Lines Matching refs:profile
67 static int audit_caps(struct apparmor_audit_data *ad, struct aa_profile *profile, in audit_caps() argument
72 struct aa_ruleset *rules = profile->label.rules[0]; in audit_caps()
80 if (likely((AUDIT_MODE(profile) != AUDIT_ALL) && in audit_caps()
84 } else if (KILL_MODE(profile) || in audit_caps()
88 AUDIT_MODE(profile) != AUDIT_NOQUIET && in audit_caps()
89 AUDIT_MODE(profile) != AUDIT_ALL) { in audit_caps()
99 if (COMPLAIN_MODE(profile)) in audit_caps()
109 return aa_audit(type, profile, ad, audit_cb); in audit_caps()
121 static int profile_capable(struct aa_profile *profile, int cap, in profile_capable() argument
124 struct aa_ruleset *rules = profile->label.rules[0]; in profile_capable()
137 aa_apply_modes_to_perms(profile, &perms); in profile_capable()
145 return aa_check_perms(profile, &perms, request, ad, in profile_capable()
157 if (!COMPLAIN_MODE(profile)) in profile_capable()
165 return audit_caps(ad, profile, cap, error); in profile_capable()
182 struct aa_profile *profile; in aa_capable() local
188 error = fn_for_each_confined(label, profile, in aa_capable()
189 profile_capable(profile, cap, opts, &ad)); in aa_capable()
194 kernel_cap_t aa_profile_capget(struct aa_profile *profile) in aa_profile_capget() argument
196 struct aa_ruleset *rules = profile->label.rules[0]; in aa_profile_capget()
211 aa_apply_modes_to_perms(profile, &perms); in aa_profile_capget()
219 if (COMPLAIN_MODE(profile)) in aa_profile_capget()