domain.c - OpenGrok cross reference for /kernel/linux/linux-6.6/security/apparmor/domain.c

Lines Matching refs:perms
109  * label_compound_match - find perms for full compound label
110  * @profile: profile to find perms for
116  * @perms: perms struct to set
121  * @perms should be preinitialized with allperms OR a previous permission
127 				struct aa_perms *perms)
146 	*perms = allperms;
158 	*perms = *(aa_lookup_fperms(&(rules->file), state, &cond));
159 	aa_apply_modes_to_perms(profile, perms);
160 	if ((perms->allow & request) != request)
166 	*perms = nullperms;
171  * label_components_match - find perms for all subcomponents of a label
172  * @profile: profile to find perms for
178  * @perms: an initialized perms struct to add accumulation to
183  * @perms should be preinitialized with allperms OR a previous permission
189 				  struct aa_perms *perms)
209 	/* no subcomponents visible - no change in perms */
215 	aa_perms_accum(perms, &tmp);
224 		aa_perms_accum(perms, &tmp);
227 	if ((perms->allow & request) != request)
233 	*perms = nullperms;
245  * @perms: Returns computed perms (NOT NULL)
251 		       struct aa_perms *perms)
255 	*perms = nullperms;
257 				     request, perms);
261 	*perms = allperms;
263 				      request, perms);
273  * @request: requested perms
285 				struct aa_perms *perms)
288 		perms->allow = AA_MAY_CHANGE_PROFILE | AA_MAY_ONEXEC;
289 		perms->audit = perms->quiet = perms->kill = 0;
294 	return label_match(profile, target, stack, start, true, request, perms);
339 			perm = attach->xmatch.perms[index].allow;
424 			perm = attach->xmatch.perms[index].allow;
640 	struct aa_perms perms = {};
673 	state = aa_str_perms(&(rules->file), state, name, cond, &perms);
674 	if (perms.allow & MAY_EXEC) {
676 		new = x_to_label(profile, bprm, name, perms.xindex, &target,
685 			perms.allow &= ~MAY_EXEC;
700 		perms.xindex |= AA_X_UNSAFE;
709 	if (!(perms.xindex & AA_X_UNSAFE)) {
720 	aa_audit_file(subj_cred, profile, &perms, OP_EXEC, MAY_EXEC, name,
740 	struct aa_perms perms = {};
772 	state = aa_str_perms(&(rules->file), state, xname, cond, &perms);
773 	if (!(perms.allow & AA_MAY_ONEXEC)) {
783 				     state, &perms);
785 		perms.allow &= ~AA_MAY_ONEXEC;
789 	if (!(perms.xindex & AA_X_UNSAFE)) {
800 	return aa_audit_file(subj_cred, profile, &perms, OP_EXEC,
1181 	struct aa_perms perms = {};
1276 	perms.kill = AA_MAY_CHANGEHAT;
1280 		aa_audit_file(subj_cred, profile, &perms, OP_CHANGE_HAT,
1292 					u32 request, struct aa_perms *perms)
1302 					     perms);
1304 		error = aa_audit_file(subj_cred, profile, perms, op, request,
1329 	struct aa_perms perms = {};
1404 	 * TODO: currently requiring perms for stacking and straight change
1414 						     request, &perms));
1467 			perms.allow = 0;
1484 				      profile, &perms, op, request, auditname,