Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\apparmorfs.c Create Date:2022-07-28 19:49:56
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:policy_update

Proto:static ssize_t policy_update(unsigned int mask, const char __user *buf, size_t size, loff_t *pos, struct aa_ns *ns)

Type:ssize_t

Parameter:

TypeParameterName
unsigned intmask
const char __user *buf
size_tsize
loff_t *pos
struct aa_ns *ns
450  label = gin_current_label_crit_section - current's confining label and update it* Returns: up to date confining label or the ns unconfined label (NOT NULL)* Not safe to call inside locks* The returned reference must be put with end_current_label_crit_section()*
455  error = aa_may_manage_policy(label, ns, mask)
456  If error Then Return error
459  data = aa_simple_write_to_buffer - common routine for getting policy from user*@userbuf: user buffer to copy data from (NOT NULL)*@alloc_size: size of user buffer (REQUIRES: @alloc_size >= @copy_size)*@copy_size: size of data to copy from user buffer*@pos:
460  error = PTR_ERR(data)
461  If Not IS_ERR(data) Then
462  error = aa_replace_profiles - replace profile(s) on the profile list*@policy_ns: namespace load is occurring on*@label: label that is attempting to load/replace policy*@mask: permission mask*@udata: serialized data stream (NOT NULL)* unpack and replace a profile
463  aa_put_loaddata(data)
465  d_label_crit_section - put a reference found with begin_current_label..*@label: label reference to put* Should only be used with a reference obtained with* begin_current_label_crit_section and never used in situations where the* task cred may be updated
467  Return error
Caller
NameDescribe
profile_load.load file hook fn to load policy
profile_replace.replace file hook fn to load and/or replace policy