213 	struct task_security_struct *tsec;  in cred_init_security()  local
217 	tsec = selinux_cred(unrcu_pointer(current->real_cred));  in cred_init_security()
218 	tsec->osid = tsec->sid = tsec->avdcache.sid = SECINITSID_KERNEL;  in cred_init_security()
226 	const struct task_security_struct *tsec;  in cred_sid()  local
228 	tsec = selinux_cred(cred);  in cred_sid()
229 	return tsec->sid;  in cred_sid()
440 	const struct task_security_struct *tsec = selinux_cred(cred);  in may_context_mount_sb_relabel()  local
443 	rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,  in may_context_mount_sb_relabel()
448 	rc = avc_has_perm(tsec->sid, sid, SECCLASS_FILESYSTEM,  in may_context_mount_sb_relabel()
457 	const struct task_security_struct *tsec = selinux_cred(cred);  in may_context_mount_inode_relabel()  local
459 	rc = avc_has_perm(tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,  in may_context_mount_inode_relabel()
1791 selinux_determine_inode_label(const struct task_security_struct *tsec,  in selinux_determine_inode_label()  argument
1803 		   tsec->create_sid) {  in selinux_determine_inode_label()
1804 		*_new_isid = tsec->create_sid;  in selinux_determine_inode_label()
1807 		return security_transition_sid(tsec->sid,  in selinux_determine_inode_label()
1820 	const struct task_security_struct *tsec = selinux_cred(current_cred());  in may_create()  local
1830 	sid = tsec->sid;  in may_create()
1841 	rc = selinux_determine_inode_label(tsec, dir, &dentry->d_name, tclass,  in may_create()
2532 	const struct task_security_struct *tsec = selinux_cred(current_cred());  in selinux_bprm_committed_creds()  local
2536 	osid = tsec->osid;  in selinux_bprm_committed_creds()
2537 	sid = tsec->sid;  in selinux_bprm_committed_creds()
2914 	struct task_security_struct *tsec;  in selinux_dentry_create_files_as()  local
2923 	tsec = selinux_cred(new);  in selinux_dentry_create_files_as()
2924 	tsec->create_sid = newsid;  in selinux_dentry_create_files_as()
2932 	const struct task_security_struct *tsec = selinux_cred(current_cred());  in selinux_inode_init_security()  local
2942 	newsid = tsec->create_sid;  in selinux_inode_init_security()
2944 	rc = selinux_determine_inode_label(tsec, dir, qstr, newsclass, &newsid);  in selinux_inode_init_security()
3108  * @tsec: the task's security state
3110  * Clear the task's AVD cache in @tsec and reset it to the current policy's
3113 static inline void task_avdcache_reset(struct task_security_struct *tsec)  in task_avdcache_reset()  argument
3115 	memset(&tsec->avdcache.dir, 0, sizeof(tsec->avdcache.dir));  in task_avdcache_reset()
3116 	tsec->avdcache.sid = tsec->sid;  in task_avdcache_reset()
3117 	tsec->avdcache.seqno = avc_policy_seqno();  in task_avdcache_reset()
3118 	tsec->avdcache.dir_spot = TSEC_AVDC_DIR_SIZE - 1;  in task_avdcache_reset()
3123  * @tsec: the task's security state
3127  * Search @tsec for a AVD cache entry that matches @isec and return it to the
3130 static inline int task_avdcache_search(struct task_security_struct *tsec,  in task_avdcache_search()  argument
3140 	if (unlikely(tsec->sid != tsec->avdcache.sid ||  in task_avdcache_search()
3141 		     tsec->avdcache.seqno != avc_policy_seqno())) {  in task_avdcache_search()
3142 		task_avdcache_reset(tsec);  in task_avdcache_search()
3146 	orig = iter = tsec->avdcache.dir_spot;  in task_avdcache_search()
3148 		if (tsec->avdcache.dir[iter].isid == isec->sid) {  in task_avdcache_search()
3150 			tsec->avdcache.dir_spot = iter;  in task_avdcache_search()
3151 			*avdc = &tsec->avdcache.dir[iter];  in task_avdcache_search()
3162  * @tsec: the task's security state
3167  * Update the AVD cache in @tsec with the @avdc and @audited info associated
3170 static inline void task_avdcache_update(struct task_security_struct *tsec,  in task_avdcache_update()  argument
3182 	spot = (tsec->avdcache.dir_spot + 1) & (TSEC_AVDC_DIR_SIZE - 1);  in task_avdcache_update()
3183 	tsec->avdcache.dir_spot = spot;  in task_avdcache_update()
3184 	tsec->avdcache.dir[spot].isid = isec->sid;  in task_avdcache_update()
3185 	tsec->avdcache.dir[spot].audited = audited;  in task_avdcache_update()
3186 	tsec->avdcache.dir[spot].allowed = avd->allowed;  in task_avdcache_update()
3187 	tsec->avdcache.dir[spot].permissive = avd->flags & AVD_FLAGS_PERMISSIVE;  in task_avdcache_update()
3188 	tsec->avdcache.permissive_neveraudit =  in task_avdcache_update()
