Lines Matching defs:perms

83  * @perms: the permissions computed for the request (NOT NULL)
96 		  struct aa_profile *profile, struct aa_perms *perms,
106 	ad.tags = perms->tag;
116 		u32 mask = perms->audit;
121 		/* mask off perms that are not being force audited */
129 		ad.request = ad.request & ~perms->allow;
132 		if (ad.request & perms->kill)
136 		if ((ad.request & perms->quiet) &&
139 			ad.request &= ~perms->quiet;
145 	ad.denied = ad.request & ~perms->allow;
177  * aa_lookup_condperms - convert dfa compressed perms to internal perms
179  * @rules: the aa_policydb to lookup perms for  (NOT NULL)
192 	if (!(rules->perms))
197 			return &(rules->perms[index]);
198 		return &(rules->perms[index + 1]);
201 	return &(rules->perms[index]);
210  * @perms: Returns - the permissions found when matching @name
216 			struct aa_perms *perms)
220 	*perms = *(aa_lookup_condperms(current_fsuid(), file_rules, state,
229 		   struct aa_perms *perms)
238 		     name, cond, perms);
239 	if (request & ~perms->allow)
242 			     profile, perms, op, request, name, NULL, NULL,
251 			     struct aa_perms *perms)
265 			      flags, perms);
285 	struct aa_perms perms = {};
297 					  request, cond, flags, &perms));
332 	struct aa_perms lperms = {}, perms;
362 	aa_str_perms(rules->file, state, tname, cond, &perms);
367 	lperms.audit = perms.audit;
368 	lperms.quiet = perms.quiet;
369 	lperms.kill = perms.kill;
371 	if (!(perms.allow & AA_MAY_LINK)) {
373 		lperms = perms;
378 	if (!(perms.allow & AA_LINK_SUBSET))
385 		     tname, cond, &perms);
389 	lperms.allow &= perms.allow | AA_MAY_LINK;
391 	request |= AA_AUDIT_FILE_MASK & (lperms.allow & ~perms.allow);
395 		   !xindex_is_subset(lperms.xindex, perms.xindex)) {
489 	struct aa_perms perms = {};
513 					  request, &cond, flags, &perms));
519 		 * TODO: cache full perms so this only happens because of
528 						  &perms));
534 						  &perms));