783 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
791 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
799 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
872 		pr_err("SELinux: %s: unrecognized SID %u\n",  in security_bounded_transition()
880 		pr_err("SELinux: %s: unrecognized SID %u\n",  in security_bounded_transition()
1032 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_xperms_decision()
1039 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_xperms_decision()
1092  * SID pair (@ssid, @tsid) for the permissions in @tclass.
1118 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av()
1129 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av()
1173 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av_user()
1184 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av_user()
1300 const char *security_get_initial_sid_context(u32 sid)  in security_get_initial_sid_context()  argument
1302 	if (unlikely(sid > SECINITSID_NUM))  in security_get_initial_sid_context()
1304 	return initial_sid_to_string[sid];  in security_get_initial_sid_context()
1307 static int security_sid_to_context_core(u32 sid, char **scontext,  in security_sid_to_context_core()  argument
1322 		if (sid <= SECINITSID_NUM) {  in security_sid_to_context_core()
1333 			if (sid == SECINITSID_INIT)  in security_sid_to_context_core()
1334 				sid = SECINITSID_KERNEL;  in security_sid_to_context_core()
1336 			s = initial_sid_to_string[sid];  in security_sid_to_context_core()
1349 		       "load_policy on unknown SID %d\n", __func__, sid);  in security_sid_to_context_core()
1358 		entry = sidtab_search_entry_force(sidtab, sid);  in security_sid_to_context_core()
1360 		entry = sidtab_search_entry(sidtab, sid);  in security_sid_to_context_core()
1362 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_to_context_core()
1363 			__func__, sid);  in security_sid_to_context_core()
1380  * security_sid_to_context - Obtain a context for a given SID.
1381  * @sid: security identifier, SID
1385  * Write the string representation of the context associated with @sid
1389 int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context()  argument
1391 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context()
1395 int security_sid_to_context_force(u32 sid,  in security_sid_to_context_force()  argument
1398 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context_force()
1403  * security_sid_to_context_inval - Obtain a context for a given SID if it
1405  * @sid: security identifier, SID
1409  * Write the string representation of the context associated with @sid
1415 int security_sid_to_context_inval(u32 sid,  in security_sid_to_context_inval()  argument
1418 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context_inval()
1504 					u32 *sid, u32 def_sid, gfp_t gfp_flags,  in security_context_to_sid_core()  argument
1530 				*sid = i;  in security_context_to_sid_core()
1534 		*sid = SECINITSID_KERNEL;  in security_context_to_sid_core()
1537 	*sid = SECSID_NULL;  in security_context_to_sid_core()
1559 	rc = sidtab_context_to_sid(sidtab, &context, sid);  in security_context_to_sid_core()
1579  * security_context_to_sid - Obtain a SID for a given security context.
1582  * @sid: security identifier, SID
1585  * Obtains a SID associated with the security context that
1590 int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid,  in security_context_to_sid()  argument
1594 					    sid, SECSID_NULL, gfp, 0);  in security_context_to_sid()
1597 int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp)  in security_context_str_to_sid()  argument
1600 				       sid, gfp);  in security_context_str_to_sid()
1604  * security_context_to_sid_default - Obtain a SID for a given security context,
1609  * @sid: security identifier, SID
1610  * @def_sid: default SID to assign on error
1613  * Obtains a SID associated with the security context that
1615  * The default SID is passed to the MLS layer to be used to allow
1623 				    u32 *sid, u32 def_sid, gfp_t gfp_flags)  in security_context_to_sid_default()  argument
1626 					    sid, def_sid, gfp_flags, 1);  in security_context_to_sid_default()
1630 				  u32 *sid)  in security_context_to_sid_force()  argument
1633 					    sid, SECSID_NULL, GFP_KERNEL, 1);  in security_context_to_sid_force()
1758 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_sid()
1765 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_sid()
1882 	/* Obtain the sid for the context. */  in security_compute_sid()
1897  * security_transition_sid - Compute the SID for a new subject/object.
1904  * Compute a SID to use for labeling a new subject or object in the
1905  * class @tclass based on a SID pair (@ssid, @tsid).
1907  * if insufficient memory is available, or %0 if the new SID was
1927  * security_member_sid - Compute the SID for member selection.
1933  * Compute a SID to use when selecting a member of a polyinstantiated
1934  * object of class @tclass based on a SID pair (@ssid, @tsid).
1936  * if insufficient memory is available, or %0 if the SID was
1950  * security_change_sid - Compute the SID for object relabeling.
1956  * Compute a SID to use for relabeling an object of class @tclass
1957  * based on a SID pair (@ssid, @tsid).
1959  * if insufficient memory is available, or %0 if the SID was
2082 		while (oc && oc->sid[0] != SECINITSID_UNLABELED)  in services_convert_context()
2247  * validate it and convert the SID table as necessary.
2305 	 * in the new SID table.  in security_load_policy()
2323 			" representation of contexts in the new SID"  in security_load_policy()
2349  * ocontext_to_sid - Helper to safely get sid for an ocontext
2350  * @sidtab: SID table
2353  * @out_sid: pointer to the resulting SID value
2355  * For all ocontexts except OCON_ISID the SID fields are populated
2356  * on-demand when needed. Since updating the SID value is an SMP-sensitive
2366 	u32 sid;  in ocontext_to_sid()  local
2369 	sid = smp_load_acquire(&c->sid[index]);  in ocontext_to_sid()
2370 	if (!sid) {  in ocontext_to_sid()
2371 		rc = sidtab_context_to_sid(sidtab, &c->context[index], &sid);  in ocontext_to_sid()
2377 		 * when they see the SID.  in ocontext_to_sid()
2379 		smp_store_release(&c->sid[index], sid);  in ocontext_to_sid()
2381 	*out_sid = sid;  in ocontext_to_sid()
2386  * security_port_sid - Obtain the SID for a port.