3204 	struct task_security_struct *tsec;  in selinux_inode_permission()  local
3216 	tsec = selinux_cred(current_cred());  in selinux_inode_permission()
3217 	if (task_avdcache_permnoaudit(tsec))  in selinux_inode_permission()
3225 	rc = task_avdcache_search(tsec, isec, &avdc);  in selinux_inode_permission()
3237 		rc = avc_has_perm_noaudit(tsec->sid, isec->sid, isec->sclass,  in selinux_inode_permission()
3242 		task_avdcache_update(tsec, isec, &avd, audited);  in selinux_inode_permission()
3286 	struct task_security_struct *tsec;  in selinux_inode_getattr()  local
3288 	tsec = selinux_cred(current_cred());  in selinux_inode_getattr()
3290 	if (task_avdcache_permnoaudit(tsec))  in selinux_inode_getattr()
3662 	struct task_security_struct *tsec;  in selinux_inode_copy_up()  local
3671 	tsec = selinux_cred(new_creds);  in selinux_inode_copy_up()
3674 	tsec->create_sid = prop.selinux.secid;  in selinux_inode_copy_up()
3700 	const struct task_security_struct *tsec = selinux_cred(current_cred());  in selinux_kernfs_init_security()  local
3728 	if (tsec->create_sid) {  in selinux_kernfs_init_security()
3729 		newsid = tsec->create_sid;  in selinux_kernfs_init_security()
3740 		rc = security_transition_sid(tsec->sid,  in selinux_kernfs_init_security()
4165 	struct task_security_struct *tsec = selinux_cred(new);  in selinux_cred_prepare()  local
4167 	*tsec = *old_tsec;  in selinux_cred_prepare()
4177 	struct task_security_struct *tsec = selinux_cred(new);  in selinux_cred_transfer()  local
4179 	*tsec = *old_tsec;  in selinux_cred_transfer()
4198 	struct task_security_struct *tsec = selinux_cred(new);  in selinux_kernel_act_as()  local
4207 		tsec->sid = secid;  in selinux_kernel_act_as()
4208 		tsec->create_sid = 0;  in selinux_kernel_act_as()
4209 		tsec->keycreate_sid = 0;  in selinux_kernel_act_as()
4210 		tsec->sockcreate_sid = 0;  in selinux_kernel_act_as()
4222 	struct task_security_struct *tsec = selinux_cred(new);  in selinux_kernel_create_files_as()  local
4232 		tsec->create_sid = isec->sid;  in selinux_kernel_create_files_as()
4747 static int socket_sockcreate_sid(const struct task_security_struct *tsec,  in socket_sockcreate_sid()  argument
4750 	if (tsec->sockcreate_sid > SECSID_NULL) {  in socket_sockcreate_sid()
4751 		*socksid = tsec->sockcreate_sid;  in socket_sockcreate_sid()
4755 	return security_transition_sid(tsec->sid, tsec->sid,  in socket_sockcreate_sid()
4800 	const struct task_security_struct *tsec = selinux_cred(current_cred());  in selinux_socket_create()  local
4809 	rc = socket_sockcreate_sid(tsec, secclass, &newsid);  in selinux_socket_create()
4813 	return avc_has_perm(tsec->sid, newsid, secclass, SOCKET__CREATE, NULL);  in selinux_socket_create()
4819 	const struct task_security_struct *tsec = selinux_cred(current_cred());  in selinux_socket_post_create()  local
4827 		err = socket_sockcreate_sid(tsec, sclass, &sid);  in selinux_socket_post_create()
6529 	const struct task_security_struct *tsec;  in selinux_lsm_getattr()  local
6535 	tsec = selinux_cred(__task_cred(p));  in selinux_lsm_getattr()
6537 		error = avc_has_perm(current_sid(), tsec->sid,  in selinux_lsm_getattr()
6544 		sid = tsec->sid;  in selinux_lsm_getattr()
6547 		sid = tsec->osid;  in selinux_lsm_getattr()
6550 		sid = tsec->exec_sid;  in selinux_lsm_getattr()
6553 		sid = tsec->create_sid;  in selinux_lsm_getattr()
6556 		sid = tsec->keycreate_sid;  in selinux_lsm_getattr()
6559 		sid = tsec->sockcreate_sid;  in selinux_lsm_getattr()
6584 	struct task_security_struct *tsec;  in selinux_lsm_setattr()  local
6670 	tsec = selinux_cred(new);  in selinux_lsm_setattr()
6672 		tsec->exec_sid = sid;  in selinux_lsm_setattr()
6674 		tsec->create_sid = sid;  in selinux_lsm_setattr()
6682 		tsec->keycreate_sid = sid;  in selinux_lsm_setattr()
6684 		tsec->sockcreate_sid = sid;  in selinux_lsm_setattr()
6691 			error = security_bounded_transition(tsec->sid, sid);  in selinux_lsm_setattr()
6697 		error = avc_has_perm(tsec->sid, sid, SECCLASS_PROCESS,  in selinux_lsm_setattr()
6712 		tsec->sid = sid;  in selinux_lsm_setattr()
6879 	const struct task_security_struct *tsec;  in selinux_key_alloc()  local
6882 	tsec = selinux_cred(cred);  in selinux_key_alloc()
6883 	if (tsec->keycreate_sid)  in selinux_key_alloc()
6884 		ksec->sid = tsec->keycreate_sid;  in selinux_key_alloc()
6886 		ksec->sid = tsec->sid;  in selinux_key_alloc()