Lines Matching defs:context
11 * Support for context based audit filters.
56 #include "context.h"
82 struct context *context,
93 struct context *scontext,
94 struct context *tcontext,
263 * only. For these rules, scontext is the context before the transition,
264 * tcontext is the context after the transition, and xcontext is the context
269 struct context *scontext,
270 struct context *tcontext,
271 struct context *xcontext,
275 struct context *c;
460 struct context *scontext,
461 struct context *tcontext,
539 struct context *scontext,
540 struct context *tcontext,
544 struct context lo_scontext;
545 struct context lo_tcontext, *tcontextp = tcontext;
616 * Compute access vectors and extended permissions based on a context
620 struct context *scontext,
621 struct context *tcontext,
818 if (!constraint_expr_eval(policydb, &oentry->context,
819 &nentry->context, &tentry->context,
902 if (old_entry->context.type == new_entry->context.type)
905 index = new_entry->context.type;
917 if (type->bounds == old_entry->context.type)
1025 struct context *scontext, *tcontext;
1121 struct context *scontext = NULL, *tcontext = NULL;
1178 struct context *scontext = NULL, *tcontext = NULL;
1224 * Write the security context string representation of
1225 * the context structure `context' into a dynamically
1231 struct context *context,
1240 if (context->len) {
1241 *scontext_len = context->len;
1243 *scontext = kstrdup(context->str, GFP_ATOMIC);
1250 /* Compute the size of the context. */
1251 *scontext_len += strlen(sym_name(p, SYM_USERS, context->user - 1)) + 1;
1252 *scontext_len += strlen(sym_name(p, SYM_ROLES, context->role - 1)) + 1;
1253 *scontext_len += strlen(sym_name(p, SYM_TYPES, context->type - 1)) + 1;
1254 *scontext_len += mls_compute_context_len(p, context);
1259 /* Allocate space for the context; caller must free this space. */
1266 * Copy the user name, role name and type name into the context.
1269 sym_name(p, SYM_USERS, context->user - 1),
1270 sym_name(p, SYM_ROLES, context->role - 1),
1271 sym_name(p, SYM_TYPES, context->type - 1));
1273 mls_sid_to_context(p, context, &scontextp);
1290 rc = context_struct_to_string(p, &entry->context, scontext,
1375 if (only_invalid && !entry->context.len)
1388 * security_sid_to_context - Obtain a context for a given SID.
1390 * @scontext: security context
1393 * Write the string representation of the context associated with @sid
1412 * security_sid_to_context_inval - Obtain a context for a given SID if it
1415 * @scontext: security context
1418 * Write the string representation of the context associated with @sid
1420 * context is invalid in the current policy. Set @scontext to point to
1421 * this string (or NULL if the context is valid) and set @scontext_len to
1422 * the length of the string (or 0 if the context is valid).
1437 struct context *ctx,
1448 /* Parse the security context. */
1501 /* Check the validity of the new context. */
1521 struct context context;
1524 /* An empty security context is never valid. */
1562 &context, def_sid);
1564 context.str = str;
1565 context.len = strlen(str) + 1;
1569 rc = sidtab_context_to_sid(sidtab, &context, sid);
1572 if (context.str) {
1573 str = context.str;
1574 context.str = NULL;
1576 context_destroy(&context);
1579 context_destroy(&context);
1589 * security_context_to_sid - Obtain a SID for a given security context.
1590 * @scontext: security context
1593 * @gfp: context for the allocation
1595 * Obtains a SID associated with the security context that
1597 * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient
1616 * security_context_to_sid_default - Obtain a SID for a given security context,
1619 * @scontext: security context
1624 * Obtains a SID associated with the security context that
1629 * Implicitly forces adding of the context even if it cannot be mapped yet.
1630 * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient
1655 struct context *newcontext)
1687 struct context *newcontext,
1729 struct context *scontext, *tcontext, newcontext;
1785 scontext = &sentry->context;
1786 tcontext = &tentry->context;
1886 /* Check the validity of the context. */
1894 /* Obtain the sid for the context. */
1990 struct context *context)
1998 if (!context_struct_to_string(policydb, context, &s, &len)) {
2007 * Convert the values in the security context
2010 * in the policy `p->newp', storing the new context
2011 * in `newc'. Verify that the context is valid
2014 static int convert_context(struct context *oldc, struct context *newc, void *p,
2052 pr_err("SELinux: Unable to map context %s, rc = %d.\n",
2097 * ensure that the MLS fields of the context for all
2111 rc = mls_range_set(newc, &oc->context[0].range);
2116 /* Check the validity of the new context. */
2376 * @index: index of the context entry (0 or 1)
2395 rc = sidtab_context_to_sid(sidtab, &c->context[index], &sid);
2742 struct context *fromcon, usercon;
3196 struct context *context1;
3197 struct context *context2;
3198 struct context newcon;
3245 /* Check the validity of the new context. */
3308 struct context *nlbl_ctx;
3309 struct context *xfrm_ctx;
3532 struct context au_ctxt;
3676 struct context *ctxt;
3816 * Attempt to cache the context in @ctx, which was derived from the packet in
3849 * SID/context then use SECINITSID_NETMSG as the foundation. If possible the
3864 struct context *ctx;
3865 struct context ctx_new;
3939 struct context *ctx;