85 SELinuxDoCheck(SELinuxSubjectRec * subj, SELinuxObjectRec * obj,  in SELinuxDoCheck()  argument
89     if (subj->privileged)  in SELinuxDoCheck()
92     auditdata->command = subj->command;  in SELinuxDoCheck()
95     if (avc_has_perm(subj->sid, obj->sid, class, mode, &subj->aeref,  in SELinuxDoCheck()
115     SELinuxSubjectRec *subj;  in SELinuxLabelClient()  local
119     subj = dixLookupPrivate(&client->devPrivates, subjectKey);  in SELinuxLabelClient()
146         strncpy(subj->command, cmdname, COMMAND_LEN - 1);  in SELinuxLabelClient()
154     if (avc_context_to_sid_raw(ctx, &subj->sid) < 0)  in SELinuxLabelClient()
158     obj->sid = subj->sid;  in SELinuxLabelClient()
170     SELinuxSubjectRec *subj;  in SELinuxLabelInitial()  local
176     subj = dixLookupPrivate(&serverClient->devPrivates, subjectKey);  in SELinuxLabelInitial()
178     subj->privileged = 1;  in SELinuxLabelInitial()
185     if (avc_context_to_sid_raw(ctx, &subj->sid) < 0)  in SELinuxLabelInitial()
188     obj->sid = subj->sid;  in SELinuxLabelInitial()
210 SELinuxLabelResource(XaceResourceAccessRec * rec, SELinuxSubjectRec * subj,  in SELinuxLabelResource()  argument
217     if (rec->rtype & RC_DRAWABLE && subj->win_create_sid) {  in SELinuxLabelResource()
218         obj->sid = subj->win_create_sid;  in SELinuxLabelResource()
234         tsid = subj->sid;  in SELinuxLabelResource()
238     if (avc_compute_create(subj->sid, tsid, class, &obj->sid) < 0) {  in SELinuxLabelResource()
335     SELinuxSubjectRec *subj;  in SELinuxDevice()  local
341     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxDevice()
350         if (subj->dev_create_sid) {  in SELinuxDevice()
352             obj->sid = subj->dev_create_sid;  in SELinuxDevice()
353             dsubj->sid = subj->dev_create_sid;  in SELinuxDevice()
357             obj->sid = subj->sid;  in SELinuxDevice()
358             dsubj->sid = subj->sid;  in SELinuxDevice()
363     rc = SELinuxDoCheck(subj, obj, cls, rec->access_mode, &auditdata);  in SELinuxDevice()
372     SELinuxSubjectRec *subj;  in SELinuxSend()  local
379         subj = dixLookupPrivate(&rec->dev->devPrivates, subjectKey);  in SELinuxSend()
381         subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxSend()
386     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixSendAccess,  in SELinuxSend()
401         rc = SELinuxDoCheck(subj, &ev_sid, class, DixSendAccess, &auditdata);  in SELinuxSend()
414     SELinuxSubjectRec *subj;  in SELinuxReceive()  local
420     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxReceive()
424     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_DRAWABLE, DixReceiveAccess,  in SELinuxReceive()
439         rc = SELinuxDoCheck(subj, &ev_sid, class, DixReceiveAccess, &auditdata);  in SELinuxReceive()
452     SELinuxSubjectRec *subj, *serv;  in SELinuxExtension()  local
457     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxExtension()
483     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_EXTENSION, rec->access_mode,  in SELinuxExtension()
493     SELinuxSubjectRec *subj;  in SELinuxSelection()  local
502     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxSelection()
507         rc = SELinuxSelectionToSID(name, subj, &obj->sid, &obj->poly);  in SELinuxSelection()
514         rc = SELinuxSelectionToSID(name, subj, &tsid, NULL);  in SELinuxSelection()
534     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SELECTION, access_mode,  in SELinuxSelection()
542         if (subj->sel_create_sid)  in SELinuxSelection()
543             data->sid = subj->sel_create_sid;  in SELinuxSelection()
553     SELinuxSubjectRec *subj;  in SELinuxProperty()  local
565     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxProperty()
570         rc = SELinuxPropertyToSID(name, subj, &obj->sid, &obj->poly);  in SELinuxProperty()
578         rc = SELinuxPropertyToSID(name, subj, &tsid, NULL);  in SELinuxProperty()
598     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_PROPERTY, rec->access_mode,  in SELinuxProperty()
606         if (subj->prp_create_sid)  in SELinuxProperty()
607             data->sid = subj->prp_create_sid;  in SELinuxProperty()
617     SELinuxSubjectRec *subj;  in SELinuxResource()  local
625     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxResource()
644         rc = SELinuxLabelResource(rec, subj, obj, class);  in SELinuxResource()
660     rc = SELinuxDoCheck(subj, obj, class, access_mode, &auditdata);  in SELinuxResource()
666         rc = SELinuxDoCheck(subj, obj, class, DixBlendAccess, &auditdata);  in SELinuxResource()
676     SELinuxSubjectRec *subj;  in SELinuxScreen()  local
682     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxScreen()
688         if (avc_compute_create(subj->sid, subj->sid, SECCLASS_X_SCREEN,  in SELinuxScreen()
699     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SCREEN, access_mode, &auditdata);  in SELinuxScreen()
708     SELinuxSubjectRec *subj;  in SELinuxClient()  local
713     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxClient()
716     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_CLIENT, rec->access_mode,  in SELinuxClient()
726     SELinuxSubjectRec *subj;  in SELinuxServer()  local
731     subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);  in SELinuxServer()
734     rc = SELinuxDoCheck(subj, obj, SECCLASS_X_SERVER, rec->access_mode,  in SELinuxServer()
763     SELinuxSubjectRec *subj;  in SELinuxResourceState()  local
773     subj = dixLookupPrivate(&wClient(pWin)->devPrivates, subjectKey);  in SELinuxResourceState()
775     if (subj->sid) {  in SELinuxResourceState()
777         int rc = avc_sid_to_context_raw(subj->sid, &ctx);  in SELinuxResourceState()