2438  * security_ib_pkey_sid - Obtain the SID for a pkey.
2490  * security_ib_endport_sid - Obtain the SID for a subnet management interface.
2543  * security_netif_sid - Obtain the SID for a network interface.
2545  * @if_sid: interface SID
2604  * security_node_sid - Obtain the SID for a node (host).
2692  * @fromsid: starting SID
2713 	u32 *mysids = NULL, *mysids2, sid;  in security_get_user_sids()  local
2761 			rc = sidtab_context_to_sid(sidtab, &usercon, &sid);  in security_get_user_sids()
2769 				mysids[mynel++] = sid;  in security_get_user_sids()
2779 				mysids[mynel++] = sid;  in security_get_user_sids()
2814  * __security_genfs_sid - Helper to obtain a SID for a file in a filesystem
2819  * @sid: SID for path
2821  * Obtain a SID to use for a file in a filesystem that
2832 				       u32 *sid)  in __security_genfs_sid()  argument
2845 	*sid = SECINITSID_UNLABELED;  in __security_genfs_sid()
2866 	return ocontext_to_sid(sidtab, c, 0, sid);  in __security_genfs_sid()
2870  * security_genfs_sid - Obtain a SID for a file in a filesystem
2874  * @sid: SID for path
2882 		       u32 *sid)  in security_genfs_sid()  argument
2888 		*sid = SECINITSID_UNLABELED;  in security_genfs_sid()
2896 					      orig_sclass, sid);  in security_genfs_sid()
2906 			u32 *sid)  in selinux_policy_genfs_sid()  argument
2909 	return __security_genfs_sid(policy, fstype, path, orig_sclass, sid);  in selinux_policy_genfs_sid()
2928 		sbsec->sid = SECINITSID_UNLABELED;  in security_fs_use()
2947 		rc = ocontext_to_sid(sidtab, c, 0, &sbsec->sid);  in security_fs_use()
2956 					SECCLASS_DIR, &sbsec->sid);  in security_fs_use()
3154  * security_sid_mls_copy() - computes a new sid based on the given
3155  * sid and the mls portion of mls_sid.
3157 int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)  in security_sid_mls_copy()  argument
3170 		*new_sid = sid;  in security_sid_mls_copy()
3184 		*new_sid = sid;  in security_sid_mls_copy()
3189 	context1 = sidtab_search(sidtab, sid);  in security_sid_mls_copy()
3191 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_mls_copy()
3192 			__func__, sid);  in security_sid_mls_copy()
3199 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_mls_copy()
3247  * @nlbl_sid: NetLabel SID
3249  * @xfrm_sid: XFRM SID
3250  * @peer_sid: network peer sid
3254  * resolved into a single SID it is returned via @peer_sid and the function
3258  *                                 | function return |      @sid
3281 	 * single or absent peer SID/label */  in security_net_peersid_resolve()
3287 	 * and is treated as if nlbl_sid == SECSID_NULL when a XFRM SID/label  in security_net_peersid_resolve()
3315 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_net_peersid_resolve()
3322 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_net_peersid_resolve()
3331 	 * information so if the MLS portion of the NetLabel SID  in security_net_peersid_resolve()
3332 	 * matches the MLS portion of the labeled XFRM SID/label  in security_net_peersid_resolve()
3333 	 * then pass along the XFRM SID as it is the most  in security_net_peersid_resolve()
3638 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule)  in selinux_audit_rule_match()  argument
3664 	ctxt = sidtab_search(policy->sidtab, sid);  in selinux_audit_rule_match()
3666 		WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n",  in selinux_audit_rule_match()
3667 			  sid);  in selinux_audit_rule_match()
3775  * @sid: the SELinux SID
3784 				      u32 sid)  in security_netlbl_cache_add()  argument
3797 	*sid_cache = sid;  in security_netlbl_cache_add()
3804  * security_netlbl_secattr_to_sid - Convert a NetLabel secattr to a SELinux SID
3806  * @sid: the SELinux SID
3810  * SELinux SID.  If the @secattr field does not contain a full SELinux
3811  * SID/context then use SECINITSID_NETMSG as the foundation.  If possible the
3813  * allow the @secattr to be used by NetLabel to cache the secattr to SID
3819 				   u32 *sid)  in security_netlbl_secattr_to_sid()  argument
3829 		*sid = SECSID_NULL;  in security_netlbl_secattr_to_sid()
3841 		*sid = *(u32 *)secattr->cache->data;  in security_netlbl_secattr_to_sid()
3843 		*sid = secattr->attr.secid;  in security_netlbl_secattr_to_sid()
3866 		rc = sidtab_context_to_sid(sidtab, &ctx_new, sid);  in security_netlbl_secattr_to_sid()
3875 		security_netlbl_cache_add(secattr, *sid);  in security_netlbl_secattr_to_sid()
3877 		*sid = SECSID_NULL;  in security_netlbl_secattr_to_sid()
3885  * security_netlbl_sid_to_secattr - Convert a SELinux SID to a NetLabel secattr
3886  * @sid: the SELinux SID
3890  * Convert the given SELinux SID in @sid into a NetLabel security attribute.
3894 int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)  in security_netlbl_sid_to_secattr()  argument
3909 	ctx = sidtab_search(policy->sidtab, sid);  in security_netlbl_sid_to_secattr()
3919 	secattr->attr.secid = sid;  in security_netlbl_sid_to_secattr()