<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_corecommands.html'> corecommands</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_domain.html'> domain</a><br/> - <a href='kernel_files.html'> files</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_mcs.html'> mcs</a><br/> - <a href='kernel_mls.html'> mls</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: kernel</h1><p/> <h2>Module: kernel</h2><p/> <h3>Description:</h3> <p><p> Policy for kernel threads, proc filesystem, and unlabeled processes and objects. </p></p> <p>This module is required to be included in all policies.</p> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_kernel_change_ring_buffer_level"></a> <div id="interface"> <div id="codeblock"> <b>kernel_change_ring_buffer_level</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change the level of kernel messages logged to the console. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_clear_ring_buffer"></a> <div id="interface"> <div id="codeblock"> <b>kernel_clear_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows the caller to clear the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type clearing the buffer. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dgram_send"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dgram_send</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send messages to kernel unix datagram sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_domtrans_to"></a> <div id="interface"> <div id="codeblock"> <b>kernel_domtrans_to</b>( domain , entrypoint )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows to start userland processes by transitioning to the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type entered by kernel. </p> </td><td> No </td></tr> <tr><td> entrypoint </td><td> <p> The executable type for the entrypoint. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_core_if"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_core_if</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of core kernel interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_message_if"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_message_if</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of kernel message interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get attributes for unlabeled block devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get attributes for unlabeled character devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of an unlabeled file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_pipes"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of unlabeled named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_sockets"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of unlabeled named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of unlabeled symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_list_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_list_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list the contents of directories in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_list_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_list_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_proc_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_proc_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to read system state information in proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_ring_buffer"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_system_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_system_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to read system state information in proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_unlabeled_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_unlabeled_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to read an unlabeled file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_network_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_network_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the network state directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading the state. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_network_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_network_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to search network sysctl directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to search the base directory of sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_use_fds"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_use_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use kernel file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of process not to audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_write_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_write_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_get_sysvipc_info"></a> <div id="interface"> <div id="codeblock"> <b>kernel_get_sysvipc_info</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get information on all System V IPC objects. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_core_if"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_core_if</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to get attribues of core kernel interface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type getting the attibutes. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_message_if"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_message_if</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to get the attributes of kernel message interface (/proc/kmsg). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type getting the attributes. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the proc filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_proc_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_proc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of files in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_kill_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_kill_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a kill signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_list_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_list_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of directories in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_list_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_list_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_load_module"></a> <div id="interface"> <div id="codeblock"> <b>kernel_load_module</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to load kernel modules </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type to allow to load kernel modules. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_mount_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_mount_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the domain mounting the filesystem. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_all_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_all_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read all sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read information from the debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_device_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_device_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the device sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type to allow to read the device sysctls. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_fs_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_fs_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read filesystem sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_hotplug_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_hotplug_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the hotplug sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_irq_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_irq_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read IRQ sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_kernel_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_kernel_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_messages"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_messages</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read kernel messages using the /proc/kmsg interface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading the messages. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_modprobe_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_modprobe_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the modprobe sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_net_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_net_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read network sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_network_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_network_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the network state information. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading the state. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_network_state_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_network_state_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the network state symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading the state. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_proc_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_proc_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_ring_buffer"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to read the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type allowed to read the ring buffer. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_rpc_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_rpc_sysctls</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> <p> Parameter descriptions are missing! </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_software_raid_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_software_raid_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the state information for software raid. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading software raid state. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow access to read sysctl directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type to allow to read sysctl directories. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_system_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_system_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to read system state information in proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading the system state information. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_unix_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_unix_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read unix domain socket sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_vm_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_vm_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_relabelfrom_unlabeled_dirs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_relabelfrom_unlabeled_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to relabel unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type relabeling the objects. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_relabelfrom_unlabeled_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_relabelfrom_unlabeled_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to relabel unlabeled files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type relabeling the objects. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_relabelfrom_unlabeled_pipes"></a> <div id="interface"> <div id="codeblock"> <b>kernel_relabelfrom_unlabeled_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to relabel unlabeled named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type relabeling the objects. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_relabelfrom_unlabeled_sockets"></a> <div id="interface"> <div id="codeblock"> <b>kernel_relabelfrom_unlabeled_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to relabel unlabeled named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type relabeling the objects. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_relabelfrom_unlabeled_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_relabelfrom_unlabeled_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to relabel unlabeled symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type relabeling the objects. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_remount_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_remount_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Remount a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the domain remounting the filesystem. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rootfs_mountpoint"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rootfs_mountpoint</b>( directory_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows the kernel to mount filesystems on the specified directory type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> directory_type </td><td> <p> The type of the directory to use as a mountpoint. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_all_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_all_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write all sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_device_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_device_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write device sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_fs_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_fs_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write fileystem sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_hotplug_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_hotplug_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write the hotplug sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_irq_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_irq_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write IRQ sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_modprobe_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_modprobe_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write the modprobe sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_net_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_net_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to modiry contents of sysctl network files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_pipes"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write kernel unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_rpc_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_rpc_sysctls</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> <p> Parameter descriptions are missing! </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_software_raid_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_software_raid_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read and set the state information for software raid. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading software raid state. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unix_dgram_sockets"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unix_dgram_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write kernel unix datagram sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unix_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unix_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unix domain socket sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unlabeled_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unlabeled_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unlabeled block device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unlabeled_dirs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unlabeled_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_vm_sysctls"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_vm_sysctls</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_network_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_network_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow searching of network state directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The process type reading the state. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_network_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_network_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search network sysctl directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search directories in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_vm_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_vm_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to search virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sendrecv_unlabeled_association"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sendrecv_unlabeled_association</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send and receive messages from an unlabeled IPSEC association. </p> <h5>Description</h5> <p> </p><p> Send and receive messages from an unlabeled IPSEC association. Network connections that are not protected by IPSEC have use an unlabeled assocation. </p><p> </p><p> The corenetwork interface corenet_non_ipsec_sendrecv() should be used instead of this one. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_setpgid"></a> <div id="interface"> <div id="codeblock"> <b>kernel_setpgid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the process group of kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_share_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_share_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows the kernel to share state information with the caller. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the process with which to share state information. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigchld"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a SIGCHLD signal to kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the process sending the signal. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigchld_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a child terminated signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_signal"></a> <div id="interface"> <div id="codeblock"> <b>kernel_signal</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a generic signal to kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the process sending the signal. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_signal_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_signal_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send general signals to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_signull_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_signull_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a null signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigstop_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigstop_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a stop signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_tcp_recvfrom"></a> <div id="interface"> <div id="codeblock"> <b>kernel_tcp_recvfrom</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Receive messages from kernel TCP sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_udp_recvfrom"></a> <div id="interface"> <div id="codeblock"> <b>kernel_udp_recvfrom</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Receive messages from kernel UDP sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_udp_send"></a> <div id="interface"> <div id="codeblock"> <b>kernel_udp_send</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send UDP network traffic to the kernel. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>kernel_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to kernel module resources. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_unmount_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_unmount_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unmount a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the domain unmounting the filesystem. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_use_fds"></a> <div id="interface"> <div id="codeblock"> <b>kernel_use_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Permits caller to use kernel file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> The type of the process using the descriptors. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_write_proc_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_write_proc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write to generic proc entries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>