Cross Reference: /security/apparmor/lsm.c

Lines Matching defs:profile
119 	struct aa_profile *profile;
124 	profile = aa_cred_profile(cred);
130 	if (!unconfined(profile) && !COMPLAIN_MODE(profile)) {
131 		*effective = cap_intersect(*effective, profile->caps.allow);
132 		*permitted = cap_intersect(*permitted, profile->caps.allow);
142 	struct aa_profile *profile;
146 		profile = aa_cred_profile(cred);
147 		if (!unconfined(profile))
148 			error = aa_capable(profile, cap, audit);
165 	struct aa_profile *profile;
168 	profile = __aa_current_profile();
169 	if (!unconfined(profile))
170 		error = aa_path_perm(op, profile, path, 0, mask, cond);
305 	struct aa_profile *profile;
311 	profile = aa_current_profile();
312 	if (!unconfined(profile))
313 		error = aa_path_link(profile, old_dentry, new_dir, new_dentry);
320 	struct aa_profile *profile;
326 	profile = aa_current_profile();
327 	if (!unconfined(profile)) {
334 		error = aa_path_perm(OP_RENAME_SRC, profile, &old_path, 0,
339 			error = aa_path_perm(OP_RENAME_DEST, profile, &new_path,
379 	struct aa_profile *profile;
395 	profile = aa_cred_profile(cred);
396 	if (!unconfined(profile)) {
400 		error = aa_path_perm(OP_OPEN, profile, &file->f_path, 0,
429 	struct aa_profile *profile, *fprofile = aa_cred_profile(file->f_cred);
438 	profile = __aa_current_profile();
447 	if (!unconfined(profile) && !unconfined(fprofile) &&
448 	    ((fprofile != profile) || (mask & ~fcxt->allow)))
449 		error = aa_file_perm(op, profile, file, mask);
511 	struct aa_profile *profile = NULL;
514 		profile = aa_get_newest_profile(cxt->profile);
516 		profile = aa_get_newest_profile(cxt->previous);
518 		profile = aa_get_newest_profile(cxt->onexec);
522 	if (profile)
523 		error = aa_getprocattr(profile, value);
525 	aa_put_profile(profile);
598 	aad.profile = aa_current_profile();
609 	struct aa_profile *profile = __aa_current_profile();
612 	if (!unconfined(profile))
613 		error = aa_task_setrlimit(profile, task, resource, new_rlim);
878  * set_init_cxt - set a task context and profile on the first task.
880  * TODO: allow setting an alternate profile than unconfined
891 	cxt->profile = aa_get_profile(root_ns->unconfined);
909 		AA_ERROR("Unable to allocate default profile namespace\n");