33 	struct aa_profile *profile;  member
55  * @profile: profile being tested for confinement (NOT NULL)
64 static int audit_caps(struct apparmor_audit_data *ad, struct aa_profile *profile,  in audit_caps()  argument
67 	struct aa_ruleset *rules = list_first_entry(&profile->rules,  in audit_caps()
76 		if (likely((AUDIT_MODE(profile) != AUDIT_ALL) &&  in audit_caps()
80 	} else if (KILL_MODE(profile) ||  in audit_caps()
84 		   AUDIT_MODE(profile) != AUDIT_NOQUIET &&  in audit_caps()
85 		   AUDIT_MODE(profile) != AUDIT_ALL) {  in audit_caps()
92 	if (profile == ent->profile && cap_raised(ent->caps, cap)) {  in audit_caps()
94 		if (COMPLAIN_MODE(profile))  in audit_caps()
98 		aa_put_profile(ent->profile);  in audit_caps()
99 		if (profile != ent->profile)  in audit_caps()
101 		ent->profile = aa_get_profile(profile);  in audit_caps()
106 	return aa_audit(type, profile, ad, audit_cb);  in audit_caps()
110  * profile_capable - test if profile allows use of capability @cap
111  * @profile: profile being enforced    (NOT NULL, NOT unconfined)
118 static int profile_capable(struct aa_profile *profile, int cap,  in profile_capable()  argument
121 	struct aa_ruleset *rules = list_first_entry(&profile->rules,  in profile_capable()
132 		if (!COMPLAIN_MODE(profile))  in profile_capable()
140 	return audit_caps(ad, profile, cap, error);  in profile_capable()
150  * Look up capability in profile capability set.
157 	struct aa_profile *profile;  in aa_capable()  local
163 	error = fn_for_each_confined(label, profile,  in aa_capable()
164 			profile_capable(profile, cap, opts, &ad));  in aa_capable()