309 static int aa_xattrs_match(const struct linux_binprm *bprm,  in aa_xattrs_match()  argument
318 	if (!bprm || !profile->xattr_count)  in aa_xattrs_match()
324 	d = bprm->file->f_path.dentry;  in aa_xattrs_match()
379 static struct aa_profile *__attach_match(const struct linux_binprm *bprm,  in __attach_match()  argument
421 				ret = aa_xattrs_match(bprm, profile, state);  in __attach_match()
474 static struct aa_label *find_attach(const struct linux_binprm *bprm,  in find_attach()  argument
481 	profile = aa_get_profile(__attach_match(bprm, name, list, info));  in find_attach()
547 				   const struct linux_binprm *bprm,  in x_to_label()  argument
575 			new = find_attach(bprm, ns, &profile->base.profiles,  in x_to_label()
579 			new = find_attach(bprm, ns, &ns->base.profiles,  in x_to_label()
614 					   const struct linux_binprm *bprm,  in profile_transition()  argument
628 	AA_BUG(!bprm);  in profile_transition()
631 	error = aa_path_name(&bprm->file->f_path, profile->path_flags, buffer,  in profile_transition()
640 		name = bprm->filename;  in profile_transition()
645 		new = find_attach(bprm, profile->ns,  in profile_transition()
659 		new = x_to_label(profile, bprm, name, perms.xindex, &target,  in profile_transition()
674 				if (aa_xattrs_match(bprm, component, state) <  in profile_transition()
740 			  bool stack, const struct linux_binprm *bprm,  in profile_onexec()  argument
751 	AA_BUG(!bprm);  in profile_onexec()
764 	error = aa_path_name(&bprm->file->f_path, profile->path_flags, buffer,  in profile_onexec()
772 		xname = bprm->filename;  in profile_onexec()
813 				      const struct linux_binprm *bprm,  in handle_onexec()  argument
823 	AA_BUG(!bprm);  in handle_onexec()
829 					       bprm, buffer, cond, unsafe));  in handle_onexec()
834 				profile_transition(profile, bprm, buffer,  in handle_onexec()
840 				profile_onexec(profile, onexec, stack, bprm,  in handle_onexec()
847 				profile_transition(profile, bprm, buffer,  in handle_onexec()
857 				      AA_MAY_ONEXEC, bprm->filename, NULL,  in handle_onexec()
871 int apparmor_bprm_set_creds(struct linux_binprm *bprm)  in apparmor_bprm_set_creds()  argument
881 		file_inode(bprm->file)->i_uid,  in apparmor_bprm_set_creds()
882 		file_inode(bprm->file)->i_mode  in apparmor_bprm_set_creds()
885 	if (bprm->called_set_creds)  in apparmor_bprm_set_creds()
889 	AA_BUG(!cred_label(bprm->cred));  in apparmor_bprm_set_creds()
892 	label = aa_get_newest_label(cred_label(bprm->cred));  in apparmor_bprm_set_creds()
901 	if ((bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS) && !unconfined(label) &&  in apparmor_bprm_set_creds()
910 				    bprm, buffer, &cond, &unsafe);  in apparmor_bprm_set_creds()
913 				profile_transition(profile, bprm, buffer,  in apparmor_bprm_set_creds()
933 	if ((bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS) &&  in apparmor_bprm_set_creds()
940 	if (bprm->unsafe & LSM_UNSAFE_SHARE) {  in apparmor_bprm_set_creds()
945 	if (bprm->unsafe & (LSM_UNSAFE_PTRACE)) {  in apparmor_bprm_set_creds()
955 				   "label=", bprm->filename);  in apparmor_bprm_set_creds()
959 		bprm->secureexec = 1;  in apparmor_bprm_set_creds()
966 				   "bits. %s label=", bprm->filename);  in apparmor_bprm_set_creds()
970 		bprm->per_clear |= PER_CLEAR_ON_SETID;  in apparmor_bprm_set_creds()
972 	aa_put_label(cred_label(bprm->cred));  in apparmor_bprm_set_creds()
974 	set_cred_label(bprm->cred, new);  in apparmor_bprm_set_creds()
985 				      bprm->filename, NULL, new,  in apparmor_bprm_set_creds()
986 				      file_inode(bprm->file)->i_uid, info,  in apparmor_bprm_set_creds()