target_info_v1, secid), [all...] |
/linux-master/net/netlabel/ |
H A D | netlabel_user.h | 35 security_current_getsecid_subj(&audit_info->secid);
|
H A D | netlabel_user.c | 101 if (audit_info->secid != 0 && 102 security_secid_to_secctx(audit_info->secid,
|
H A D | netlabel_unlabeled.c | 53 * and addresses of unlabeled packets to a user specified secid value for the 69 u32 secid; member in struct:netlbl_unlhsh_addr4 77 u32 secid; member in struct:netlbl_unlhsh_addr6 223 * @secid: LSM secid value for entry 234 u32 secid) 246 entry->secid = secid; 263 * @secid: LSM secid valu 231 netlbl_unlhsh_add_addr4(struct netlbl_unlhsh_iface *iface, const struct in_addr *addr, const struct in_addr *mask, u32 secid) argument 271 netlbl_unlhsh_add_addr6(struct netlbl_unlhsh_iface *iface, const struct in6_addr *addr, const struct in6_addr *mask, u32 secid) argument 364 netlbl_unlhsh_add(struct net *net, const char *dev_name, const void *addr, const void *mask, u32 addr_len, u32 secid, struct netlbl_audit *audit_info) argument 883 u32 secid; local 934 u32 secid; local 1073 u32 secid; local [all...] |
H A D | netlabel_unlabeled.h | 214 u32 secid,
|
/linux-master/drivers/dio/ |
H A D | dio.c | 124 u_char prid, secid, i; local 153 secid = DIO_SECID(va); 154 id = DIO_ENCODE_ID(prid, secid); 199 u_char prid, secid = 0; /* primary, secondary ID bytes */ local 244 secid = DIO_SECID(va); 245 dev->id = DIO_ENCODE_ID(prid, secid); 253 printk(":%02X", secid);
|
H A D | dio-sysfs.c | 45 static DEVICE_ATTR(secid, S_IRUGO, dio_show_secid, NULL);
|
/linux-master/security/integrity/ima/ |
H A D | ima_main.c | 209 u32 secid, char *buf, loff_t size, int mask, 235 action = ima_get_action(file_mnt_idmap(file), inode, cred, secid, 446 u32 secid; local 452 security_current_getsecid_subj(&secid); 455 ret = process_measurement(file, current_cred(), secid, NULL, 462 return process_measurement(file, current_cred(), secid, NULL, 493 u32 secid; local 501 security_current_getsecid_subj(&secid); 504 current_cred(), secid, MAY_EXEC, MMAP_CHECK, 507 current_cred(), secid, MAY_EXE 208 process_measurement(struct file *file, const struct cred *cred, u32 secid, char *buf, loff_t size, int mask, enum ima_hooks func) argument 544 u32 secid; local 569 u32 secid; local 771 u32 secid; local 821 u32 secid; local 970 u32 secid; local [all...] |
H A D | ima.h | 372 const struct cred *cred, u32 secid, int mask, 403 const struct cred *cred, u32 secid, enum ima_hooks func, 558 static inline int ima_filter_rule_match(u32 secid, u32 field, u32 op, argument
|
/linux-master/include/linux/ |
H A D | security.h | 399 void security_inode_getsecid(struct inode *inode, u32 *secid); 431 void security_cred_getsecid(const struct cred *c, u32 *secid); 432 int security_kernel_act_as(struct cred *new, u32 secid); 451 void security_current_getsecid_subj(u32 *secid); 452 void security_task_getsecid_obj(struct task_struct *p, u32 *secid); 470 void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); 502 int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); 503 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); 1003 static inline void security_inode_getsecid(struct inode *inode, u32 *secid) argument 1005 *secid 1143 security_cred_getsecid(const struct cred *c, u32 *secid) argument 1148 security_kernel_act_as(struct cred *cred, u32 secid) argument 1225 security_current_getsecid_subj(u32 *secid) argument 1230 security_task_getsecid_obj(struct task_struct *p, u32 *secid) argument 1308 security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) argument 1444 security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) argument 1449 security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) argument 1678 security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) argument 1726 security_secmark_relabel_packet(u32 secid) argument 1873 security_xfrm_state_alloc_acquire(struct xfrm_state *x, struct xfrm_sec_ctx *polsec, u32 secid) argument 1900 security_xfrm_decode_session(struct sk_buff *skb, u32 *secid) argument 2069 security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule) argument [all...] |
