Lines Matching full:cap
49 audit_log_untrustedstring(ab, capability_names[sa->u.cap]); in audit_cb()
56 * @cap: capability tested
65 int cap, int error) in audit_caps() argument
75 !cap_raised(profile->caps.audit, cap))) in audit_caps()
79 cap_raised(profile->caps.kill, cap)) { in audit_caps()
81 } else if (cap_raised(profile->caps.quiet, cap) && in audit_caps()
90 if (profile == ent->profile && cap_raised(ent->caps, cap)) { in audit_caps()
98 cap_raise(ent->caps, cap); in audit_caps()
106 * profile_capable - test if profile allows use of capability @cap
108 * @cap: capability to test if allowed
114 static int profile_capable(struct aa_profile *profile, int cap, in profile_capable() argument
119 if (cap_raised(profile->caps.allow, cap) && in profile_capable()
120 !cap_raised(profile->caps.denied, cap)) in profile_capable()
128 /* audit the cap request in complain mode but note that it in profile_capable()
134 return audit_caps(sa, profile, cap, error); in profile_capable()
140 * @cap: capability to be tested
147 int aa_capable(struct aa_label *label, int cap, unsigned int opts) in aa_capable() argument
153 sa.u.cap = cap; in aa_capable()
155 profile_capable(profile, cap, opts, &sa)); in aa_capable()