* if the access vector decisions were computed successfully. */int security_compute_av(u32 ssid,			u32 tsid,			u16 tclass,			u32 requested,			struct av_decision *avd){	struct context *scontext = NULL, *tcontext = NULL;	int rc = 0;	if (!ss_initialized) {		avd->allowed = 0xffffffff;		avd->decided = 0xffffffff;		avd->auditallow = 0;		avd->auditdeny = 0xffffffff;		avd->seqno = latest_granting;		return 0;	}	POLICY_RDLOCK;	scontext = sidtab_search(&sidtab, ssid);	if (!scontext) {		printk(KERN_ERR "security_compute_av:  unrecognized SID %d\n",		       ssid);		rc = -EINVAL;		goto out;	}	tcontext = sidtab_search(&sidtab, tsid);	if (!tcontext) {		printk(KERN_ERR "security_compute_av:  unrecognized SID %d\n",		       tsid);		rc = -EINVAL;		goto out;	}	rc = context_struct_compute_av(scontext, tcontext, tclass,				       requested, avd);out:	POLICY_RDUNLOCK;	return rc;}/* * Write the security context string representation of * the context structure `context' into a dynamically * allocated string of the correct size.  Set `*scontext' * to point to this string and set `*scontext_len' to * the length of the string. */static int context_struct_to_string(struct context *context, char **scontext, u32 *scontext_len){	char *scontextp;	*scontext = NULL;	*scontext_len = 0;	/* Compute the size of the context. */	*scontext_len += strlen(policydb.p_user_val_to_name[context->user - 1]) + 1;	*scontext_len += strlen(policydb.p_role_val_to_name[context->role - 1]) + 1;	*scontext_len += strlen(policydb.p_type_val_to_name[context->type - 1]) + 1;	*scontext_len += mls_compute_context_len(context);	/* Allocate space for the context; caller must free this space. */	scontextp = kmalloc(*scontext_len, GFP_ATOMIC);	if (!scontextp) {		return -ENOMEM;	}	*scontext = scontextp;	/*	 * Copy the user name, role name and type name into the context.	 */	sprintf(scontextp, "%s:%s:%s",		policydb.p_user_val_to_name[context->user - 1],		policydb.p_role_val_to_name[context->role - 1],		policydb.p_type_val_to_name[context->type - 1]);	scontextp += strlen(policydb.p_user_val_to_name[context->user - 1]) +	             1 + strlen(policydb.p_role_val_to_name[context->role - 1]) +	             1 + strlen(policydb.p_type_val_to_name[context->type - 1]);	mls_sid_to_context(context, &scontextp);	*scontextp = 0;	return 0;}#include "initial_sid_to_string.h"const char *security_get_initial_sid_context(u32 sid){	if (unlikely(sid > SECINITSID_NUM))		return NULL;	return initial_sid_to_string[sid];}/** * security_sid_to_context - Obtain a context for a given SID. * @sid: security identifier, SID * @scontext: security context * @scontext_len: length in bytes * * Write the string representation of the context associated with @sid * into a dynamically allocated string of the correct size.  Set @scontext * to point to this string and set @scontext_len to the length of the string. */int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len){	struct context *context;	int rc = 0;	*scontext = NULL;	*scontext_len  = 0;	if (!ss_initialized) {		if (sid <= SECINITSID_NUM) {			char *scontextp;			*scontext_len = strlen(initial_sid_to_string[sid]) + 1;			scontextp = kmalloc(*scontext_len,GFP_ATOMIC);			if (!scontextp) {				rc = -ENOMEM;				goto out;			}			strcpy(scontextp, initial_sid_to_string[sid]);			*scontext = scontextp;			goto out;		}		printk(KERN_ERR "security_sid_to_context:  called before initial "		       "load_policy on unknown SID %d\n", sid);		rc = -EINVAL;		goto out;	}	POLICY_RDLOCK;	context = sidtab_search(&sidtab, sid);	if (!context) {		printk(KERN_ERR "security_sid_to_context:  unrecognized SID "		       "%d\n", sid);		rc = -EINVAL;		goto out_unlock;	}	rc = context_struct_to_string(context, scontext, scontext_len);out_unlock:	POLICY_RDUNLOCK;out:	return rc;}static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *sid, u32 def_sid){	char *scontext2;	struct context context;	struct role_datum *role;	struct type_datum *typdatum;	struct user_datum *usrdatum;	char *scontextp, *p, oldc;	int rc = 0;	if (!ss_initialized) {		int i;		for (i = 1; i < SECINITSID_NUM; i++) {			if (!strcmp(initial_sid_to_string[i], scontext)) {				*sid = i;				goto out;			}		}		*sid = SECINITSID_KERNEL;		goto out;	}	*sid = SECSID_NULL;	/* Copy the string so that we can modify the copy as we parse it.	   