Lines Matching refs:profile
106 int aa_profile_af_perm(struct aa_profile *profile, struct common_audit_data *sa, in aa_profile_af_perm() argument
116 if (profile_unconfined(profile)) in aa_profile_af_perm()
118 state = PROFILE_MEDIATES(profile, AA_CLASS_NET); in aa_profile_af_perm()
124 state = aa_dfa_match_len(profile->policy.dfa, state, (char *) &buffer, in aa_profile_af_perm()
126 aa_compute_perms(profile->policy.dfa, state, &perms); in aa_profile_af_perm()
127 aa_apply_modes_to_perms(profile, &perms); in aa_profile_af_perm()
129 return aa_check_perms(profile, &perms, request, sa, audit_net_cb); in aa_profile_af_perm()
135 struct aa_profile *profile; in aa_af_perm() local
138 return fn_for_each_confined(label, profile, in aa_af_perm()
139 aa_profile_af_perm(profile, &sa, request, family, in aa_af_perm()
152 struct aa_profile *profile; in aa_label_sk_perm() local
155 error = fn_for_each_confined(label, profile, in aa_label_sk_perm()
156 aa_profile_af_sk_perm(profile, &sa, request, sk)); in aa_label_sk_perm()
211 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, in aa_secmark_perm() argument
217 if (profile->secmark_count == 0) in aa_secmark_perm()
220 for (i = 0; i < profile->secmark_count; i++) { in aa_secmark_perm()
221 if (!profile->secmark[i].secid) { in aa_secmark_perm()
222 ret = apparmor_secmark_init(&profile->secmark[i]); in aa_secmark_perm()
227 if (profile->secmark[i].secid == secid || in aa_secmark_perm()
228 profile->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
229 if (profile->secmark[i].deny) in aa_secmark_perm()
234 if (profile->secmark[i].audit) in aa_secmark_perm()
239 aa_apply_modes_to_perms(profile, &perms); in aa_secmark_perm()
241 return aa_check_perms(profile, &perms, request, sa, audit_net_cb); in aa_secmark_perm()
247 struct aa_profile *profile; in apparmor_secmark_check() local
250 return fn_for_each_confined(label, profile, in apparmor_secmark_check()
251 aa_secmark_perm(profile, request, secid, in apparmor_secmark_check()