Searched refs:unconfined (Results 1 – 15 of 15) sorted by relevance
63 struct aa_profile *unconfined; member82 #define ns_unconfined(NS) (&(NS)->unconfined->label)113 aa_get_profile(ns->unconfined); in aa_get_ns()127 aa_put_profile(ns->unconfined); in aa_put_ns()
144 #define unconfined(X) label_unconfined(X) macro
122 ns->unconfined = alloc_unconfined("unconfined"); in alloc_ns()123 if (!ns->unconfined) in alloc_ns()126 ns->unconfined->ns = ns; in alloc_ns()157 ns->unconfined->ns = NULL; in aa_free_ns()158 aa_free_profile(ns->unconfined); in aa_free_ns()379 root_ns->unconfined->ns = aa_get_ns(root_ns); in aa_alloc_root_ns()
61 if (!tracer || unconfined(tracerl)) in may_change_ptraced_domain()904 if ((bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS) && !unconfined(label) && in apparmor_bprm_creds_for_exec()943 !unconfined(label) && in apparmor_bprm_creds_for_exec()1199 if (task_no_new_privs(current) && !unconfined(label) && !ctx->nnp) in aa_change_hat()1202 if (unconfined(label)) { in aa_change_hat()1227 if (task_no_new_privs(current) && !unconfined(label) && in aa_change_hat()1248 if (task_no_new_privs(current) && !unconfined(label) && in aa_change_hat()1352 if (task_no_new_privs(current) && !unconfined(label) && !ctx->nnp) in aa_change_profile()1378 if (!stack && unconfined(label) && in aa_change_profile()1379 label == &labels_ns(label)->unconfined->label && in aa_change_profile()[all …]
174 if (!unconfined(label)) { in apparmor_capget()203 if (!unconfined(label)) in apparmor_capable()226 if (!unconfined(label)) in common_perm()373 if (!unconfined(label)) in apparmor_path_link()394 if (!unconfined(label)) { in apparmor_path_rename()482 if (!unconfined(label)) { in apparmor_file_open()717 if (!unconfined(label)) { in apparmor_sb_mount()747 if (!unconfined(label)) in apparmor_move_mount()761 if (!unconfined(label)) in apparmor_sb_umount()775 if (!unconfined(label)) in apparmor_sb_pivotroot()[all …]
70 if (unconfined(label) || (labels_ns(old) != labels_ns(label))) in aa_replace_current_label()248 if (profile_unconfined(tracee) || unconfined(tracer) || in profile_tracee_perm()
160 if (ctx->label != kernel_t && !unconfined(label)) { in aa_label_sk_perm()209 label = aa_label_strn_parse(&root_ns->unconfined->label, in apparmor_secmark_init()
97 label = aa_label_strn_parse(&root_ns->unconfined->label, secdata, in apparmor_secctx_to_secid()
239 rule->label = aa_label_parse(&root_ns->unconfined->label, rulestr, in aa_audit_rule_init()
597 if (unconfined(label) || unconfined(flabel) || in aa_file_perm()
1539 if ((flags & FLAG_SHOW_MODE) && profile != profile->ns->unconfined) { in aa_profile_snxprint()1565 if (profile == profile->ns->unconfined) in label_modename()1598 profile != profile->ns->unconfined) in display_mode()1902 base != &root_ns->unconfined->label)) in aa_label_strn_parse()
577 profile = aa_get_newest_profile(ns->unconfined); in aa_lookupn_profile()608 profile = aa_get_newest_profile(ns->unconfined); in aa_fqlookupn_profile()
11 them run in an unconfined state which is equivalent to standard Linux DAC
309 unconfined856 Another feature of bringup mode is the "unconfined" option. Writing857 a label to /sys/fs/smackfs/unconfined makes subjects with that label859 all subjects. Any access that is granted because a label is unconfined
338 …=0 tty=pts0 ses=2 comm="ld-linux.so" exe="/tmp/ipe-test/lib/ld-linux.so" subj=unconfined key=(null)342 …test" exe="/root/overlake_test/upstream_test/vol_fsverity/bin/mmap_test" subj=unconfined key=(null)