266 	struct smack_known *skp = NULL;  in smk_fetch()  local
277 		skp = ERR_PTR(rc);  in smk_fetch()
279 		skp = NULL;  in smk_fetch()
281 		skp = smk_import_entry(buffer, rc);  in smk_fetch()
285 	return skp;  in smk_fetch()
294 static struct inode_smack *new_inode_smack(struct smack_known *skp)  in new_inode_smack()  argument
302 	isp->smk_inode = skp;  in new_inode_smack()
481 	struct smack_known *skp;  in smack_ptrace_access_check()  local
483 	skp = smk_of_task_struct(ctp);  in smack_ptrace_access_check()
485 	return smk_ptrace_rule_check(current, skp, mode, __func__);  in smack_ptrace_access_check()
499 	struct smack_known *skp;  in smack_ptrace_traceme()  local
501 	skp = smk_of_task(current_security());  in smack_ptrace_traceme()
503 	rc = smk_ptrace_rule_check(ptp, skp, PTRACE_MODE_ATTACH, __func__);  in smack_ptrace_traceme()
516 	struct smack_known *skp = smk_of_current();  in smack_syslog()  local
521 	if (smack_syslog_label != NULL && smack_syslog_label != skp)  in smack_syslog()
764 	struct smack_known *skp;  in smack_set_mnt_opts()  local
777 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
778 			if (IS_ERR(skp))  in smack_set_mnt_opts()
779 				return PTR_ERR(skp);  in smack_set_mnt_opts()
780 			sp->smk_default = skp;  in smack_set_mnt_opts()
783 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
784 			if (IS_ERR(skp))  in smack_set_mnt_opts()
785 				return PTR_ERR(skp);  in smack_set_mnt_opts()
786 			sp->smk_floor = skp;  in smack_set_mnt_opts()
789 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
790 			if (IS_ERR(skp))  in smack_set_mnt_opts()
791 				return PTR_ERR(skp);  in smack_set_mnt_opts()
792 			sp->smk_hat = skp;  in smack_set_mnt_opts()
795 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
796 			if (IS_ERR(skp))  in smack_set_mnt_opts()
797 				return PTR_ERR(skp);  in smack_set_mnt_opts()
798 			sp->smk_root = skp;  in smack_set_mnt_opts()
801 			skp = smk_import_entry(opts->mnt_opts[i], 0);  in smack_set_mnt_opts()
802 			if (IS_ERR(skp))  in smack_set_mnt_opts()
803 				return PTR_ERR(skp);  in smack_set_mnt_opts()
804 			sp->smk_root = skp;  in smack_set_mnt_opts()
821 		skp = smk_of_current();  in smack_set_mnt_opts()
822 		sp->smk_root = skp;  in smack_set_mnt_opts()
823 		sp->smk_default = skp;  in smack_set_mnt_opts()
986 	struct smack_known *skp = smk_of_current();  in smack_inode_alloc_security()  local
988 	inode->i_security = new_inode_smack(skp);  in smack_inode_alloc_security()
1022 	struct smack_known *skp = smk_of_current();  in smack_inode_init_security()  local
1032 		may = smk_access_entry(skp->smk_known, dsp->smk_known,  in smack_inode_init_security()
1033 				       &skp->smk_rules);  in smack_inode_init_security()
1288 	struct smack_known *skp;  in smack_inode_setxattr()  local
1319 		skp = size ? smk_import_entry(value, size) : NULL;  in smack_inode_setxattr()
1320 		if (IS_ERR(skp))  in smack_inode_setxattr()
1321 			rc = PTR_ERR(skp);  in smack_inode_setxattr()
1322 		else if (skp == NULL || (check_star &&  in smack_inode_setxattr()
1323 		    (skp == &smack_known_star || skp == &smack_known_web)))  in smack_inode_setxattr()
1352 	struct smack_known *skp;  in smack_inode_post_setxattr()  local
1361 		skp = smk_import_entry(value, size);  in smack_inode_post_setxattr()
1362 		if (!IS_ERR(skp))  in smack_inode_post_setxattr()
1363 			isp->smk_inode = skp;  in smack_inode_post_setxattr()
1367 		skp = smk_import_entry(value, size);  in smack_inode_post_setxattr()
