792 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
800 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
808 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_validatetrans()
881 		pr_err("SELinux: %s: unrecognized SID %u\n",  in security_bounded_transition()
889 		pr_err("SELinux: %s: unrecognized SID %u\n",  in security_bounded_transition()
1060 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_xperms_decision()
1067 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_xperms_decision()
1120  * SID pair (@ssid, @tsid) for the permissions in @tclass.
1146 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av()
1157 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av()
1201 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av_user()
1212 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_av_user()
1328 const char *security_get_initial_sid_context(u32 sid)  in security_get_initial_sid_context()  argument
1330 	if (unlikely(sid > SECINITSID_NUM))  in security_get_initial_sid_context()
1332 	return initial_sid_to_string[sid];  in security_get_initial_sid_context()
1335 static int security_sid_to_context_core(u32 sid, char **scontext,  in security_sid_to_context_core()  argument
1350 		if (sid <= SECINITSID_NUM) {  in security_sid_to_context_core()
1361 			if (sid == SECINITSID_INIT)  in security_sid_to_context_core()
1362 				sid = SECINITSID_KERNEL;  in security_sid_to_context_core()
1364 			s = initial_sid_to_string[sid];  in security_sid_to_context_core()
1377 		       "load_policy on unknown SID %d\n", __func__, sid);  in security_sid_to_context_core()
1386 		entry = sidtab_search_entry_force(sidtab, sid);  in security_sid_to_context_core()
1388 		entry = sidtab_search_entry(sidtab, sid);  in security_sid_to_context_core()
1390 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_to_context_core()
1391 			__func__, sid);  in security_sid_to_context_core()
1408  * security_sid_to_context - Obtain a context for a given SID.
1409  * @sid: security identifier, SID
1413  * Write the string representation of the context associated with @sid
1417 int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)  in security_sid_to_context()  argument
1419 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context()
1423 int security_sid_to_context_force(u32 sid,  in security_sid_to_context_force()  argument
1426 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context_force()
1431  * security_sid_to_context_inval - Obtain a context for a given SID if it
1433  * @sid: security identifier, SID
1437  * Write the string representation of the context associated with @sid
1443 int security_sid_to_context_inval(u32 sid,  in security_sid_to_context_inval()  argument
1446 	return security_sid_to_context_core(sid, scontext,  in security_sid_to_context_inval()
1532 					u32 *sid, u32 def_sid, gfp_t gfp_flags,  in security_context_to_sid_core()  argument
1558 				*sid = i;  in security_context_to_sid_core()
1562 		*sid = SECINITSID_KERNEL;  in security_context_to_sid_core()
1565 	*sid = SECSID_NULL;  in security_context_to_sid_core()
1587 	rc = sidtab_context_to_sid(sidtab, &context, sid);  in security_context_to_sid_core()
1607  * security_context_to_sid - Obtain a SID for a given security context.
1610  * @sid: security identifier, SID
1613  * Obtains a SID associated with the security context that
1618 int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid,  in security_context_to_sid()  argument
1622 					    sid, SECSID_NULL, gfp, 0);  in security_context_to_sid()
1625 int security_context_str_to_sid(const char *scontext, u32 *sid, gfp_t gfp)  in security_context_str_to_sid()  argument
1628 				       sid, gfp);  in security_context_str_to_sid()
1632  * security_context_to_sid_default - Obtain a SID for a given security context,
1637  * @sid: security identifier, SID
1638  * @def_sid: default SID to assign on error
1641  * Obtains a SID associated with the security context that
1643  * The default SID is passed to the MLS layer to be used to allow
1651 				    u32 *sid, u32 def_sid, gfp_t gfp_flags)  in security_context_to_sid_default()  argument
1654 					    sid, def_sid, gfp_flags, 1);  in security_context_to_sid_default()
1658 				  u32 *sid)  in security_context_to_sid_force()  argument
1661 					    sid, SECSID_NULL, GFP_KERNEL, 1);  in security_context_to_sid_force()
1786 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_sid()
1793 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_compute_sid()
1910 	/* Obtain the sid for the context. */  in security_compute_sid()
1925  * security_transition_sid - Compute the SID for a new subject/object.
1932  * Compute a SID to use for labeling a new subject or object in the
1933  * class @tclass based on a SID pair (@ssid, @tsid).
1935  * if insufficient memory is available, or %0 if the new SID was
1955  * security_member_sid - Compute the SID for member selection.
1961  * Compute a SID to use when selecting a member of a polyinstantiated
1962  * object of class @tclass based on a SID pair (@ssid, @tsid).
1964  * if insufficient memory is available, or %0 if the SID was
1978  * security_change_sid - Compute the SID for object relabeling.
1984  * Compute a SID to use for relabeling an object of class @tclass
1985  * based on a SID pair (@ssid, @tsid).
1987  * if insufficient memory is available, or %0 if the SID was
2110 		while (oc && oc->sid[0] != SECINITSID_UNLABELED)  in services_convert_context()
2275  * validate it and convert the SID table as necessary.
2333 	 * in the new SID table.  in security_load_policy()
2351 			" representation of contexts in the new SID"  in security_load_policy()
2377  * ocontext_to_sid - Helper to safely get sid for an ocontext
2378  * @sidtab: SID table
2381  * @out_sid: pointer to the resulting SID value
2383  * For all ocontexts except OCON_ISID the SID fields are populated
2384  * on-demand when needed. Since updating the SID value is an SMP-sensitive
2394 	u32 sid;  in ocontext_to_sid()  local
2397 	sid = smp_load_acquire(&c->sid[index]);  in ocontext_to_sid()
2398 	if (!sid) {  in ocontext_to_sid()
2399 		rc = sidtab_context_to_sid(sidtab, &c->context[index], &sid);  in ocontext_to_sid()
2405 		 * when they see the SID.  in ocontext_to_sid()
2407 		smp_store_release(&c->sid[index], sid);  in ocontext_to_sid()
2409 	*out_sid = sid;  in ocontext_to_sid()
2414  * security_port_sid - Obtain the SID for a port.
