Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\resource.c Create Date:2022-07-28 19:53:30
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:aa_task_setrlimit - test permission to set an rlimit*@label - label confining the task (NOT NULL)*@task - task the resource is being set on*@resource - the resource being set*@new_rlim - the new resource limit (NOT NULL)

Proto:int aa_task_setrlimit(struct aa_label *label, struct task_struct *task, unsigned int resource, struct rlimit *new_rlim)

Type:int

Parameter:

TypeParameterName
struct aa_label *label
struct task_struct *task
unsigned intresource
struct rlimit *new_rlim
109  error = 0
111  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
112  peer = aa_get_newest_cred_label - obtain the newest label on a cred*@cred: cred to obtain label from (NOT NULL)* Returns: newest version of confining label
113  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
122  If label != peer && aa_capable - test permission to use capability*@label: label being tested for capability (NOT NULL)*@cap: capability to be tested*@opts: CAP_OPT_NOAUDIT bit determines whether audit record is generated* Look up capability in profile capability set. != 0 Then error = fn_for_each(label, profile, audit_resource - audit setting resource limit*@profile: profile being enforced (NOT NULL)*@resource: rlimit being auditing*@value: value being set*@error: error value* Returns: 0 or sa->error else other error code on failure)
128  Else error = fn_for_each_confined(label, profile, profile_setrlimit(profile, resource, new_rlim))
131  aa_put_label(peer)
133  Return error
Caller
NameDescribe
apparmor_task_setrlimit