Searched refs:unconfined (Results 1 – 18 of 18) sorted by relevance
63 struct aa_profile *unconfined; member82 #define ns_unconfined(NS) (&(NS)->unconfined->label)116 aa_get_profile(ns->unconfined); in aa_get_ns()130 aa_put_profile(ns->unconfined); in aa_put_ns()
144 #define unconfined(X) label_unconfined(X) macro
122 ns->unconfined = alloc_unconfined("unconfined"); in alloc_ns()123 if (!ns->unconfined) in alloc_ns()126 ns->unconfined->ns = ns; in alloc_ns()157 ns->unconfined->ns = NULL; in aa_free_ns()158 aa_free_profile(ns->unconfined); in aa_free_ns()416 root_ns->unconfined->ns = aa_get_ns(root_ns); in aa_alloc_root_ns()
166 if (!unconfined(label)) { in apparmor_capget()195 if (!unconfined(label)) in apparmor_capable()218 if (!unconfined(label)) in common_perm()365 if (!unconfined(label)) in apparmor_path_link()386 if (!unconfined(label)) { in apparmor_path_rename()471 if (!unconfined(label)) { in apparmor_file_open()598 if (!unconfined(label)) { in apparmor_sb_mount()628 if (!unconfined(label)) in apparmor_move_mount()642 if (!unconfined(label)) in apparmor_sb_umount()656 if (!unconfined(label)) in apparmor_sb_pivotroot()[all …]
61 if (!tracer || unconfined(tracerl)) in may_change_ptraced_domain()902 if ((bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS) && !unconfined(label) && in apparmor_bprm_creds_for_exec()941 !unconfined(label) && in apparmor_bprm_creds_for_exec()1197 if (task_no_new_privs(current) && !unconfined(label) && !ctx->nnp) in aa_change_hat()1200 if (unconfined(label)) { in aa_change_hat()1225 if (task_no_new_privs(current) && !unconfined(label) && in aa_change_hat()1246 if (task_no_new_privs(current) && !unconfined(label) && in aa_change_hat()1348 if (task_no_new_privs(current) && !unconfined(label) && !ctx->nnp) in aa_change_profile()1447 if (task_no_new_privs(current) && !unconfined(label) && in aa_change_profile()
70 if (unconfined(label) || (labels_ns(old) != labels_ns(label))) in aa_replace_current_label()251 if (profile_unconfined(tracee) || unconfined(tracer) || in profile_tracee_perm()
160 if (ctx->label != kernel_t && !unconfined(label)) { in aa_label_sk_perm()209 label = aa_label_strn_parse(&root_ns->unconfined->label, in apparmor_secmark_init()
97 label = aa_label_strn_parse(&root_ns->unconfined->label, secdata, in apparmor_secctx_to_secid()
239 rule->label = aa_label_parse(&root_ns->unconfined->label, rulestr, in aa_audit_rule_init()
610 if (unconfined(label) || unconfined(flabel) || in aa_file_perm()
1537 if ((flags & FLAG_SHOW_MODE) && profile != profile->ns->unconfined) { in aa_profile_snxprint()1563 if (profile == profile->ns->unconfined) in label_modename()1596 profile != profile->ns->unconfined) in display_mode()1900 base != &root_ns->unconfined->label)) in aa_label_strn_parse()
540 profile = aa_get_newest_profile(ns->unconfined); in aa_lookupn_profile()571 profile = aa_get_newest_profile(ns->unconfined); in aa_fqlookupn_profile()
19 file://selinux-ls-unconfined.sh"38 install -m 0755 ${S}/selinux-ls-unconfined.sh ${D}${bindir}
11 them run in an unconfined state which is equivalent to standard Linux DAC
309 unconfined856 Another feature of bringup mode is the "unconfined" option. Writing857 a label to /sys/fs/smackfs/unconfined makes subjects with that label859 all subjects. Any access that is granted because a label is unconfined
216 --security-opt seccomp=unconfined \
86 …- selinux-ls-unconfined.sh : This script scans the running processes and looks for anything label…87 …hese both mean that there are daemons that do not have policy and are therefore running unconfined.
[all...]