Lines Matching refs:perms
290 void aa_apply_modes_to_perms(struct aa_profile *profile, struct aa_perms *perms) in aa_apply_modes_to_perms() argument
294 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
297 perms->quiet = 0; in aa_apply_modes_to_perms()
300 perms->audit = 0; in aa_apply_modes_to_perms()
303 perms->quiet = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
308 perms->kill = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
310 perms->complain = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
326 struct aa_perms *perms) in aa_compute_perms() argument
328 *perms = (struct aa_perms) { in aa_compute_perms()
337 perms->allow |= map_other(dfa_other_allow(dfa, state)); in aa_compute_perms()
338 perms->audit |= map_other(dfa_other_audit(dfa, state)); in aa_compute_perms()
339 perms->quiet |= map_other(dfa_other_quiet(dfa, state)); in aa_compute_perms()
382 int type, u32 request, struct aa_perms *perms) in aa_profile_match_label() argument
390 aa_label_match(profile, label, state, false, request, perms); in aa_profile_match_label()
399 struct aa_perms perms; in aa_profile_label_perm() local
405 aa_profile_match_label(profile, &target->label, type, request, &perms); in aa_profile_label_perm()
406 aa_apply_modes_to_perms(profile, &perms); in aa_profile_label_perm()
407 *deny |= request & perms.deny; in aa_profile_label_perm()
408 return aa_check_perms(profile, &perms, request, sa, aa_audit_perms_cb); in aa_profile_label_perm()
429 int aa_check_perms(struct aa_profile *profile, struct aa_perms *perms, in aa_check_perms() argument
434 u32 denied = request & (~perms->allow | perms->deny); in aa_check_perms()
438 request &= perms->audit; in aa_check_perms()
447 if (denied & perms->kill) in aa_check_perms()
449 else if (denied == (denied & perms->complain)) in aa_check_perms()
454 if (denied == (denied & perms->hide)) in aa_check_perms()
457 denied &= ~perms->quiet; in aa_check_perms()