Lines Matching +full:resource +full:- +full:attachments
1 /* SPDX-License-Identifier: GPL-2.0-only */
7 * Copyright (C) 1998-2008 Novell/SUSE
8 * Copyright 2009-2010 Canonical Ltd.
31 #include "resource.h"
44 ((_profile)->mode == (_mode)))
52 #define PROFILE_IS_HAT(_profile) ((_profile)->label.flags & FLAG_HAT)
54 #define CHECK_DEBUG1(_profile) ((_profile)->label.flags & FLAG_DEBUG1)
56 #define CHECK_DEBUG2(_profile) ((_profile)->label.flags & FLAG_DEBUG2)
58 #define profile_is_stale(_profile) (label_is_stale(&(_profile)->label))
60 #define on_list_rcu(X) (!list_empty(X) && (X)->prev != LIST_POISON2)
82 /* struct aa_policydb - match engine for a policy
106 * aa_get_pdb - increment refcount on @pdb
115 kref_get(&(pdb->count)); in aa_get_pdb()
121 * aa_put_pdb - put a pdb refcount
129 kref_put(&pdb->count, aa_pdb_free_kref); in aa_put_pdb()
136 unsigned int index = ACCEPT_TABLE(policy->dfa)[state]; in aa_lookup_perms()
138 if (!(policy->perms)) in aa_lookup_perms()
141 return &(policy->perms[index]); in aa_lookup_perms()
144 /* struct aa_data - generic data structure
157 /* struct aa_ruleset - data covering mediation rules
182 /* struct aa_attachment - data and rules for a profiles attachment
198 /* struct aa_profile - basic confinement data
199 * @base - base components of the profile (name, refcount, lists, lock ...)
218 * @data: hashtable for free-form policy aa_data
219 * @label - label this profile is an extension of
220 * @rules - label with the rule vec on its end
225 * attachments are determined by profile X transition rules.
256 /* special - variable length must be last entry in profile */
266 #define profiles_ns(P) ((P)->ns)
267 #define name_is_shared(A, B) ((A)->hname && (A)->hname == (B)->hname)
289 #define profile_unconfined(X) ((X)->mode == APPARMOR_UNCONFINED)
292 * aa_get_newest_profile - simple wrapper fn to wrap the label version
301 return labels_profile(aa_get_newest_label(&p->label)); in aa_get_newest_profile()
308 return rules->policy->start[class]; in RULE_MEDIATES()
310 return aa_dfa_match_len(rules->policy->dfa, in RULE_MEDIATES()
311 rules->policy->start[0], &class, 1); in RULE_MEDIATES()
339 return label_mediates(&profile->label, class); in profile_mediates()
345 return label_mediates_safe(&profile->label, class); in profile_mediates_safe()
349 * aa_get_profile - increment refcount on profile @p
358 kref_get(&(p->label.count)); in aa_get_profile()
364 * aa_get_profile_not0 - increment refcount on profile @p found via lookup
372 if (p && kref_get_unless_zero(&p->label.count)) in aa_get_profile_not0()
379 * aa_get_profile_rcu - increment a refcount profile that can be replaced
392 } while (c && !kref_get_unless_zero(&c->label.count)); in aa_get_profile_rcu()
399 * aa_put_profile - decrement refcount on profile @p
405 kref_put(&p->label.count, aa_label_kref); in aa_put_profile()
413 return profile->audit; in AUDIT_MODE()