Lines Matching defs:label
37 #include "include/label.h"
82 * prepare new cred label for modification by prepare_cred block
150 struct aa_label *label;
155 label = aa_get_newest_cred_label(cred);
161 if (!unconfined(label)) {
165 label_for_each_confined(i, label, profile) {
175 aa_put_label(label);
183 struct aa_label *label;
186 label = aa_get_newest_cred_label(cred);
187 if (!unconfined(label))
188 error = aa_capable(label, cap, opts);
189 aa_put_label(label);
206 struct aa_label *label;
209 label = __begin_current_label_crit_section();
210 if (!unconfined(label))
211 error = aa_path_perm(op, label, path, 0, mask, cond);
212 __end_current_label_crit_section(label);
339 struct aa_label *label;
345 label = begin_current_label_crit_section();
346 if (!unconfined(label))
347 error = aa_path_link(label, old_dentry, new_dir, new_dentry);
348 end_current_label_crit_section(label);
356 struct aa_label *label;
362 label = begin_current_label_crit_section();
363 if (!unconfined(label)) {
372 error = aa_path_perm(OP_RENAME_SRC, label, &old_path, 0,
377 error = aa_path_perm(OP_RENAME_DEST, label, &new_path,
382 end_current_label_crit_section(label);
405 struct aa_label *label;
421 label = aa_get_newest_cred_label(file->f_cred);
422 if (!unconfined(label)) {
426 error = aa_path_perm(OP_OPEN, label, &file->f_path, 0,
431 aa_put_label(label);
439 struct aa_label *label = begin_current_label_crit_section();
442 rcu_assign_pointer(ctx->label, aa_get_label(label));
443 end_current_label_crit_section(label);
452 aa_put_label(rcu_access_pointer(ctx->label));
458 struct aa_label *label;
465 label = __begin_current_label_crit_section();
466 error = aa_file_perm(op, label, file, mask, in_atomic);
467 __end_current_label_crit_section(label);
532 struct aa_label *label;
541 label = __begin_current_label_crit_section();
542 if (!unconfined(label)) {
544 error = aa_remount(label, path, flags, data);
546 error = aa_bind_mount(label, path, dev_name, flags);
549 error = aa_mount_change_type(label, path, flags);
551 error = aa_move_mount(label, path, dev_name);
553 error = aa_new_mount(label, dev_name, path, type,
556 __end_current_label_crit_section(label);
563 struct aa_label *label;
566 label = __begin_current_label_crit_section();
567 if (!unconfined(label))
568 error = aa_umount(label, mnt, flags);
569 __end_current_label_crit_section(label);
577 struct aa_label *label;
580 label = aa_get_current_label();
581 if (!unconfined(label))
582 error = aa_pivotroot(label, old_path, new_path);
583 aa_put_label(label);
595 struct aa_label *label = NULL;
598 label = aa_get_newest_label(cred_label(cred));
600 label = aa_get_newest_label(ctx->previous);
602 label = aa_get_newest_label(ctx->onexec);
606 if (label)
607 error = aa_getprocattr(label, value);
609 aa_put_label(label);
680 aad(&sa)->label = begin_current_label_crit_section();
684 end_current_label_crit_section(aad(&sa)->label);
694 struct aa_label *label = aa_current_raw_label();
698 if ((new_label->proxy == label->proxy) ||
706 /* reset soft limits and set hard limits for the new label */
707 __aa_transition_rlimits(label, new_label);
724 struct aa_label *label = aa_get_task_label(p);
725 *secid = label->secid;
726 aa_put_label(label);
732 struct aa_label *label = __begin_current_label_crit_section();
735 if (!unconfined(label))
736 error = aa_task_setrlimit(label, task, resource, new_rlim);
737 __end_current_label_crit_section(label);
793 aa_put_label(ctx->label);
807 if (new->label)
808 aa_put_label(new->label);
809 new->label = aa_get_label(ctx->label);
821 struct aa_label *label;
826 label = begin_current_label_crit_section();
827 if (!(kern || unconfined(label)))
829 create_perm(label, family, type, protocol),
830 aa_af_perm(label, OP_CREATE, AA_MAY_CREATE,
832 end_current_label_crit_section(label);
842 * move to a special kernel label
850 struct aa_label *label;
855 label = aa_get_label(ns_unconfined(ns));
858 label = aa_get_current_label();
863 aa_put_label(ctx->label);
864 ctx->label = aa_get_label(label);
866 aa_put_label(label);
1053 * case label is null, drop the packet.
1055 if (!ctx->label)
1058 return apparmor_secmark_check(ctx->label, OP_RECVMSG, AA_MAY_RECEIVE,
1086 struct aa_label *label;
1089 label = begin_current_label_crit_section();
1095 slen = aa_label_asxprint(&name, labels_ns(label), peer,
1116 end_current_label_crit_section(label);
1122 * apparmor_socket_getpeersec_dgram - get security label of packet
1143 * just set sk security information off of current creating process label
1152 if (!ctx->label)
1153 ctx->label = aa_get_current_label();
1165 return apparmor_secmark_check(ctx->label, OP_CONNECT, AA_MAY_CONNECT,
1765 if (!apparmor_secmark_check(ctx->label, OP_SENDMSG, AA_MAY_SEND,