selinux_xfrm_alloc_user

Name:Allocates a xfrm_sec_state and populates it using the supplied security* xfrm_user_sec_ctx context.

Proto:static int selinux_xfrm_alloc_user(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *uctx, gfp_t gfp)

Type:int

Parameter:

Type	Parameter	Name
struct xfrm_sec_ctx **	ctxp
struct xfrm_user_sec_ctx *	uctx
gfp_t	gfp

79

tsec = selinux_cred(current_cred - Access the current task's subjective credentials* Access the subjective credentials of the current task. RCU-safe,* since nobody else can modify it.())

80

struct xfrm_sec_ctx * ctx = NULL

83

If ctxp == NULL || uctx == NULL || ctx_doi != XFRM_SC_DOI_LSM || LSMs: e.g., selinux == 1 != XFRM_SC_ALG_SELINUX Then Return -EINVAL

88

str_len = ctx_len

89

If str_len >= PAGE_SIZE Then Return -ENOMEM

92

ctx = Allocation memory

93

If Not ctx Then Return -ENOMEM

96

ctx_doi = XFRM_SC_DOI_LSM

97

ctx_alg = XFRM_SC_ALG_SELINUX

98

ctx_len = str_len

99

memcpy(ctx_str, & uctx[1], str_len)

100

ctx_str[str_len] = '\0'

101

rc = security_context_to_sid( & selinux_state, ctx_str, str_len, & ctx_sid, gfp)

103

If rc Then Go to err

106

rc = avc_has_perm - Check permissions and perform any appropriate auditing

109

If rc Then Go to err

112

ctxp = ctx

113

atomic_inc( & Labeled XFRM instance counter )

114

Return 0

116

err :

117

118

Return rc

**Caller**
Name	Describe
selinux_xfrm_policy_alloc	LSM hook implementation that allocs and transfers uctx spec to xfrm_policy.
selinux_xfrm_state_alloc	LSM hook implementation that allocates a xfrm_sec_state, populates it using* the supplied security context, and assigns it to the xfrm_state.

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion