aa_get_label

类型	参数	名称
struct aa_label *	l

**调用者**
名称	描述
aa_replace_current_label	aa_replace_current_label - replace the current tasks label@label: new label (NOT NULL) Returns: 0 or error on failure
aa_set_current_onexec	aa_set_current_onexec - set the tasks change_profile to happen onexec@label: system label to set at exec (MAYBE NULL to clear value)@stack: whether stacking should be done* Returns: 0 or error on failure
apparmor_bprm_set_creds	apparmor_bprm_set_creds - set the new creds on the bprm struct@bprm: binprm for the exec (NOT NULL) Returns: %0 or error on failure* TODO: once the other paths are done see if we can't refactor into a fn
change_hat	helper fn for changing into a hat* Returns: label for hat transition or ERR_PTR. Does not return NULL
aa_change_hat	aa_change_hat - change hat to/from subprofile@hats: vector of hat names to try changing into (MAYBE NULL if @count == 0)@count: number of hat names in @hats@token: magic value to validate the hat change@flags: flags affecting behavior of the change
aa_change_profile	aa_change_profile - perform a one-way profile transition@fqname: name of profile may include namespace (NOT NULL)@onexec: whether this transition is to take place immediately or at exec*@flags: flags affecting change behavior
apparmor_file_alloc_security
apparmor_sk_clone_security	apparmor_clone_security - clone the sk_security field
apparmor_socket_post_create	apparmor_socket_post_create - setup the per-socket security struct* Note:* - kernel sockets currently labeled unconfined but we may want to* move to a special kernel label* - socket may not have sk here if created with sock_create_lite or* sock_alloc
set_init_ctx	set_init_ctx - set a task context and profile on the first task.* TODO: allow setting an alternate profile than unconfined
aa_alloc_proxy
__aa_proxy_redirect	quires profile list write lock held
__label_insert	__label_insert - attempt to insert @l into a label set@ls: set of labels to insert @l into (NOT NULL)@label: new label to insert (NOT NULL)@replace: whether insertion should replace existing entry that is not stale Requires: @ls->lock* caller to hold
vec_create_and_insert_label	quires sort and merge done first
label_merge_insert	label_merge_insert - create a new label by merging @a and @b@new: preallocated label to merge into (NOT NULL)@a: label to merge with @b (NOT NULL)@b: label to merge with @a (NOT NULL) Requires: preallocated proxy* Returns: ref counted label either
aa_label_strn_parse	aa_label_strn_parse - parse, validate and convert a text string to a label@base: base label to use for lookups (NOT NULL)@str: null terminated text string (NOT NULL)@n: length of str to parse, will stop at \0 if encountered before n@gfp: allocation
__label_update	__label_update - insert updated version of @label into labelset@label - the label to update/replace Returns: new label that is up to date* else NULL on failure* Requires: @ns lock be held* Note: worst case is the stale @label does not get updated and has
aa_get_newest_label	aa_get_newest_label - find the newest version of @l@l: the label to check for newer versions of Returns: refcounted newest version of @l taking into account* replacement, renames and removals* return @l.
aa_alloc_file_ctx	aa_alloc_file_ctx - allocate file_ctx@label: initial label of task creating the file@gfp: gfp flags for allocation* Returns: file_ctx or NULL on failure
aa_dup_task_ctx	aa_dup_task_ctx - duplicate a task context, incrementing reference counts@new: a blank task context (NOT NULL)@old: the task context to copy (NOT NULL)
aa_get_current_label	aa_get_current_label - get the newest version of the current tasks label* Returns: newest version of confining label (NOT NULL)* This fn will not update the tasks cred, so it is safe inside of locks* The returned reference must be put with aa_put_label()

函数逻辑报告