Lines Matching defs:profile
108 int aa_profile_af_perm(struct aa_profile *profile, struct common_audit_data *sa,
118 if (profile_unconfined(profile))
120 state = PROFILE_MEDIATES(profile, AA_CLASS_NET);
126 state = aa_dfa_match_len(profile->policy.dfa, state, (char *) &buffer,
128 aa_compute_perms(profile->policy.dfa, state, &perms);
129 aa_apply_modes_to_perms(profile, &perms);
131 return aa_check_perms(profile, &perms, request, sa, audit_net_cb);
137 struct aa_profile *profile;
140 return fn_for_each_confined(label, profile,
141 aa_profile_af_perm(profile, &sa, request, family,
154 struct aa_profile *profile;
157 error = fn_for_each_confined(label, profile,
158 aa_profile_af_sk_perm(profile, &sa, request, sk));
213 static int aa_secmark_perm(struct aa_profile *profile, u32 request, u32 secid,
219 if (profile->secmark_count == 0)
222 for (i = 0; i < profile->secmark_count; i++) {
223 if (!profile->secmark[i].secid) {
224 ret = apparmor_secmark_init(&profile->secmark[i]);
229 if (profile->secmark[i].secid == secid ||
230 profile->secmark[i].secid == AA_SECID_WILDCARD) {
231 if (profile->secmark[i].deny)
236 if (profile->secmark[i].audit)
241 aa_apply_modes_to_perms(profile, &perms);
243 return aa_check_perms(profile, &perms, request, sa, audit_net_cb);
249 struct aa_profile *profile;
252 return fn_for_each_confined(label, profile,
253 aa_secmark_perm(profile, request, secid,