H A D | lsm_hook_defs.h | 177 LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid) 215 LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid) 216 LSM_HOOK(int, 0, kernel_act_as, struct cred *new, u32 secid) 234 LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid) 236 struct task_struct *p, u32 *secid) 256 u32 *secid) 291 LSM_HOOK(int, -EOPNOTSUPP, secid_to_secctx, u32 secid, char **secdata, 293 LSM_HOOK(int, 0, secctx_to_secid, const char *secdata, u32 seclen, u32 *secid) 337 struct sk_buff *skb, u32 *secid) 342 LSM_HOOK(void, LSM_RET_VOID, sk_getsecid, const struct sock *sk, u32 *secid) [all...] |
/linux-master/security/selinux/include/ |
H A D | xfrm.h | 25 struct xfrm_sec_ctx *polsec, u32 secid);
|
/linux-master/security/selinux/ |
H A D | xfrm.c | 336 * on a secid. 339 struct xfrm_sec_ctx *polsec, u32 secid) 349 if (secid == 0) 352 rc = security_sid_to_context(secid, &ctx_str, 365 ctx->ctx_sid = secid; 338 selinux_xfrm_state_alloc_acquire(struct xfrm_state *x, struct xfrm_sec_ctx *polsec, u32 secid) argument
|
H A D | netlabel.c | 110 (secattr->attr.secid == sid)) 289 rc = security_netlbl_sid_to_secattr(asoc->secid, &secattr); 337 rc = security_netlbl_sid_to_secattr(req->secid, &secattr);
|
/linux-master/security/ |
H A D | security.c | 2599 * security_inode_getsecid() - Get an inode's secid 2601 * @secid: secid to return 2603 * Get the secid associated with the node. In case of failure, @secid will be 2606 void security_inode_getsecid(struct inode *inode, u32 *secid) argument 2608 call_void_hook(inode_getsecid, inode, secid); 3117 * security_cred_getsecid() - Get the secid from a set of credentials 3119 * @secid: secid valu 3124 security_cred_getsecid(const struct cred *c, u32 *secid) argument 3141 security_kernel_act_as(struct cred *new, u32 secid) argument 3356 security_current_getsecid_subj(u32 *secid) argument 3371 security_task_getsecid_obj(struct task_struct *p, u32 *secid) argument 3595 security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) argument 4163 security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) argument 4179 security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) argument 4643 security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) argument 4783 security_secmark_relabel_packet(u32 secid) argument 5138 security_xfrm_state_alloc_acquire(struct xfrm_state *x, struct xfrm_sec_ctx *polsec, u32 secid) argument 5229 security_xfrm_decode_session(struct sk_buff *skb, u32 *secid) argument 5385 security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule) argument [all...] |
/linux-master/include/net/ |
H A D | scm.h | 49 u32 secid; /* Passed security ID */ member in struct:scm_cookie 62 security_socket_getpeersec_dgram(sock, NULL, &scm->secid); 113 err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
|
H A D | netlabel.h | 100 u32 secid; member in struct:netlbl_audit 168 * @attr.secid: LSM specific secid token 203 u32 secid; member in struct:netlbl_lsm_secattr::__anon457 421 u32 secid, 531 u32 secid, 526 netlbl_cfg_unlbl_static_add(struct net *net, const char *dev_name, const void *addr, const void *mask, u16 family, u32 secid, struct netlbl_audit *audit_info) argument
|
H A D | af_unix.h | 63 u32 secid; /* Security ID */ member in struct:unix_skb_parms
|
/linux-master/kernel/ |
H A D | cred.c | 683 * @secid: The LSM security ID to set 688 int set_security_override(struct cred *new, u32 secid) argument 690 return security_kernel_act_as(new, secid); 706 u32 secid; local 709 ret = security_secctx_to_secid(secctx, strlen(secctx), &secid); 713 return set_security_override(new, secid);
|