Lines Matching refs:profile
108 int aa_profile_af_perm(struct aa_profile *profile, struct common_audit_data *sa, in aa_profile_af_perm() argument
118 if (profile_unconfined(profile)) in aa_profile_af_perm()
120 state = PROFILE_MEDIATES(profile, AA_CLASS_NET); in aa_profile_af_perm()
126 state = aa_dfa_match_len(profile->policy.dfa, state, (char *) &buffer, in aa_profile_af_perm()
128 aa_compute_perms(profile->policy.dfa, state, &perms); in aa_profile_af_perm()
129 aa_apply_modes_to_perms(profile, &perms); in aa_profile_af_perm()
131 return aa_check_perms(profile, &perms, request, sa, audit_net_cb); in aa_profile_af_perm()
137 struct aa_profile *profile; in aa_af_perm() local
140 return fn_for_each_confined(label, profile, in aa_af_perm()
141 aa_profile_af_perm(profile, &sa, request, family, in aa_af_perm()
154 struct aa_profile *profile; in aa_label_sk_perm() local
157 error = fn_for_each_confined(label, profile, in aa_label_sk_perm()
158 aa_profile_af_sk_perm(profile, &sa, request, sk)); in aa_label_sk_perm()
213 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid, in aa_secmark_perm() argument
219 if (profile->secmark_count == 0) in aa_secmark_perm()
222 for (i = 0; i < profile->secmark_count; i++) { in aa_secmark_perm()
223 if (!profile->secmark[i].secid) { in aa_secmark_perm()
224 ret = apparmor_secmark_init(&profile->secmark[i]); in aa_secmark_perm()
229 if (profile->secmark[i].secid == secid || in aa_secmark_perm()
230 profile->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
231 if (profile->secmark[i].deny) in aa_secmark_perm()
236 if (profile->secmark[i].audit) in aa_secmark_perm()
241 aa_apply_modes_to_perms(profile, &perms); in aa_secmark_perm()
243 return aa_check_perms(profile, &perms, request, sa, audit_net_cb); in aa_secmark_perm()
249 struct aa_profile *profile; in apparmor_secmark_check() local
252 return fn_for_each_confined(label, profile, in apparmor_secmark_check()
253 aa_secmark_perm(profile, request, secid, in apparmor_secmark_check()