函数逻辑报告 |
Source Code:security\apparmor\include\policy_ns.h |
Create Date:2022-07-27 21:20:46 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| 首页 | 函数Tree |
| 注解内核,赢得工具 | 下载SCCT | English |
函数名称:aa_put_ns - decrement refcount on @ns*@ns: namespace to put reference of* Decrement reference count of @ns and if no longer in use free it
函数原型:static inline void aa_put_ns(struct aa_ns *ns)
返回类型:void
参数:
| 类型 | 参数 | 名称 |
|---|---|---|
| struct aa_ns * | ns |
| 名称 | 描述 |
|---|---|
| profile_load | .load file hook fn to load policy |
| profile_replace | .replace file hook fn to load and/or replace policy |
| profile_remove | .remove file hook fn to remove loaded policy |
| ns_revision_release | vision file hook fn for policy loads |
| __aa_fs_remove_rawdata | |
| ns_mkdir_op | |
| ns_rmdir_op | |
| __aafs_ns_rmdir | Requires: @ns->lock held |
| p_stop | p_stop - stop depth first traversal*@f: seq_file we are filling*@p: the last profile writen* Release all locking done by p_start/p_next on namespace tree |
| policy_get_link | |
| aa_free_profile | aa_free_profile - free a profile*@profile: the profile to free (MAYBE NULL)* Free a profile, its hats and null_profile |
| aa_fqlookupn_profile | |
| policy_view_capable | policy_view_capable - check if viewing policy in at @ns is allowed* Returns: true if viewing policy is allowed* If @ns is NULL then the namespace being viewed is assumed to be the* tasks current namespace. |
| aa_replace_profiles | aa_replace_profiles - replace profile(s) on the profile list*@policy_ns: namespace load is occurring on*@label: label that is attempting to load/replace policy*@mask: permission mask*@udata: serialized data stream (NOT NULL)* unpack and replace a profile |
| aa_remove_profiles | aa_remove_profiles - remove profile(s) from the system*@policy_ns: namespace the remove is being done from*@subj: label attempting to remove policy*@fqname: name of the profile or namespace to remove (NOT NULL)*@size: size of the name* Remove a profile or |
| do_loaddata_free | d to take the ns mutex lock which is NOT safe most places that* put_loaddata is called, so we have to delay freeing it |
| aa_getprocattr | aa_getprocattr - Return the profile information for @profile*@profile: the profile to print profile info about (NOT NULL)*@string: Returns - string containing the profile info (NOT NULL)* Returns: length of @string on success else error on failure* |
| apparmor_socket_post_create | apparmor_socket_post_create - setup the per-socket security struct* Note:* - kernel sockets currently labeled unconfined but we may want to* move to a special kernel label* - socket may not have sk here if created with sock_create_lite or* sock_alloc |
| aa_free_ns | aa_free_ns - free a profile namespace*@ns: the namespace to free (MAYBE NULL)* Requires: All references to the namespace must have been put, if the* namespace was referenced by a profile confining a task, |
| __aa_remove_ns | __aa_remove_ns - remove a namespace and all its children*@ns: namespace to be removed (NOT NULL)* Requires: ns->parent->lock be held and ns removed from parent. |
| aa_free_root_ns | aa_free_root_ns - free the root profile namespace |
| aa_label_audit | |
| aa_label_seq_print | |
| aa_label_printk |
| 源代码转换工具 开放的插件接口 | X |
|---|---|
| 支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |