Lines Matching defs:profile
29 * profiles - each profile is a label
72 /* requires profile list write lock held */
127 * profile_cmp - profile comparison for set ordering
128 * @a: profile to compare (NOT NULL)
129 * @b: profile to compare (NOT NULL)
320 struct aa_profile *profile;
325 label_for_each(i, label, profile) {
326 aa_put_profile(profile);
416 * aa_label_alloc - allocate a label with a profile vector of @size length
417 * @size: size of profile vector in the label
491 * __aa_label_next_not_in_set - return the next profile of @sub not in @set
496 * Returns: profile in @sub that is not in @set, with iterator set pos after
556 * @sub contains an unconfined profile that does not have a matching
954 * aa_label_next_in_merge - find the next profile when merging @a and @b
959 * Returns: next profile
1259 /* match a profile and its associated ns component if needed
1261 * If a subns profile is not to be matched should be prescreened with
1264 static inline aa_state_t match_component(struct aa_profile *profile,
1271 if (profile->ns == tp->ns)
1274 /* try matching with namespace name and then profile */
1275 ns_name = aa_ns_name(profile->ns, tp->ns, true);
1284 * @profile: profile to find perms for
1297 static int label_compound_match(struct aa_profile *profile,
1308 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1310 state = match_component(profile, rules, tp, state);
1322 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1325 state = match_component(profile, rules, tp, state);
1330 aa_apply_modes_to_perms(profile, perms);
1343 * @profile: profile to find perms for
1357 static int label_components_match(struct aa_profile *profile,
1370 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1372 state = match_component(profile, rules, tp, start);
1383 aa_apply_modes_to_perms(profile, &tmp);
1386 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1388 state = match_component(profile, rules, tp, start);
1392 aa_apply_modes_to_perms(profile, &tmp);
1408 * @profile: profile to match against (NOT NULL)
1418 int aa_label_match(struct aa_profile *profile, struct aa_ruleset *rules,
1422 int error = label_compound_match(profile, rules, label, state, subns,
1428 return label_components_match(profile, rules, label, state, subns,
1499 * aa_profile_snxprint - print a profile name to a buffer
1502 * @view: namespace profile is being viewed from
1503 * @profile: profile to view (NOT NULL)
1510 * Note: will not print anything if the profile is not visible
1513 struct aa_profile *profile, int flags,
1519 AA_BUG(!profile);
1522 view = profiles_ns(profile);
1524 if (view != profile->ns &&
1525 (!prev_ns || (*prev_ns != profile->ns))) {
1527 *prev_ns = profile->ns;
1528 ns_name = aa_ns_name(view, profile->ns,
1537 if ((flags & FLAG_SHOW_MODE) && profile != profile->ns->unconfined) {
1538 const char *modestr = aa_profile_mode_names[profile->mode];
1542 profile->base.hname, modestr);
1543 return snprintf(str, size, "%s (%s)", profile->base.hname,
1549 profile->base.hname);
1550 return snprintf(str, size, "%s", profile->base.hname);
1556 struct aa_profile *profile;
1560 label_for_each(i, label, profile) {
1561 if (aa_ns_visible(ns, profile->ns, flags & FLAG_VIEW_SUBNS)) {
1563 if (profile == profile->ns->unconfined)
1570 mode = profile->mode;
1571 else if (mode != profile->mode)
1590 struct aa_profile *profile;
1593 label_for_each(i, label, profile) {
1594 if (aa_ns_visible(ns, profile->ns,
1596 profile != profile->ns->unconfined)
1610 * @ns: namespace profile is being viewed from
1626 struct aa_profile *profile;
1643 label_for_each(i, label, profile) {
1644 if (aa_ns_visible(ns, profile->ns, flags & FLAG_VIEW_SUBNS)) {
1649 len = aa_profile_snxprint(str, size, ns, profile,
1679 * @ns: namespace profile is being viewed from
1708 * @ns: namespace profile is being viewed from
1889 DEFINE_VEC(profile, vec);
1912 error = vec_setup(profile, vec, len, gfp);
1959 vec_cleanup(profile, vec, len);
2065 * while holding the ns_lock will stop profile replacement, removal,