policy_unpack.c - OpenGrok cross reference for /linux/security/apparmor/policy

Lines Matching defs:rules
620 static bool unpack_secmark(struct aa_ext *e, struct aa_ruleset *rules)
630 		rules->secmark = kzalloc_objs(struct aa_secmark, size);
631 		if (!rules->secmark)
634 		rules->secmark_count = size;
637 			if (!unpack_u8(e, &rules->secmark[i].audit, NULL))
639 			if (!unpack_u8(e, &rules->secmark[i].deny, NULL))
641 			if (!aa_unpack_strdup(e, &rules->secmark[i].label, NULL))
653 	if (rules->secmark) {
655 			kfree_sensitive(rules->secmark[i].label);
656 		kfree_sensitive(rules->secmark);
657 		rules->secmark_count = 0;
658 		rules->secmark = NULL;
665 static bool unpack_rlimits(struct aa_ext *e, struct aa_ruleset *rules)
676 		rules->rlimits.mask = tmp;
686 			rules->rlimits.limits[a].rlim_max = tmp2;
1116 	struct aa_ruleset *rules;
1159 	rules = profile->label.rules[0];
1248 	if (!aa_unpack_cap_low(e, &rules->caps.allow, NULL))
1250 	if (!aa_unpack_cap_low(e, &rules->caps.audit, NULL))
1252 	if (!aa_unpack_cap_low(e, &rules->caps.quiet, NULL))
1260 		if (!aa_unpack_cap_high(e, &rules->caps.allow, NULL))
1262 		if (!aa_unpack_cap_high(e, &rules->caps.audit, NULL))
1264 		if (!aa_unpack_cap_high(e, &rules->caps.quiet, NULL))
1275 		if (!aa_unpack_cap_low(e, &rules->caps.extended, NULL))
1277 		if (!aa_unpack_cap_high(e, &rules->caps.extended, NULL))
1288 	if (!unpack_rlimits(e, rules)) {
1293 	if (!unpack_secmark(e, rules)) {
1294 		info = "failed to unpack profile secmark rules";
1301 		error = unpack_pdb(e, &rules->policy, true, false,
1306 		if (aa_dfa_next(rules->policy->dfa, rules->policy->start[0],
1308 			rules->policy->start[AA_CLASS_FILE] =
1309 			  aa_dfa_next(rules->policy->dfa,
1310 				      rules->policy->start[0],
1314 		if (!rules->policy->perms) {
1315 			error = aa_compat_map_policy(rules->policy,
1323 		rules->policy = aa_get_pdb(nullpdb);
1325 	/* get file rules */
1326 	error = unpack_pdb(e, &rules->file, false, true, &info);
1329 	} else if (rules->file->dfa) {
1330 		if (!rules->file->perms) {
1332 			error = aa_compat_map_file(rules->file);
1338 	} else if (rules->policy->dfa &&
1339 		   rules->policy->start[AA_CLASS_FILE]) {
1340 		aa_put_pdb(rules->file);
1341 		rules->file = aa_get_pdb(rules->policy);
1343 		aa_put_pdb(rules->file);
1344 		rules->file = aa_get_pdb(nullpdb);
1560 	struct aa_ruleset *rules = profile->label.rules[0];
1562 	if (!rules)
1565 	if (rules->file->dfa && !verify_dfa_accept_index(rules->file->dfa,
1566 							rules->file->size)) {
1572 	if (rules->policy->dfa &&
1573 	    !verify_dfa_accept_index(rules->policy->dfa, rules->policy->size)) {
1580 	if (!verify_perms(rules->file)) {
1585 	if (!verify_perms(rules->policy)) {