The string should already by null terminated, but we append a	   null suffix to the copy to avoid problems with the existing	   attr package, which doesn't view the null terminator as part	   of the attribute value. */	scontext2 = kmalloc(scontext_len+1,GFP_KERNEL);	if (!scontext2) {		rc = -ENOMEM;		goto out;	}	memcpy(scontext2, scontext, scontext_len);	scontext2[scontext_len] = 0;	context_init(&context);	*sid = SECSID_NULL;	POLICY_RDLOCK;	/* Parse the security context. */	rc = -EINVAL;	scontextp = (char *) scontext2;	/* Extract the user. */	p = scontextp;	while (*p && *p != ':')		p++;	if (*p == 0)		goto out_unlock;	*p++ = 0;	usrdatum = hashtab_search(policydb.p_users.table, scontextp);	if (!usrdatum)		goto out_unlock;	context.user = usrdatum->value;	/* Extract role. */	scontextp = p;	while (*p && *p != ':')		p++;	if (*p == 0)		goto out_unlock;	*p++ = 0;	role = hashtab_search(policydb.p_roles.table, scontextp);	if (!role)		goto out_unlock;	context.role = role->value;	/* Extract type. */	scontextp = p;	while (*p && *p != ':')		p++;	oldc = *p;	*p++ = 0;	typdatum = hashtab_search(policydb.p_types.table, scontextp);	if (!typdatum)		goto out_unlock;	context.type = typdatum->value;	rc = mls_context_to_sid(oldc, &p, &context, &sidtab, def_sid);	if (rc)		goto out_unlock;	if ((p - scontext2) < scontext_len) {		rc = -EINVAL;		goto out_unlock;	}	/* Check the validity of the new context. */	if (!policydb_context_isvalid(&policydb, &context)) {		rc = -EINVAL;		goto out_unlock;	}	/* Obtain the new sid. */	rc = sidtab_context_to_sid(&sidtab, &context, sid);out_unlock:	POLICY_RDUNLOCK;	context_destroy(&context);	kfree(scontext2);out:	return rc;}/** * security_context_to_sid - Obtain a SID for a given security context. * @scontext: security context * @scontext_len: length in bytes * @sid: security identifier, SID * * Obtains a SID associated with the security context that * has the string representation specified by @scontext. * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient * memory is available, or 0 on success. */int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid){	return security_context_to_sid_core(scontext, scontext_len,	                                    sid, SECSID_NULL);}/** * security_context_to_sid_default - Obtain a SID for a given security context, * falling back to specified default if needed. * * @scontext: security context * @scontext_len: length in bytes * @sid: security identifier, SID * @def_sid: default SID to assign on error * * Obtains a SID associated with the security context that * has the string representation specified by @scontext. * The default SID is passed to the MLS layer to be used to allow * kernel labeling of the MLS field if the MLS field is not present * (for upgrading to MLS without full relabel). * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient * memory is available, or 0 on success. */int security_context_to_sid_default(char *scontext, u32 scontext_len, u32 *sid, u32 def_sid){	return security_context_to_sid_core(scontext, scontext_len,	                                    sid, def_sid);}static int compute_sid_handle_invalid_context(	struct context *scontext,	struct context *tcontext,	u16 tclass,	struct context *newcontext){	char *s = NULL, *t = NULL, *n = NULL;	u32 slen, tlen, nlen;	if (context_struct_to_string(scontext, &s, &slen) < 0)		goto out;	if (context_struct_to_string(tcontext, &t, &tlen) < 0)		goto out;	if (context_struct_to_string(newcontext, &n, &nlen) < 0)		goto out;	audit_log(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR,		  "security_compute_sid:  invalid context %s"		  " for scontext=%s"		  " tcontext=%s"		  " tclass=%s",		  n, s, t, policydb.p_class_val_to_name[tclass-1]);out:	kfree(s);	kfree(t);	kfree(n);	if (!selinux_enforcing)		return 0;	return -EACCES;}static int security_compute_sid(u32 ssid,				u32 tsid,				u16 tclass,				u32 specified,				u32 *out_sid){	struct context *scontext = NULL, *tcontext = NULL, newcontext;	struct role_trans *roletr = NULL;	struct avtab_key avkey;	struct avtab_datum *avdatum;	struct avtab_node *node;	int rc = 0;	if (!ss_initialized) {		switch (tclass) {		case SECCLASS_PROCESS:			*out_sid = ssid;			break;		default:			*out_sid = tsid;			break;		}		goto out;	}	context_init(&newcontext);	POLICY_RDLOCK;	scontext = sidtab_search(&sidtab, ssid);	if (!scontext) {		printk(KERN_ERR "security_compute_sid:  unrecognized SID %d\n",		       ssid);		rc = -EINVAL;		goto out_unlock;	}	tcontext = sidtab_search(&sidtab, tsid);	if (!tcontext) {		printk(KERN_ERR "security_compute_sid:  unrecognized SID %d\n",		       tsid);		rc = -EINVAL;		goto out_unlock;	}	/* Set the user identity. */	switch (specified) {	case AVTAB_TRANSITION:	case AVTAB_CHANGE:		/* Use the process user identity. */		newcontext.user = scontext->user;		break;	case AVTAB_MEMBER:		/* Use the related object owner. */		newcontext.user = tcontext->user;		break;	}	/* Set the role and type to default values. */	switch (tclass) {	case SECCLASS_PROCESS:		/* Use the current role and type of process. */		newcontext.role = scontext->role;		newcontext.type = scontext->type;		break;	default:		/* Use the well-defined object role. */		newcontext.role = OBJECT_R_VAL;		/* Use the type of the related object. */		newcontext.type = tcontext->type;	}	/* Look for a type transition/member/change rule. */	avkey.source_type = scontext->type;	avkey.target_type = tcontext->type;	avkey.target_class = tclass;	avkey.specified = specified;	avdatum = avtab_search(&policydb.te_avtab, &avkey);	/* If no permanent rule, also check for enabled conditional rules */	if(!avdatum) {		node = avtab_search_node(&policydb.te_cond_avtab, &avkey);		for (; node != NULL; node = avtab_search_node_next(node, specified)) {			if (node->key.specified & AVTAB_ENABLED) {				avdatum = &node->datum;				break;			}		}	}	if (avdatum) {		/* Use the type from the type transition/member/change rule. */		newcontext.type = avdatum->data;	}	/* Check for class-specific changes. */	switch (tclass) {	case SECCLASS_PROCESS:		if (specified & AVTAB_TRANSITION) {			/* Look for a role transition rule. */			for (roletr = policydb.role_tr; roletr;			     roletr = roletr->next) {				if (roletr->role == scontext->role &&				    roletr->type == tcontext->type) {					/* Use the role transition rule. */					newcontext.role = roletr->new_role;					break;				}			}		}		break;	default:		break;	}	/* Set the MLS attributes.	   This is done last because it may allocate memory. */	rc = mls_compute_sid(scontext, tcontext, tclass, specified, &newcontext);	if (rc)		goto out_unlock;	/* Check the validity of the context. */	if (!policydb_context_isvalid(&policydb, &newcontext)) {		rc = compute_sid_handle_invalid_context(scontext,							tcontext,							tclass,							&newcontext);		if (rc)			goto out_unlock;	}	/* Obtain the sid for the context. */	rc = sidtab_context_to_sid(&sidtab, &newcontext, out_sid);out_unlock:	POLICY_RDUNLOCK;	context_destroy(&newcontext);out:	return rc;}/** * security_transition_sid - Compute the SID for a new subject/object. * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class * @out_sid: security identifier for new subject/object * * Compute a SID to use for labeling a new subject or object in the * class @tclass based on a SID pair (@ssid, @tsid). * Return -%EINVAL if any of the parameters are invalid, -%ENOMEM * if insufficient memory is available, or %0 if the new SID was * computed successfully. */int security_transition_sid(u32 ssid,			    u32 tsid,			    u16 tclass,			    u32 *out_sid){	return security_compute_sid(ssid, tsid, tclass, AVTAB_TRANSITION, out_sid);}/** * security_member_sid - Compute the SID for member selection. * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class * @out_sid: security identifier for selected member * * Compute a SID to use when selecting a member of a polyinstantiated * object of class @tclass based on a SID pair (@ssid, @tsid). * Return -%EINVAL if any of the parameters are invalid, -%ENOMEM * if insufficient memory is available, or %0 if the SID was * computed successfully. */int security_member_sid(u32 ssid,			u32 tsid,			u16 tclass,			u32 *out_sid){	return security_compute_sid(ssid, tsid, tclass, AVTAB_MEMBER, out_sid);}/** * security_change_sid - Compute the SID for object relabeling. * @ssid: source security identifier * @tsid: target security identifier * @tclass: target security class * @out_sid: security identifier for selected member * * Compute a SID to use for relabeling an object of class @tclass * based on a SID pair (@ssid, @tsid). * Return -%EINVAL if any of the parameters are invalid, -%ENOMEM * if insufficient memory is available, or %0 if the SID was * computed successfully.