Lines Matching refs:profile
426 struct aa_profile *profile) in __list_add_profile() argument
428 list_add_rcu(&profile->base.list, list); in __list_add_profile()
430 aa_get_profile(profile); in __list_add_profile()
445 static void __list_remove_profile(struct aa_profile *profile) in __list_remove_profile() argument
447 list_del_rcu(&profile->base.list); in __list_remove_profile()
448 aa_put_profile(profile); in __list_remove_profile()
459 static void __remove_profile(struct aa_profile *profile) in __remove_profile() argument
462 __profile_list_release(&profile->base.profiles); in __remove_profile()
464 __aa_update_replacedby(profile, profile->ns->unconfined); in __remove_profile()
465 __aa_fs_profile_rmdir(profile); in __remove_profile()
466 __list_remove_profile(profile); in __remove_profile()
477 struct aa_profile *profile, *tmp; in __profile_list_release() local
478 list_for_each_entry_safe(profile, tmp, head, base.list) in __profile_list_release()
479 __remove_profile(profile); in __profile_list_release()
567 aa_put_profile(rcu_dereference_protected(r->profile, true)); in free_replacedby()
590 void aa_free_profile(struct aa_profile *profile) in aa_free_profile() argument
592 AA_DEBUG("%s(%p)\n", __func__, profile); in aa_free_profile()
594 if (!profile) in aa_free_profile()
598 policy_destroy(&profile->base); in aa_free_profile()
599 aa_put_profile(rcu_access_pointer(profile->parent)); in aa_free_profile()
601 aa_put_namespace(profile->ns); in aa_free_profile()
602 kzfree(profile->rename); in aa_free_profile()
604 aa_free_file_rules(&profile->file); in aa_free_profile()
605 aa_free_cap_rules(&profile->caps); in aa_free_profile()
606 aa_free_rlimit_rules(&profile->rlimits); in aa_free_profile()
608 kzfree(profile->dirname); in aa_free_profile()
609 aa_put_dfa(profile->xmatch); in aa_free_profile()
610 aa_put_dfa(profile->policy.dfa); in aa_free_profile()
611 aa_put_replacedby(profile->replacedby); in aa_free_profile()
613 kzfree(profile->hash); in aa_free_profile()
614 kzfree(profile); in aa_free_profile()
648 struct aa_profile *profile; in aa_alloc_profile() local
651 profile = kzalloc(sizeof(*profile), GFP_KERNEL); in aa_alloc_profile()
652 if (!profile) in aa_alloc_profile()
655 profile->replacedby = kzalloc(sizeof(struct aa_replacedby), GFP_KERNEL); in aa_alloc_profile()
656 if (!profile->replacedby) in aa_alloc_profile()
658 kref_init(&profile->replacedby->count); in aa_alloc_profile()
660 if (!policy_init(&profile->base, NULL, hname)) in aa_alloc_profile()
662 kref_init(&profile->count); in aa_alloc_profile()
665 return profile; in aa_alloc_profile()
668 kzfree(profile->replacedby); in aa_alloc_profile()
669 kzfree(profile); in aa_alloc_profile()
690 struct aa_profile *profile = NULL; in aa_new_null_profile() local
700 profile = aa_alloc_profile(name); in aa_new_null_profile()
702 if (!profile) in aa_new_null_profile()
705 profile->mode = APPARMOR_COMPLAIN; in aa_new_null_profile()
706 profile->flags = PFLAG_NULL; in aa_new_null_profile()
708 profile->flags |= PFLAG_HAT; in aa_new_null_profile()
711 rcu_assign_pointer(profile->parent, aa_get_profile(parent)); in aa_new_null_profile()
712 profile->ns = aa_get_namespace(parent->ns); in aa_new_null_profile()
714 mutex_lock(&profile->ns->lock); in aa_new_null_profile()
715 __list_add_profile(&parent->base.profiles, profile); in aa_new_null_profile()
716 mutex_unlock(&profile->ns->lock); in aa_new_null_profile()
719 return profile; in aa_new_null_profile()
766 struct aa_profile *profile; in aa_find_child() local
769 profile = aa_get_profile(__find_child(&parent->base.profiles, name)); in aa_find_child()
773 return profile; in aa_find_child()
793 struct aa_profile *profile = NULL; in __lookup_parent() local
799 profile = __strn_find_child(&policy->profiles, hname, in __lookup_parent()
801 if (!profile) in __lookup_parent()
803 policy = &profile->base; in __lookup_parent()
807 if (!profile) in __lookup_parent()
809 return &profile->base; in __lookup_parent()
826 struct aa_profile *profile = NULL; in __lookup_profile() local
830 profile = __strn_find_child(&base->profiles, hname, in __lookup_profile()
832 if (!profile) in __lookup_profile()
835 base = &profile->base; in __lookup_profile()
840 profile = __find_child(&base->profiles, hname); in __lookup_profile()
842 return profile; in __lookup_profile()
854 struct aa_profile *profile; in aa_lookup_profile() local
858 profile = __lookup_profile(&ns->base, hname); in aa_lookup_profile()
859 } while (profile && !aa_get_profile_not0(profile)); in aa_lookup_profile()
863 if (!profile && strcmp(hname, "unconfined") == 0) in aa_lookup_profile()
864 profile = aa_get_newest_profile(ns->unconfined); in aa_lookup_profile()
867 return profile; in aa_lookup_profile()
878 static int replacement_allowed(struct aa_profile *profile, int noreplace, in replacement_allowed() argument
881 if (profile) { in replacement_allowed()
882 if (profile->flags & PFLAG_IMMUTABLE) { in replacement_allowed()
942 struct aa_profile *profile) in __list_lookup_parent() argument
944 const char *base = hname_tail(profile->base.hname); in __list_lookup_parent()
945 long len = base - profile->base.hname; in __list_lookup_parent()
954 if (ent->new == profile) in __list_lookup_parent()
956 if (strncmp(ent->new->base.hname, profile->base.hname, len) == in __list_lookup_parent()
1015 } else if (!rcu_access_pointer(new->replacedby->profile)) in __replace_profile()
1017 rcu_assign_pointer(new->replacedby->profile, in __replace_profile()
1173 rcu_assign_pointer(r->profile, in aa_replace_profiles()
1179 rcu_assign_pointer(ent->new->replacedby->profile, in aa_replace_profiles()
1195 rcu_assign_pointer(ent->new->replacedby->profile, in aa_replace_profiles()
1200 rcu_assign_pointer(ent->new->replacedby->profile, in aa_replace_profiles()
1243 struct aa_profile *profile = NULL; in aa_remove_profiles() local
1277 profile = aa_get_profile(__lookup_profile(&ns->base, name)); in aa_remove_profiles()
1278 if (!profile) { in aa_remove_profiles()
1283 name = profile->base.hname; in aa_remove_profiles()
1284 __remove_profile(profile); in aa_remove_profiles()
1291 aa_put_profile(profile); in aa_remove_profiles()