92 static int context_struct_to_string(struct context *context, char **scontext,
95 static void context_struct_compute_av(struct context *scontext,
272 static int constraint_expr_eval(struct context *scontext,  in constraint_expr_eval()  argument
306 				val1 = scontext->user;  in constraint_expr_eval()
310 				val1 = scontext->type;  in constraint_expr_eval()
314 				val1 = scontext->role;  in constraint_expr_eval()
338 				l1 = &(scontext->range.level[0]);  in constraint_expr_eval()
342 				l1 = &(scontext->range.level[0]);  in constraint_expr_eval()
346 				l1 = &(scontext->range.level[1]);  in constraint_expr_eval()
350 				l1 = &(scontext->range.level[1]);  in constraint_expr_eval()
354 				l1 = &(scontext->range.level[0]);  in constraint_expr_eval()
355 				l2 = &(scontext->range.level[1]);  in constraint_expr_eval()
403 			c = scontext;  in constraint_expr_eval()
462 static void security_dump_masked_av(struct context *scontext,  in security_dump_masked_av()  argument
497 	if (context_struct_to_string(scontext,  in security_dump_masked_av()
540 static void type_attribute_bounds_av(struct context *scontext,  in type_attribute_bounds_av()  argument
553 				    scontext->type - 1);  in type_attribute_bounds_av()
563 		memcpy(&lo_scontext, scontext, sizeof(lo_scontext));  in type_attribute_bounds_av()
582 		context_struct_compute_av(scontext,  in type_attribute_bounds_av()
614 		security_dump_masked_av(scontext, tcontext,  in type_attribute_bounds_av()
648 static void context_struct_compute_av(struct context *scontext,  in context_struct_compute_av()  argument
685 	sattr = flex_array_get(policydb.type_attr_map_array, scontext->type - 1);  in context_struct_compute_av()
720 		    !constraint_expr_eval(scontext, tcontext, NULL,  in context_struct_compute_av()
734 	    scontext->role != tcontext->role) {  in context_struct_compute_av()
736 			if (scontext->role == ra->role &&  in context_struct_compute_av()
749 	type_attribute_bounds_av(scontext, tcontext,  in context_struct_compute_av()
1000 	struct context *scontext, *tcontext;  in security_compute_xperms_decision()  local
1017 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_xperms_decision()
1018 	if (!scontext) {  in security_compute_xperms_decision()
1047 				scontext->type - 1);  in security_compute_xperms_decision()
1091 	struct context *scontext = NULL, *tcontext = NULL;  in security_compute_av()  local
1099 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_av()
1100 	if (!scontext) {  in security_compute_av()
1107 	if (ebitmap_get_bit(&policydb.permissive_map, scontext->type))  in security_compute_av()
1123 	context_struct_compute_av(scontext, tcontext, tclass, avd, xperms);  in security_compute_av()
1138 	struct context *scontext = NULL, *tcontext = NULL;  in security_compute_av_user()  local
1145 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_av_user()
1146 	if (!scontext) {  in security_compute_av_user()
1153 	if (ebitmap_get_bit(&policydb.permissive_map, scontext->type))  in security_compute_av_user()
1169 	context_struct_compute_av(scontext, tcontext, tclass, avd, NULL);  in security_compute_av_user()
1185 static int context_struct_to_string(struct context *context, char **scontext, u32 *scontext_len)  in context_struct_to_string()  argument
1189 	if (scontext)  in context_struct_to_string()
1190 		*scontext = NULL;  in context_struct_to_string()
1195 		if (scontext) {  in context_struct_to_string()
1196 			*scontext = kstrdup(context->str, GFP_ATOMIC);  in context_struct_to_string()
1197 			if (!(*scontext))  in context_struct_to_string()
1209 	if (!scontext)  in context_struct_to_string()
1216 	*scontext = scontextp;  in context_struct_to_string()
1242 static int security_sid_to_context_core(u32 sid, char **scontext,  in security_sid_to_context_core()  argument
1248 	if (scontext)  in security_sid_to_context_core()
1249 		*scontext = NULL;  in security_sid_to_context_core()
1257 			if (!scontext)  in security_sid_to_context_core()
1265 			*scontext = scontextp;  in security_sid_to_context_core()
1284 	rc = context_struct_to_string(context, scontext, scontext_len);  in security_sid_to_context_core()
1302 int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context()  argument
1304 	return security_sid_to_context_core(sid, scontext, scontext_len, 0);  in security_sid_to_context()
1307 int security_sid_to_context_force(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context_force()  argument
1309 	return security_sid_to_context_core(sid, scontext, scontext_len, 1);  in security_sid_to_context_force()
1317 				    char *scontext,  in string_to_context_struct()  argument
1333 	scontextp = (char *) scontext;  in string_to_context_struct()
1384 	if ((p - scontext) < scontext_len)  in string_to_context_struct()
1397 static int security_context_to_sid_core(const char *scontext, u32 scontext_len,  in security_context_to_sid_core()  argument
1413 			if (!strcmp(initial_sid_to_string[i], scontext)) {  in security_context_to_sid_core()
1427 	memcpy(scontext2, scontext, scontext_len);  in security_context_to_sid_core()
1469 int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid,  in security_context_to_sid()  argument
1472 	return security_context_to_sid_core(scontext, scontext_len,  in security_context_to_sid()
1476 int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp)  in security_context_str_to_sid()  argument
1478 	return security_context_to_sid(scontext, strlen(scontext), sid, gfp);  in security_context_str_to_sid()
1499 int security_context_to_sid_default(const char *scontext, u32 scontext_len,  in security_context_to_sid_default()  argument
1502 	return security_context_to_sid_core(scontext, scontext_len,  in security_context_to_sid_default()
1506 int security_context_to_sid_force(const char *scontext, u32 scontext_len,  in security_context_to_sid_force()  argument
1509 	return security_context_to_sid_core(scontext, scontext_len,  in security_context_to_sid_force()
1514 	struct context *scontext,  in compute_sid_handle_invalid_context()  argument
1522 	if (context_struct_to_string(scontext, &s, &slen))  in compute_sid_handle_invalid_context()
1577 	struct context *scontext = NULL, *tcontext = NULL, newcontext;  in security_compute_sid()  local
1610 	scontext = sidtab_search(&sidtab, ssid);  in security_compute_sid()
1611 	if (!scontext) {  in security_compute_sid()
1637 			newcontext.user = scontext->user;  in security_compute_sid()
1648 		newcontext.role = scontext->role;  in security_compute_sid()
1653 			newcontext.role = scontext->role;  in security_compute_sid()
1660 		newcontext.type = scontext->type;  in security_compute_sid()
1666 			newcontext.type = scontext->type;  in security_compute_sid()
1674 	avkey.source_type = scontext->type;  in security_compute_sid()
1698 		filename_compute_type(&policydb, &newcontext, scontext->type,  in security_compute_sid()
1705 			if ((roletr->role == scontext->role) &&  in security_compute_sid()
1717 	rc = mls_compute_sid(scontext, tcontext, tclass, specified,  in security_compute_sid()
1724 		rc = compute_sid_handle_invalid_context(scontext,  in security_compute_sid()