xref: /kernel/linux/linux-6.6/security/selinux/netlabel.c

33  * @secattr: the NetLabel security attributes
44 					   struct netlbl_lsm_secattr *secattr,
49 	rc = security_netlbl_secattr_to_sid(secattr, sid);
51 	    (secattr->flags & NETLBL_SECATTR_CACHEABLE) &&
52 	    (secattr->flags & NETLBL_SECATTR_CACHE))
53 		netlbl_cache_add(skb, family, secattr);
59  * selinux_netlbl_sock_genattr - Generate the NetLabel socket secattr
72 	struct netlbl_lsm_secattr *secattr;
77 	secattr = netlbl_secattr_alloc(GFP_ATOMIC);
78 	if (secattr == NULL)
80 	rc = security_netlbl_sid_to_secattr(sksec->sid, secattr);
82 		netlbl_secattr_free(secattr);
85 	sksec->nlbl_secattr = secattr;
87 	return secattr;
91  * selinux_netlbl_sock_getattr - Get the cached NetLabel secattr
95  * Query the socket's cached secattr and if the SID matches the cached value
104 	struct netlbl_lsm_secattr *secattr = sksec->nlbl_secattr;
106 	if (secattr == NULL)
109 	if ((secattr->flags & NETLBL_SECATTR_SECID) &&
110 	    (secattr->attr.secid == sid))
111 		return secattr;
198 	struct netlbl_lsm_secattr secattr;
206 	netlbl_secattr_init(&secattr);
207 	rc = netlbl_skbuff_getattr(skb, family, &secattr);
208 	if (rc == 0 && secattr.flags != NETLBL_SECATTR_NONE)
210 						     &secattr, sid);
213 	*type = secattr.type;
214 	netlbl_secattr_destroy(&secattr);
236 	struct netlbl_lsm_secattr *secattr = NULL;
247 		secattr = selinux_netlbl_sock_getattr(sk, sid);
249 	if (secattr == NULL) {
250 		secattr = &secattr_storage;
251 		netlbl_secattr_init(secattr);
252 		rc = security_netlbl_sid_to_secattr(sid, secattr);
257 	rc = netlbl_skbuff_setattr(skb, family, secattr);
260 	if (secattr == &secattr_storage)
261 		netlbl_secattr_destroy(secattr);
279 	struct netlbl_lsm_secattr secattr;
288 	netlbl_secattr_init(&secattr);
289 	rc = security_netlbl_sid_to_secattr(asoc->secid, &secattr);
299 		rc = netlbl_conn_setattr(asoc->base.sk, (void *)&addr4, &secattr);
303 		rc = netlbl_conn_setattr(asoc->base.sk, (void *)&addr6, &secattr);
312 	netlbl_secattr_destroy(&secattr);
331 	struct netlbl_lsm_secattr secattr;
336 	netlbl_secattr_init(&secattr);
337 	rc = security_netlbl_sid_to_secattr(req->secid, &secattr);
340 	rc = netlbl_req_setattr(req, &secattr);
342 	netlbl_secattr_destroy(&secattr);
397 	struct netlbl_lsm_secattr *secattr;
402 	secattr = selinux_netlbl_sock_genattr(sk);
403 	if (secattr == NULL)
405 	rc = netlbl_sock_setattr(sk, family, secattr);
440 	struct netlbl_lsm_secattr secattr;
445 	netlbl_secattr_init(&secattr);
446 	rc = netlbl_skbuff_getattr(skb, family, &secattr);
447 	if (rc == 0 && secattr.flags != NETLBL_SECATTR_NONE)
449 						     &secattr, &nlbl_sid);
452 	netlbl_secattr_destroy(&secattr);
511 	struct netlbl_lsm_secattr secattr;
516 		netlbl_secattr_init(&secattr);
521 		rc = netlbl_sock_getattr(sk, &secattr);
527 		netlbl_secattr_destroy(&secattr);
549 	struct netlbl_lsm_secattr *secattr;
560 	secattr = selinux_netlbl_sock_genattr(sk);
561 	if (secattr == NULL) {
565 	rc = netlbl_conn_setattr(sk, addr, secattr);

Indexes created Thu Nov 07 10:32:03 CST 2024