Lines Matching refs:rules
254 struct aa_ruleset *rules = profile->label.rules[0]; in aa_profile_af_perm() local
264 state = RULE_MEDIATES_NET(rules); in aa_profile_af_perm()
267 state = aa_match_to_prot(rules->policy, state, request, family, type, in aa_profile_af_perm()
269 return aa_do_perms(profile, rules->policy, state, request, p, ad); in aa_profile_af_perm()
364 struct aa_ruleset *rules = profile->label.rules[0]; in aa_secmark_perm() local
366 if (rules->secmark_count == 0) in aa_secmark_perm()
369 for (i = 0; i < rules->secmark_count; i++) { in aa_secmark_perm()
370 if (!rules->secmark[i].secid) { in aa_secmark_perm()
371 ret = apparmor_secmark_init(&rules->secmark[i]); in aa_secmark_perm()
376 if (rules->secmark[i].secid == secid || in aa_secmark_perm()
377 rules->secmark[i].secid == AA_SECID_WILDCARD) { in aa_secmark_perm()
378 if (rules->secmark[i].deny) in aa_secmark_perm()
383 if (rules->secmark[i].audit) in aa_secmark_perm()