函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\policy.c Create Date:2022-07-27 21:33:16
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:aa_may_manage_policy - can the current task manage policy*@label: label to check if it can manage policy*@op: the policy manipulation operation being done* Returns: 0 if the task is allowed to manipulate policy else error

函数原型:int aa_may_manage_policy(struct aa_label *label, struct aa_ns *ns, unsigned int mask)

返回类型:int

参数:

类型参数名称
struct aa_label *label
struct aa_ns *ns
unsigned intmask
684  如果mask按位与AA_MAY_REMOVE_POLICYop等于OP_PROF_RM
686  否则如果mask按位与AA_MAY_REPLACE_POLICYop等于OP_PROF_REPL
688  否则op等于OP_PROF_LOAD
692  如果aa_g_lock_policy则返回:audit_policy - Do auditing of policy changes*@label: label to check if it can manage policy*@op: policy operation being performed*@ns_name: name of namespace being manipulated*@name: name of profile being manipulated (NOT NULL)*@info: any extra
696  如果非policy_admin_capable(ns)则返回:audit_policy - Do auditing of policy changes*@label: label to check if it can manage policy*@op: policy operation being performed*@ns_name: name of namespace being manipulated*@name: name of profile being manipulated (NOT NULL)*@info: any extra
701  返回:0
调用者
名称描述
profile_remove.remove file hook fn to remove loaded policy
ns_mkdir_op
ns_rmdir_op