2466  * security_ib_pkey_sid - Obtain the SID for a pkey.
2518  * security_ib_endport_sid - Obtain the SID for a subnet management interface.
2571  * security_netif_sid - Obtain the SID for a network interface.
2573  * @if_sid: interface SID
2630  * security_node_sid - Obtain the SID for a node (host).
2718  * @fromsid: starting SID
2739 	u32 *mysids = NULL, *mysids2, sid;  in security_get_user_sids()  local
2787 			rc = sidtab_context_to_sid(sidtab, &usercon, &sid);  in security_get_user_sids()
2795 				mysids[mynel++] = sid;  in security_get_user_sids()
2805 				mysids[mynel++] = sid;  in security_get_user_sids()
2840  * __security_genfs_sid - Helper to obtain a SID for a file in a filesystem
2845  * @sid: SID for path
2847  * Obtain a SID to use for a file in a filesystem that
2858 				       u32 *sid)  in __security_genfs_sid()  argument
2871 	*sid = SECINITSID_UNLABELED;  in __security_genfs_sid()
2892 	return ocontext_to_sid(sidtab, c, 0, sid);  in __security_genfs_sid()
2896  * security_genfs_sid - Obtain a SID for a file in a filesystem
2900  * @sid: SID for path
2908 		       u32 *sid)  in security_genfs_sid()  argument
2914 		*sid = SECINITSID_UNLABELED;  in security_genfs_sid()
2922 					      orig_sclass, sid);  in security_genfs_sid()
2932 			u32 *sid)  in selinux_policy_genfs_sid()  argument
2935 	return __security_genfs_sid(policy, fstype, path, orig_sclass, sid);  in selinux_policy_genfs_sid()
2954 		sbsec->sid = SECINITSID_UNLABELED;  in security_fs_use()
2973 		rc = ocontext_to_sid(sidtab, c, 0, &sbsec->sid);  in security_fs_use()
2982 					SECCLASS_DIR, &sbsec->sid);  in security_fs_use()
3180  * security_sid_mls_copy() - computes a new sid based on the given
3181  * sid and the mls portion of mls_sid.
3183 int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)  in security_sid_mls_copy()  argument
3196 		*new_sid = sid;  in security_sid_mls_copy()
3210 		*new_sid = sid;  in security_sid_mls_copy()
3215 	context1 = sidtab_search(sidtab, sid);  in security_sid_mls_copy()
3217 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_mls_copy()
3218 			__func__, sid);  in security_sid_mls_copy()
3225 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_sid_mls_copy()
3273  * @nlbl_sid: NetLabel SID
3275  * @xfrm_sid: XFRM SID
3276  * @peer_sid: network peer sid
3280  * resolved into a single SID it is returned via @peer_sid and the function
3284  *                                 | function return |      @sid
3307 	 * single or absent peer SID/label */  in security_net_peersid_resolve()
3313 	 * and is treated as if nlbl_sid == SECSID_NULL when a XFRM SID/label  in security_net_peersid_resolve()
3341 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_net_peersid_resolve()
3348 		pr_err("SELinux: %s:  unrecognized SID %d\n",  in security_net_peersid_resolve()
3357 	 * information so if the MLS portion of the NetLabel SID  in security_net_peersid_resolve()
3358 	 * matches the MLS portion of the labeled XFRM SID/label  in security_net_peersid_resolve()
3359 	 * then pass along the XFRM SID as it is the most  in security_net_peersid_resolve()
3692 		WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n",  in selinux_audit_rule_match()
3801  * @sid: the SELinux SID
3810 				      u32 sid)  in security_netlbl_cache_add()  argument
3823 	*sid_cache = sid;  in security_netlbl_cache_add()
3830  * security_netlbl_secattr_to_sid - Convert a NetLabel secattr to a SELinux SID
3832  * @sid: the SELinux SID
3836  * SELinux SID.  If the @secattr field does not contain a full SELinux
3837  * SID/context then use SECINITSID_NETMSG as the foundation.  If possible the
3839  * allow the @secattr to be used by NetLabel to cache the secattr to SID
3845 				   u32 *sid)  in security_netlbl_secattr_to_sid()  argument
3855 		*sid = SECSID_NULL;  in security_netlbl_secattr_to_sid()
3867 		*sid = *(u32 *)secattr->cache->data;  in security_netlbl_secattr_to_sid()
3869 		*sid = secattr->attr.secid;  in security_netlbl_secattr_to_sid()
3892 		rc = sidtab_context_to_sid(sidtab, &ctx_new, sid);  in security_netlbl_secattr_to_sid()
3901 		security_netlbl_cache_add(secattr, *sid);  in security_netlbl_secattr_to_sid()
3903 		*sid = SECSID_NULL;  in security_netlbl_secattr_to_sid()
3911  * security_netlbl_sid_to_secattr - Convert a SELinux SID to a NetLabel secattr
3912  * @sid: the SELinux SID
3916  * Convert the given SELinux SID in @sid into a NetLabel security attribute.
3920 int security_netlbl_sid_to_secattr(u32 sid, struct netlbl_lsm_secattr *secattr)  in security_netlbl_sid_to_secattr()  argument
3935 	ctx = sidtab_search(policy->sidtab, sid);  in security_netlbl_sid_to_secattr()
3945 	secattr->attr.secid = sid;  in security_netlbl_sid_to_secattr()