Function report |
Source Code:security\apparmor\policy.c |
Create Date:2022-07-28 19:52:00 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:policy_view_capable - check if viewing policy in at @ns is allowed* Returns: true if viewing policy is allowed* If @ns is NULL then the namespace being viewed is assumed to be the* tasks current namespace.
Proto:bool policy_view_capable(struct aa_ns *ns)
Type:bool
Parameter:
| Type | Parameter | Name |
|---|---|---|
| struct aa_ns * | ns | namespace being viewed by current task (may be NULL) |
| 644 | user_ns = current_user_ns() |
| 645 | view_ns = aa_get_current_ns() |
| 646 | root_in_user_ns = uid_eq(current_euid(), make_kuid - Map a user-namespace uid pair into a kuid) || in_egroup_p(make_kgid - Map a user-namespace gid pair into a kgid) |
| 648 | bool response = false |
| 649 | If Not namespace being viewed by current task (may be NULL) Then namespace being viewed by current task (may be NULL) = view_ns |
| 652 | If root_in_user_ns && aa_ns_visible(view_ns, namespace being viewed by current task (may be NULL), true) && ( user_ns == userns count is 1 for root user, 1 for init_uts_ns,* and 1 for... ? || unprivileged_userns_apparmor_policy != 0 && level == level ) Then response = true |
| 659 | Return response |
| Name | Describe |
|---|---|
| profiles_open | |
| policy_admin_capable | |
| param_get_aalockpolicy | |
| param_get_aabool | |
| param_get_aauint | |
| param_get_aacompressionlevel | |
| param_get_audit | |
| param_get_mode | |
| rawdata_open |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |