52 	audit_log_untrustedstring(ab, capability_names[sa->u.cap]);  in audit_cb()
59  * @cap: capability tested
68 		      int cap, int error)  in audit_caps()  argument
81 			   !cap_raised(rules->caps.audit, cap)))  in audit_caps()
85 		   cap_raised(rules->caps.kill, cap)) {  in audit_caps()
87 	} else if (cap_raised(rules->caps.quiet, cap) &&  in audit_caps()
97 	if (ad->subj_cred == ent->ad_subj_cred && ktime_get_ns() <= ent->ktime_ns_expiration[cap]) {  in audit_caps()
105 		ent->ktime_ns_expiration[cap] = ktime_get_ns() + AUDIT_CACHE_TIMEOUT_NS;  in audit_caps()
113  * profile_capable - test if profile allows use of capability @cap
115  * @cap: capability to test if allowed
121 static int profile_capable(struct aa_profile *profile, int cap,  in profile_capable()  argument
134 		state = aa_dfa_next(rules->policy->dfa, state, cap >> 5);  in profile_capable()
135 		request = 1 << (cap & 0x1f);  in profile_capable()
150 	if (cap_raised(rules->caps.allow, cap) &&  in profile_capable()
151 	    !cap_raised(rules->caps.denied, cap))  in profile_capable()
159 		/* audit the cap request in complain mode but note that it  in profile_capable()
165 	return audit_caps(ad, profile, cap, error);  in profile_capable()
172  * @cap: capability to be tested
180 	       int cap, unsigned int opts)  in aa_capable()  argument
187 	ad.common.u.cap = cap;  in aa_capable()
189 			profile_capable(profile, cap, opts, &ad));  in aa_capable()