1368 		if (!IS_ERR(skp))  in smack_inode_post_setxattr()
1369 			isp->smk_task = skp;  in smack_inode_post_setxattr()
1373 		skp = smk_import_entry(value, size);  in smack_inode_post_setxattr()
1374 		if (!IS_ERR(skp))  in smack_inode_post_setxattr()
1375 			isp->smk_mmap = skp;  in smack_inode_post_setxattr()
1583 	struct smack_known *skp = smk_of_current();  in smack_file_alloc_security()  local
1585 	file->f_security = skp;  in smack_file_alloc_security()
1711 	struct smack_known *skp;  in smack_mmap_file()  local
1731 	skp = smk_of_current();  in smack_mmap_file()
1740 	list_for_each_entry_rcu(srp, &skp->smk_rules, list) {  in smack_mmap_file()
1825 	struct smack_known *skp;  in smack_file_send_sigiotask()  local
1837 	skp = file->f_security;  in smack_file_send_sigiotask()
1838 	rc = smk_access(skp, tkp, MAY_WRITE, NULL);  in smack_file_send_sigiotask()
1839 	rc = smk_bu_note("sigiotask", skp, tkp, MAY_WRITE, rc);  in smack_file_send_sigiotask()
1845 	smack_log(skp->smk_known, tkp->smk_known, MAY_WRITE, rc, &ad);  in smack_file_send_sigiotask()
2026 	struct smack_known *skp = smack_from_secid(secid);  in smack_kernel_act_as()  local
2028 	if (skp == NULL)  in smack_kernel_act_as()
2031 	new_tsp->smk_task = skp;  in smack_kernel_act_as()
2066 	struct smack_known *skp = smk_of_task_struct(p);  in smk_curacc_on_task()  local
2071 	rc = smk_curacc(skp, access, &ad);  in smk_curacc_on_task()
2119 	struct smack_known *skp = smk_of_task_struct(p);  in smack_task_getsecid()  local
2121 	*secid = skp->smk_secid;  in smack_task_getsecid()
2210 	struct smack_known *skp;  in smack_task_kill()  local
2230 	skp = smack_from_secid(secid);  in smack_task_kill()
2231 	rc = smk_access(skp, tkp, MAY_WRITE, &ad);  in smack_task_kill()
2232 	rc = smk_bu_note("USB signal", skp, tkp, MAY_WRITE, rc);  in smack_task_kill()
2265 	struct smack_known *skp = smk_of_task_struct(p);  in smack_task_to_inode()  local
2267 	isp->smk_inode = skp;  in smack_task_to_inode()
2286 	struct smack_known *skp = smk_of_current();  in smack_sk_alloc_security()  local
2293 	ssp->smk_in = skp;  in smack_sk_alloc_security()
2294 	ssp->smk_out = skp;  in smack_sk_alloc_security()
2428 	struct smack_known *skp;  in smack_netlabel()  local
2447 		skp = ssp->smk_out;  in smack_netlabel()
2448 		rc = netlbl_sock_setattr(sk, sk->sk_family, &skp->smk_netlabel);  in smack_netlabel()
2470 	struct smack_known *skp;  in smack_netlabel_send()  local
2489 		skp = ssp->smk_out;  in smack_netlabel_send()
2490 		rc = smk_access(skp, hkp, MAY_WRITE, &ad);  in smack_netlabel_send()
2491 		rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc);  in smack_netlabel_send()
2624 	struct smack_known *skp = NULL;  in smk_ipv6_port_check()  local
2629 		skp = smack_ipv6host_label(address);  in smk_ipv6_port_check()
2632 		skp = ssp->smk_out;  in smk_ipv6_port_check()
2639 	if (skp != NULL && object != NULL)  in smk_ipv6_port_check()
2640 		return smk_ipv6_check(skp, object, address, act);  in smk_ipv6_port_check()
2641 	if (skp == NULL)  in smk_ipv6_port_check()
2642 		skp = smack_net_ambient;  in smk_ipv6_port_check()
2650 		return smk_ipv6_check(skp, object, address, act);  in smk_ipv6_port_check()
2668 	return smk_ipv6_check(skp, object, address, act);  in smk_ipv6_port_check()
2687 	struct smack_known *skp;  in smack_inode_setsecurity()  local
2696 	skp = smk_import_entry(value, size);  in smack_inode_setsecurity()
