Searched refs:unconfined (Results 1 – 11 of 11) sorted by relevance
73 if (!tracer || unconfined(tracerp)) in may_change_ptraced_domain()104 if (unconfined(profile)) { in change_profile_perms()372 if (unconfined(profile) || in apparmor_bprm_set_creds()382 if (unconfined(profile)) { in apparmor_bprm_set_creds()435 new_profile = aa_get_newest_profile(ns->unconfined); in apparmor_bprm_set_creds()556 (unconfined(new_cxt->profile))) in apparmor_bprm_committing_creds()633 if (unconfined(profile)) { in aa_change_hat()779 if (task_no_new_privs(current) && !unconfined(profile)) { in aa_change_profile()800 if (unconfined(profile)) in aa_change_profile()801 hname = ns->unconfined->base.hname; in aa_change_profile()
71 if (unconfined(tracer) || tracer == tracee) in aa_may_ptrace()100 if (!unconfined(tracer_p)) { in aa_ptrace()
290 ns->unconfined = aa_alloc_profile("unconfined"); in alloc_namespace()291 if (!ns->unconfined) in alloc_namespace()294 ns->unconfined->flags = PFLAG_IX_ON_NAME_ERROR | in alloc_namespace()296 ns->unconfined->mode = APPARMOR_UNCONFINED; in alloc_namespace()299 ns->unconfined->ns = ns; in alloc_namespace()327 ns->unconfined->ns = NULL; in free_namespace()328 aa_free_profile(ns->unconfined); in free_namespace()464 __aa_update_replacedby(profile, profile->ns->unconfined); in __remove_profile()501 __aa_update_replacedby(ns->unconfined, ns->parent->unconfined); in destroy_namespace()864 profile = aa_get_newest_profile(ns->unconfined); in aa_lookup_profile()
130 if (!unconfined(profile) && !COMPLAIN_MODE(profile)) { in apparmor_capget()147 if (!unconfined(profile)) in apparmor_capable()169 if (!unconfined(profile)) in common_perm()312 if (!unconfined(profile)) in apparmor_path_link()327 if (!unconfined(profile)) { in apparmor_path_rename()396 if (!unconfined(profile)) { in apparmor_file_open()447 if (!unconfined(profile) && !unconfined(fprofile) && in common_file_perm()612 if (!unconfined(profile)) in apparmor_task_setrlimit()891 cxt->profile = aa_get_profile(root_ns->unconfined); in set_init_cxt()
57 if (!unconfined(profile)) in aa_getprocattr()71 if (unconfined(profile)) in aa_getprocattr()
196 if (!unconfined(profile)) in aa_audit()
108 if (unconfined(profile) || (cxt->profile->ns != profile->ns)) in aa_replace_current_profile()
135 struct aa_profile *unconfined; member257 #define unconfined(X) ((X)->mode == APPARMOR_UNCONFINED) macro381 aa_get_profile(ns->unconfined); in aa_get_namespace()395 aa_put_profile(ns->unconfined); in aa_put_namespace()
125 return !unconfined(__aa_task_profile(task)); in __aa_task_is_confined()
6 them run in an unconfined state which is equivalent to standard Linux DAC
227 unconfined712 Another feature of bringup mode is the "unconfined" option. Writing713 a label to /sys/fs/smackfs/unconfined makes subjects with that label715 all subjects. Any access that is granted because a label is unconfined