Lines Matching defs:profile
99 * aa_mangle_name - mangle a profile name to std profile layout form
100 * @name: profile name to mangle (NOT NULL)
608 static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms,
615 if (profile_unconfined(profile))
617 if (profile->file.dfa && *match_str == AA_CLASS_FILE) {
618 dfa = profile->file.dfa;
619 state = aa_dfa_match_len(dfa, profile->file.start,
626 } else if (profile->policy.dfa) {
627 if (!PROFILE_MEDIATES(profile, *match_str))
629 dfa = profile->policy.dfa;
630 state = aa_dfa_match_len(dfa, profile->policy.start[0],
635 aa_apply_modes_to_perms(profile, &tmp);
665 struct aa_profile *profile;
700 label_for_each_confined(i, label, profile) {
701 if (!profile->data)
704 data = rhashtable_lookup_fast(profile->data, &key,
705 profile->data->p);
754 struct aa_profile *profile;
771 * profile name and dfa string. profile_name_len is greater
786 label_for_each_in_ns(i, labels_ns(label), label, profile) {
787 profile_query_cb(profile, &perms, match_str, match_len);
790 label_for_each(i, label, profile) {
791 profile_query_cb(profile, &perms, match_str, match_len);
905 #define QUERY_CMD_PROFILE "profile\0"
924 * profile query specific format described in the query_label() function
1026 * profile based file operations
1070 struct aa_profile *profile = labels_profile(label);
1071 seq_printf(seq, "%s\n", profile->base.name);
1081 struct aa_profile *profile = labels_profile(label);
1082 seq_printf(seq, "%s\n", aa_profile_mode_names[profile->mode]);
1092 struct aa_profile *profile = labels_profile(label);
1093 if (profile->attach)
1094 seq_printf(seq, "%s\n", profile->attach);
1095 else if (profile->xmatch)
1098 seq_printf(seq, "%s\n", profile->base.name);
1108 struct aa_profile *profile = labels_profile(label);
1111 if (profile->hash) {
1113 seq_printf(seq, "%.2x", profile->hash[i]);
1160 struct aa_profile *profile;
1167 label_for_each(it, label, profile)
1168 if (profile->ns != labels_ns(label)) {
1499 /** fns to setup dynamic per profile/namespace files **/
1503 * Requires: @profile->ns->lock held
1505 void __aafs_profile_rmdir(struct aa_profile *profile)
1510 if (!profile)
1513 list_for_each_entry(child, &profile->base.profiles, base.list)
1518 if (!profile->dents[i])
1521 proxy = d_inode(profile->dents[i])->i_private;
1522 aafs_remove(profile->dents[i]);
1524 profile->dents[i] = NULL;
1550 struct aa_profile *profile,
1553 struct aa_proxy *proxy = aa_get_proxy(profile->label.proxy);
1563 static int profile_depth(struct aa_profile *profile)
1568 for (depth = 0; profile; profile = rcu_access_pointer(profile->parent))
1612 struct aa_profile *profile;
1620 profile = labels_profile(label);
1621 depth = profile_depth(profile);
1622 target = gen_symlink_name(depth, profile->rawdata->name, name);
1667 * Requires: @profile->ns->lock held
1669 int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
1675 AA_BUG(!profile);
1676 AA_BUG(!mutex_is_locked(&profiles_ns(profile)->lock));
1680 p = aa_deref_parent(profile);
1693 if (!profile->dirname) {
1695 len = mangle_name(profile->base.name, NULL);
1696 id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
1698 profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
1699 if (!profile->dirname) {
1704 mangle_name(profile->base.name, profile->dirname);
1705 sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);
1708 dent = aafs_create_dir(profile->dirname, parent);
1711 prof_dir(profile) = dir = dent;
1713 dent = create_profile_file(dir, "name", profile,
1717 profile->dents[AAFS_PROF_NAME] = dent;
1719 dent = create_profile_file(dir, "mode", profile,
1723 profile->dents[AAFS_PROF_MODE] = dent;
1725 dent = create_profile_file(dir, "attach", profile,
1729 profile->dents[AAFS_PROF_ATTACH] = dent;
1731 if (profile->hash) {
1732 dent = create_profile_file(dir, "sha1", profile,
1736 profile->dents[AAFS_PROF_HASH] = dent;
1739 if (profile->rawdata) {
1741 profile->label.proxy, NULL, NULL,
1745 aa_get_proxy(profile->label.proxy);
1746 profile->dents[AAFS_PROF_RAW_HASH] = dent;
1749 profile->label.proxy, NULL, NULL,
1753 aa_get_proxy(profile->label.proxy);
1754 profile->dents[AAFS_PROF_RAW_ABI] = dent;
1757 profile->label.proxy, NULL, NULL,
1761 aa_get_proxy(profile->label.proxy);
1762 profile->dents[AAFS_PROF_RAW_DATA] = dent;
1765 list_for_each_entry(child, &profile->base.profiles, base.list) {
1766 error = __aafs_profile_mkdir(child, prof_child_dir(profile));
1777 __aafs_profile_rmdir(profile);
2102 * __first_profile - find the first profile in a namespace
2106 * Returns: unrefcounted profile or NULL if no profile
2107 * Requires: profile->ns.lock to be held
2124 * __next_profile - step to the next profile in a profile tree
2125 * @profile: current profile in tree (NOT NULL)
2127 * Perform a depth first traversal on the profile tree in a namespace
2129 * Returns: next profile or NULL if done
2130 * Requires: profile->ns.lock to be held
2139 /* is next profile a child */
2144 /* is next profile a sibling, parent sibling, gp, sibling, .. */
2156 /* is next another profile in the namespace */
2165 * next_profile - step to the next profile in where ever it may be
2167 * @profile: current profile (NOT NULL)
2169 * Returns: next profile or NULL if there isn't one
2172 struct aa_profile *profile)
2174 struct aa_profile *next = __next_profile(profile);
2179 return __first_profile(root, __next_ns(root, profile->ns));
2183 * p_start - start a depth first traversal of profile tree
2187 * Returns: first profile under current namespace or NULL if none found
2193 struct aa_profile *profile = NULL;
2198 /* find the first profile */
2200 profile = __first_profile(root, root);
2203 for (; profile && l > 0; l--)
2204 profile = next_profile(root, profile);
2206 return profile;
2210 * p_next - read the next profile entry
2212 * @p: profile previously returned
2215 * Returns: next profile after @p or NULL if none
2221 struct aa_profile *profile = p;
2225 return next_profile(ns, profile);
2231 * @p: the last profile writen
2237 struct aa_profile *profile = p;
2240 if (profile) {
2241 for (ns = profile->ns; ns && ns != root; ns = ns->parent)
2249 * seq_show_profile - show a profile entry
2251 * @p: current position (profile) (NOT NULL)
2257 struct aa_profile *profile = (struct aa_profile *)p;
2260 aa_label_seq_xprint(f, root, &profile->label,
2352 AA_SFS_FILE_BOOLEAN("profile", 1),
2662 /* TODO: add default profile to apparmorfs */