Function report |
Source Code:security\apparmor\policy.c |
Create Date:2022-07-28 19:52:00 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
home page | Tree |
Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:policy_view_capable - check if viewing policy in at @ns is allowed* Returns: true if viewing policy is allowed* If @ns is NULL then the namespace being viewed is assumed to be the* tasks current namespace.
Proto:bool policy_view_capable(struct aa_ns *ns)
Type:bool
Parameter:
Type | Parameter | Name |
---|---|---|
struct aa_ns * | ns | namespace being viewed by current task (may be NULL) |
644 | user_ns = current_user_ns() |
645 | view_ns = aa_get_current_ns() |
646 | root_in_user_ns = uid_eq(current_euid(), make_kuid - Map a user-namespace uid pair into a kuid) || in_egroup_p(make_kgid - Map a user-namespace gid pair into a kgid) |
648 | bool response = false |
649 | If Not namespace being viewed by current task (may be NULL) Then namespace being viewed by current task (may be NULL) = view_ns |
652 | If root_in_user_ns && aa_ns_visible(view_ns, namespace being viewed by current task (may be NULL), true) && ( user_ns == userns count is 1 for root user, 1 for init_uts_ns,* and 1 for... ? || unprivileged_userns_apparmor_policy != 0 && level == level ) Then response = true |
659 | Return response |
Name | Describe |
---|---|
profiles_open | |
policy_admin_capable | |
param_get_aalockpolicy | |
param_get_aabool | |
param_get_aauint | |
param_get_aacompressionlevel | |
param_get_audit | |
param_get_mode | |
rawdata_open |
Source code conversion tool public plug-in interface | X |
---|---|
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |