Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\include\label.h Create Date:2022-07-28 19:48:50
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:aa_put_label

Proto:static inline void aa_put_label(struct aa_label *l)

Type:void

Parameter:

TypeParameterName
struct aa_label *l
442  If l Then kref_put - decrement refcount for object.*@kref: object.*@release: pointer to the function that will clean up the object when the* last reference to the object is released.* This pointer is required, and it is not acceptable to pass kfree
Caller
NameDescribe
query_dataquery_data - queries a policy and writes its data to buf*@buf: the resulting data is stored here (NOT NULL)*@buf_len: size of buf*@query: query string used to retrieve data*@query_len: size of query including second NUL byte
query_labelquery_label - queries a label and writes permissions to buf*@buf: the resulting permissions string is stored here (NOT NULL)*@buf_len: size of buf*@query: binary query string to match against the dfa*@query_len: size of query*@view_only: only compute for
seq_profile_name_show
seq_profile_mode_show
seq_profile_attach_show
seq_profile_hash_show
rawdata_get_link_base
aa_audit_rule_free
aa_replace_current_labelaa_replace_current_label - replace the current tasks label*@label: new label (NOT NULL)* Returns: 0 or error on failure
aa_set_current_onexecaa_set_current_onexec - set the tasks change_profile to happen onexec*@label: system label to set at exec (MAYBE NULL to clear value)*@stack: whether stacking should be done* Returns: 0 or error on failure
aa_set_current_hataa_set_current_hat - set the current tasks hat*@label: label to set as the current hat (NOT NULL)*@token: token value that must be specified to change from the hat* Do switch of tasks hat
aa_restore_previous_labelaa_restore_previous_label - exit from hat context restoring previous label*@token: the token that must be matched to exit hat context* Attempt to return out of a hat to the previous label
may_change_ptraced_domainmay_change_ptraced_domain - check if can change profile on ptraced task*@to_label: profile to change to (NOT NULL)*@info: message if there is an error* Check if current is ptraced and if so if the tracing task is allowed* to trace the new domain* Returns:
x_to_labelx_to_label - get target label for a given xindex*@profile: current profile (NOT NULL)*@bprm: binprm structure of transitioning task*@name: name to lookup (NOT NULL)*@xindex: index into x transition table*@lookupname: returns: name used in lookup if one
profile_transition
apparmor_bprm_set_credsapparmor_bprm_set_creds - set the new creds on the bprm struct*@bprm: binprm for the exec (NOT NULL)* Returns: %0 or error on failure* TODO: once the other paths are done see if we can't refactor into a fn
aa_change_hataa_change_hat - change hat to/from subprofile*@hats: vector of hat names to try changing into (MAYBE NULL if @count == 0)*@count: number of hat names in @hats*@token: magic value to validate the hat change*@flags: flags affecting behavior of the change
aa_change_profileaa_change_profile - perform a one-way profile transition*@fqname: name of profile may include namespace (NOT NULL)*@onexec: whether this transition is to take place immediately or at exec*@flags: flags affecting change behavior
__add_profile__add_profile - add a profiles to list and label tree*@list: list to add it to (NOT NULL)*@profile: the profile to add (NOT NULL)* refcount @profile, should be put by __list_remove_profile* Requires: namespace lock be held, or list not be shared
apparmor_cred_freeput the associated labels
apparmor_ptrace_access_check
apparmor_ptrace_traceme
apparmor_capgetDerived from security/commoncap.c:cap_capget
apparmor_capable
apparmor_file_open
apparmor_file_free_security
apparmor_sb_pivotroot
apparmor_getprocattr
apparmor_task_getsecid
apparmor_task_kill
apparmor_sk_free_securityapparmor_sk_free_security - free the sk_security field
apparmor_socket_post_createapparmor_socket_post_create - setup the per-socket security struct* Note:* - kernel sockets currently labeled unconfined but we may want to* move to a special kernel label* - socket may not have sk here if created with sock_create_lite or* sock_alloc
aa_task_setrlimitaa_task_setrlimit - test permission to set an rlimit*@label - label confining the task (NOT NULL)*@task - task the resource is being set on*@resource - the resource being set*@new_rlim - the new resource limit (NOT NULL)
update_file_ctx
aa_file_permaa_file_perm - do permission revalidation check & audit for @file*@op: operation being checked*@label: label being enforced (NOT NULL)*@file: file to revalidate access permissions on (NOT NULL)*@request: requested permissions*@in_atomic: whether
aa_inherit_filesased on selinux's flush_unauthorized_files
free_proxy
__aa_proxy_redirectquires profile list write lock held
label_free_or_put_new
aa_label_replaceaa_label_replace - replace a label @old with a new version @new*@old: label to replace*@new: label replacing @old* Returns: true if @old was in tree and replaced* else @old was not in tree, and @new was not inserted
aa_label_find_mergeaa_label_find_merge - find label that is equiv to merge of @a and @b*@a: label to merge with @b (NOT NULL)*@b: label to merge with @a (NOT NULL)* Requires: labels be fully constructed with a valid ns* Returns: ref counted label that is equiv to merge of
aa_label_mergeaa_label_merge - attempt to insert new merged label of @a and @b*@ls: set of labels to insert label into (NOT NULL)*@a: label to merge with @b (NOT NULL)*@b: label to merge with @a (NOT NULL)*@gfp: memory allocation type* Requires: caller to hold valid
__labelset_update__labelset_update - update labels in @ns*@ns: namespace to update labels in (NOT NULL)* Requires: @ns lock be held* Walk the labelset ensuring that all labels are up to date and valid* Any label that has a stale component is marked stale and replaced and
aa_pivotroot