2697 	if (IS_ERR(skp))  in smack_inode_setsecurity()
2698 		return PTR_ERR(skp);  in smack_inode_setsecurity()
2701 		nsp->smk_inode = skp;  in smack_inode_setsecurity()
2718 		ssp->smk_in = skp;  in smack_inode_setsecurity()
2720 		ssp->smk_out = skp;  in smack_inode_setsecurity()
2872 	struct smack_known *skp = smk_of_current();  in smack_msg_msg_alloc_security()  local
2874 	msg->security = skp;  in smack_msg_msg_alloc_security()
2909 	struct smack_known *skp = smk_of_current();  in smack_shm_alloc_security()  local
2911 	isp->security = skp;  in smack_shm_alloc_security()
3036 	struct smack_known *skp = smk_of_current();  in smack_sem_alloc_security()  local
3038 	isp->security = skp;  in smack_sem_alloc_security()
3158 	struct smack_known *skp = smk_of_current();  in smack_msg_queue_alloc_security()  local
3160 	kisp->security = skp;  in smack_msg_queue_alloc_security()
3338 	struct smack_known *skp;  in smack_d_instantiate()  local
3482 		skp = smk_fetch(XATTR_NAME_SMACK, inode, dp);  in smack_d_instantiate()
3483 		if (!IS_ERR_OR_NULL(skp))  in smack_d_instantiate()
3484 			final = skp;  in smack_d_instantiate()
3519 		skp = smk_fetch(XATTR_NAME_SMACKEXEC, inode, dp);  in smack_d_instantiate()
3520 		if (IS_ERR(skp) || skp == &smack_known_star ||  in smack_d_instantiate()
3521 		    skp == &smack_known_web)  in smack_d_instantiate()
3522 			skp = NULL;  in smack_d_instantiate()
3523 		isp->smk_task = skp;  in smack_d_instantiate()
3525 		skp = smk_fetch(XATTR_NAME_SMACKMMAP, inode, dp);  in smack_d_instantiate()
3526 		if (IS_ERR(skp) || skp == &smack_known_star ||  in smack_d_instantiate()
3527 		    skp == &smack_known_web)  in smack_d_instantiate()
3528 			skp = NULL;  in smack_d_instantiate()
3529 		isp->smk_mmap = skp;  in smack_d_instantiate()
3559 	struct smack_known *skp = smk_of_task_struct(p);  in smack_getprocattr()  local
3566 	cp = kstrdup(skp->smk_known, GFP_KERNEL);  in smack_getprocattr()
3592 	struct smack_known *skp;  in smack_setprocattr()  local
3612 	skp = smk_import_entry(value, size);  in smack_setprocattr()
3613 	if (IS_ERR(skp))  in smack_setprocattr()
3614 		return PTR_ERR(skp);  in smack_setprocattr()
3619 	if (skp == &smack_known_web)  in smack_setprocattr()
3625 			if (sklep->smk_label == skp) {  in smack_setprocattr()
3638 	tsp->smk_task = skp;  in smack_setprocattr()
3660 	struct smack_known *skp;  in smack_unix_stream_connect()  local
3672 		skp = ssp->smk_out;  in smack_unix_stream_connect()
3678 		rc = smk_access(skp, okp, MAY_WRITE, &ad);  in smack_unix_stream_connect()
3679 		rc = smk_bu_note("UDS connect", skp, okp, MAY_WRITE, rc);  in smack_unix_stream_connect()
3682 			skp = ssp->smk_in;  in smack_unix_stream_connect()
3683 			rc = smk_access(okp, skp, MAY_WRITE, &ad);  in smack_unix_stream_connect()
3684 			rc = smk_bu_note("UDS connect", okp, skp,  in smack_unix_stream_connect()
3788 	struct smack_known *skp;  in smack_from_secattr()  local
3805 		list_for_each_entry(skp, &smack_known_list, list) {  in smack_from_secattr()
3806 			if (sap->attr.mls.lvl != skp->smk_netlabel.attr.mls.lvl)  in smack_from_secattr()
3812 				if ((skp->smk_netlabel.flags &  in smack_from_secattr()
3821 					skp->smk_netlabel.attr.mls.cat,  in smack_from_secattr()
3834 			return skp;  in smack_from_secattr()
3844 		skp = smack_from_secid(sap->attr.secid);  in smack_from_secattr()
3852 		BUG_ON(skp == NULL);  in smack_from_secattr()
3853 		return skp;  in smack_from_secattr()
3923 	struct smack_known *skp = NULL;  in smack_socket_sock_rcv_skb()  local
3943 			skp = smack_from_secid(skb->secmark);  in smack_socket_sock_rcv_skb()
3954 			skp = smack_from_secattr(&secattr, ssp);  in smack_socket_sock_rcv_skb()
3956 			skp = smack_net_ambient;  in smack_socket_sock_rcv_skb()
3975 		rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);  in smack_socket_sock_rcv_skb()
3976 		rc = smk_bu_note("IPv4 delivery", skp, ssp->smk_in,  in smack_socket_sock_rcv_skb()
3988 			skp = smack_from_secid(skb->secmark);  in smack_socket_sock_rcv_skb()
3990 			skp = smack_ipv6host_label(&sadd);  in smack_socket_sock_rcv_skb()
3991 		if (skp == NULL)  in smack_socket_sock_rcv_skb()
3992 			skp = smack_net_ambient;  in smack_socket_sock_rcv_skb()
3999 		rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);  in smack_socket_sock_rcv_skb()
4000 		rc = smk_bu_note("IPv6 delivery", skp, ssp->smk_in,  in smack_socket_sock_rcv_skb()
4063 	struct smack_known *skp;  in smack_socket_getpeersec_dgram()  local
4098 			skp = smack_from_secattr(&secattr, ssp);  in smack_socket_getpeersec_dgram()
4099 			s = skp->smk_secid;  in smack_socket_getpeersec_dgram()
4126 	struct smack_known *skp = smk_of_current();  in smack_sock_graft()  local
4133 	ssp->smk_in = skp;  in smack_sock_graft()
4134 	ssp->smk_out = skp;  in smack_sock_graft()
4151 	struct smack_known *skp;  in smack_inet_conn_request()  local
4184 		skp = smack_from_secid(skb->secmark);  in smack_inet_conn_request()
4192 		skp = smack_from_secattr(&secattr, ssp);  in smack_inet_conn_request()
4194 		skp = &smack_known_huh;  in smack_inet_conn_request()
4211 	rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);  in smack_inet_conn_request()
4212 	rc = smk_bu_note("IPv4 connect", skp, ssp->smk_in, MAY_WRITE, rc);  in smack_inet_conn_request()
4220 	req->peer_secid = skp->smk_secid;  in smack_inet_conn_request()
4234 		rc = netlbl_req_setattr(req, &skp->smk_netlabel);  in smack_inet_conn_request()
4252 	struct smack_known *skp;  in smack_inet_csk_clone()  local
4255 		skp = smack_from_secid(req->peer_secid);  in smack_inet_csk_clone()
4256 		ssp->smk_packet = skp;  in smack_inet_csk_clone()
4283 	struct smack_known *skp = smk_of_task(cred->security);  in smack_key_alloc()  local
4285 	key->security = skp;  in smack_key_alloc()
4357 	struct smack_known *skp = key->security;  in smack_key_getsecurity()  local
4366 	copy = kstrdup(skp->smk_known, GFP_KERNEL);  in smack_key_getsecurity()
4404 	struct smack_known *skp;  in smack_audit_rule_init()  local
4414 	skp = smk_import_entry(rulestr, 0);  in smack_audit_rule_init()
4415 	if (IS_ERR(skp))  in smack_audit_rule_init()
4416 		return PTR_ERR(skp);  in smack_audit_rule_init()
4418 	*rule = skp->smk_known;  in smack_audit_rule_init()
4460 	struct smack_known *skp;  in smack_audit_rule_match()  local
4471 	skp = smack_from_secid(secid);  in smack_audit_rule_match()
4479 		return (rule == skp->smk_known);  in smack_audit_rule_match()
4481 		return (rule != skp->smk_known);  in smack_audit_rule_match()
4519 	struct smack_known *skp = smack_from_secid(secid);  in smack_secid_to_secctx()  local
4522 		*secdata = skp->smk_known;  in smack_secid_to_secctx()
4523 	*seclen = strlen(skp->smk_known);  in smack_secid_to_secctx()
4537 	struct smack_known *skp = smk_find_entry(secdata);  in smack_secctx_to_secid()  local
4539 	if (skp)  in smack_secctx_to_secid()
4540 		*secid = skp->smk_secid;  in smack_secctx_to_secid()