Lines Matching refs:profile
29 * profiles - each profile is a label
72 /* requires profile list write lock held */
127 * profile_cmp - profile comparison for set ordering
128 * @a: profile to compare (NOT NULL)
129 * @b: profile to compare (NOT NULL)
322 struct aa_profile *profile;
327 label_for_each(i, label, profile) {
328 aa_put_profile(profile);
418 * aa_label_alloc - allocate a label with a profile vector of @size length
419 * @size: size of profile vector in the label
493 * __aa_label_next_not_in_set - return the next profile of @sub not in @set
498 * Returns: profile in @sub that is not in @set, with iterator set pos after
558 * @sub contains an unconfined profile that does not have a matching
939 * aa_label_next_in_merge - find the next profile when merging @a and @b
944 * Returns: next profile
1243 /* match a profile and its associated ns component if needed
1245 * If a subns profile is not to be matched should be prescreened with
1248 static inline aa_state_t match_component(struct aa_profile *profile,
1255 if (profile->ns == tp->ns)
1258 /* try matching with namespace name and then profile */
1259 ns_name = aa_ns_name(profile->ns, tp->ns, true);
1268 * @profile: profile to find perms for
1282 static int label_compound_match(struct aa_profile *profile,
1293 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1295 state = match_component(profile, rules, tp, state);
1307 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1310 state = match_component(profile, rules, tp, state);
1315 aa_apply_modes_to_perms(profile, perms);
1328 * @profile: profile to find perms for
1342 static int label_components_match(struct aa_profile *profile,
1355 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1357 state = match_component(profile, rules, tp, start);
1368 aa_apply_modes_to_perms(profile, &tmp);
1371 if (!aa_ns_visible(profile->ns, tp->ns, subns))
1373 state = match_component(profile, rules, tp, start);
1377 aa_apply_modes_to_perms(profile, &tmp);
1393 * @profile: profile to match against (NOT NULL)
1403 int aa_label_match(struct aa_profile *profile, struct aa_ruleset *rules,
1407 int error = label_compound_match(profile, rules, label, state, subns,
1413 return label_components_match(profile, rules, label, state, subns,
1484 * aa_profile_snxprint - print a profile name to a buffer
1487 * @view: namespace profile is being viewed from
1488 * @profile: profile to view (NOT NULL)
1495 * Note: will not print anything if the profile is not visible
1498 struct aa_profile *profile, int flags,
1504 AA_BUG(!profile);
1507 view = profiles_ns(profile);
1509 if (view != profile->ns &&
1510 (!prev_ns || (*prev_ns != profile->ns))) {
1512 *prev_ns = profile->ns;
1513 ns_name = aa_ns_name(view, profile->ns,
1522 if ((flags & FLAG_SHOW_MODE) && profile != profile->ns->unconfined) {
1523 const char *modestr = aa_profile_mode_names[profile->mode];
1527 profile->base.hname, modestr);
1528 return snprintf(str, size, "%s (%s)", profile->base.hname,
1534 profile->base.hname);
1535 return snprintf(str, size, "%s", profile->base.hname);
1541 struct aa_profile *profile;
1545 label_for_each(i, label, profile) {
1546 if (aa_ns_visible(ns, profile->ns, flags & FLAG_VIEW_SUBNS)) {
1548 if (profile == profile->ns->unconfined)
1555 mode = profile->mode;
1556 else if (mode != profile->mode)
1575 struct aa_profile *profile;
1578 label_for_each(i, label, profile) {
1579 if (aa_ns_visible(ns, profile->ns,
1581 profile != profile->ns->unconfined)
1595 * @ns: namespace profile is being viewed from
1611 struct aa_profile *profile;
1628 label_for_each(i, label, profile) {
1629 if (aa_ns_visible(ns, profile->ns, flags & FLAG_VIEW_SUBNS)) {
1634 len = aa_profile_snxprint(str, size, ns, profile,
1664 * @ns: namespace profile is being viewed from
1693 * @ns: namespace profile is being viewed from
1858 DEFINE_VEC(profile, vec);
1881 error = vec_setup(profile, vec, len, gfp);
1928 vec_cleanup(profile, vec, len);
2034 * while holding the ns_lock will stop profile replacement, removal,