92 static int context_struct_to_string(struct context *context, char **scontext,
95 static void context_struct_compute_av(struct context *scontext,
271 static int constraint_expr_eval(struct context *scontext,  in constraint_expr_eval()  argument
305 				val1 = scontext->user;  in constraint_expr_eval()
309 				val1 = scontext->type;  in constraint_expr_eval()
313 				val1 = scontext->role;  in constraint_expr_eval()
337 				l1 = &(scontext->range.level[0]);  in constraint_expr_eval()
341 				l1 = &(scontext->range.level[0]);  in constraint_expr_eval()
345 				l1 = &(scontext->range.level[1]);  in constraint_expr_eval()
349 				l1 = &(scontext->range.level[1]);  in constraint_expr_eval()
353 				l1 = &(scontext->range.level[0]);  in constraint_expr_eval()
354 				l2 = &(scontext->range.level[1]);  in constraint_expr_eval()
402 			c = scontext;  in constraint_expr_eval()
461 static void security_dump_masked_av(struct context *scontext,  in security_dump_masked_av()  argument
496 	if (context_struct_to_string(scontext,  in security_dump_masked_av()
539 static void type_attribute_bounds_av(struct context *scontext,  in type_attribute_bounds_av()  argument
552 				    scontext->type - 1);  in type_attribute_bounds_av()
562 		memcpy(&lo_scontext, scontext, sizeof(lo_scontext));  in type_attribute_bounds_av()
580 		context_struct_compute_av(scontext,  in type_attribute_bounds_av()
610 		security_dump_masked_av(scontext, tcontext,  in type_attribute_bounds_av()
619 static void context_struct_compute_av(struct context *scontext,  in context_struct_compute_av()  argument
651 	sattr = flex_array_get(policydb.type_attr_map_array, scontext->type - 1);  in context_struct_compute_av()
683 		    !constraint_expr_eval(scontext, tcontext, NULL,  in context_struct_compute_av()
697 	    scontext->role != tcontext->role) {  in context_struct_compute_av()
699 			if (scontext->role == ra->role &&  in context_struct_compute_av()
712 	type_attribute_bounds_av(scontext, tcontext,  in context_struct_compute_av()
919 	struct context *scontext = NULL, *tcontext = NULL;  in security_compute_av()  local
926 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_av()
927 	if (!scontext) {  in security_compute_av()
934 	if (ebitmap_get_bit(&policydb.permissive_map, scontext->type))  in security_compute_av()
950 	context_struct_compute_av(scontext, tcontext, tclass, avd);  in security_compute_av()
965 	struct context *scontext = NULL, *tcontext = NULL;  in security_compute_av_user()  local
972 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_av_user()
973 	if (!scontext) {  in security_compute_av_user()
980 	if (ebitmap_get_bit(&policydb.permissive_map, scontext->type))  in security_compute_av_user()
996 	context_struct_compute_av(scontext, tcontext, tclass, avd);  in security_compute_av_user()
1012 static int context_struct_to_string(struct context *context, char **scontext, u32 *scontext_len)  in context_struct_to_string()  argument
1016 	if (scontext)  in context_struct_to_string()
1017 		*scontext = NULL;  in context_struct_to_string()
1022 		if (scontext) {  in context_struct_to_string()
1023 			*scontext = kstrdup(context->str, GFP_ATOMIC);  in context_struct_to_string()
1024 			if (!(*scontext))  in context_struct_to_string()
1036 	if (!scontext)  in context_struct_to_string()
1043 	*scontext = scontextp;  in context_struct_to_string()
1072 static int security_sid_to_context_core(u32 sid, char **scontext,  in security_sid_to_context_core()  argument
1078 	if (scontext)  in security_sid_to_context_core()
1079 		*scontext = NULL;  in security_sid_to_context_core()
1087 			if (!scontext)  in security_sid_to_context_core()
1095 			*scontext = scontextp;  in security_sid_to_context_core()
1114 	rc = context_struct_to_string(context, scontext, scontext_len);  in security_sid_to_context_core()
1132 int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context()  argument
1134 	return security_sid_to_context_core(sid, scontext, scontext_len, 0);  in security_sid_to_context()
1137 int security_sid_to_context_force(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context_force()  argument
1139 	return security_sid_to_context_core(sid, scontext, scontext_len, 1);  in security_sid_to_context_force()
1147 				    char *scontext,  in string_to_context_struct()  argument
1163 	scontextp = (char *) scontext;  in string_to_context_struct()
1214 	if ((p - scontext) < scontext_len)  in string_to_context_struct()
1227 static int security_context_to_sid_core(const char *scontext, u32 scontext_len,  in security_context_to_sid_core()  argument
1243 			if (!strcmp(initial_sid_to_string[i], scontext)) {  in security_context_to_sid_core()
1257 	memcpy(scontext2, scontext, scontext_len);  in security_context_to_sid_core()
1299 int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid,  in security_context_to_sid()  argument
1302 	return security_context_to_sid_core(scontext, scontext_len,  in security_context_to_sid()
1324 int security_context_to_sid_default(const char *scontext, u32 scontext_len,  in security_context_to_sid_default()  argument
1327 	return security_context_to_sid_core(scontext, scontext_len,  in security_context_to_sid_default()
1331 int security_context_to_sid_force(const char *scontext, u32 scontext_len,  in security_context_to_sid_force()  argument
1334 	return security_context_to_sid_core(scontext, scontext_len,  in security_context_to_sid_force()
1339 	struct context *scontext,  in compute_sid_handle_invalid_context()  argument
1347 	if (context_struct_to_string(scontext, &s, &slen))  in compute_sid_handle_invalid_context()
1402 	struct context *scontext = NULL, *tcontext = NULL, newcontext;  in security_compute_sid()  local
1435 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_sid()
1436 	if (!scontext) {  in security_compute_sid()
1462 			newcontext.user = scontext->user;  in security_compute_sid()
1473 		newcontext.role = scontext->role;  in security_compute_sid()
1478 			newcontext.role = scontext->role;  in security_compute_sid()
1485 		newcontext.type = scontext->type;  in security_compute_sid()
1491 			newcontext.type = scontext->type;  in security_compute_sid()
1499 	avkey.source_type = scontext->type;  in security_compute_sid()
1523 		filename_compute_type(&policydb, &newcontext, scontext->type,  in security_compute_sid()
1530 			if ((roletr->role == scontext->role) &&  in security_compute_sid()
1542 	rc = mls_compute_sid(scontext, tcontext, tclass, specified,  in security_compute_sid()
1549 		rc = compute_sid_handle_invalid_context(scontext,  in security_compute_sid()