<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_bootloader.html'> bootloader</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: kernel</h1><p/> <h2>Module: kernel</h2><p/> <h3>Description:</h3> <p><p> Policy for kernel threads, proc filesystem,and unlabeled processes and objects. </p></p> <p>This module is required to be included in all policies.</p> <a name="interfaces"></a> <h3>Interfaces: </h3> <div id="interface"> <div id="codeblock"> <b>kernel_change_ring_buffer_level</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change the level of kernel messages logged to the console. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_clear_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows the caller to clear the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type clearing the buffer. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_core</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to get the attributes of core kernel interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to not audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_message_if</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts by caller to get the attributes of kernel message interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_blk_dev</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts by caller to get attributes for unlabeled block devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to read the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The domain to not audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_system_state</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts by caller to read system state information. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_network_sysctl_dir</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts by caller to search sysctl network directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_sysctl_dir</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts by caller to search the sysctl directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_use_fd</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to use kernel file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of process not to audit. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_get_sysvipc_info</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Get information on all System V IPC objects. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_core</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows caller to get attribues of core kernel interface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type getting the attibutes. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_message_if</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to get the attributes of kernel message interface (/proc/kmsg). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type getting the attributes. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_kill_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Send a kill signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_load_module</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows caller to load kernel modules </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to allow to load kernel modules. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_all_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read all sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_device_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read the device sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to allow to read the device sysctls. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_fs_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read filesystem sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_hotplug_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read the hotplug sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_irq_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read IRQ sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_messages</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read kernel messages using the /proc/kmsg interface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the messages. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_modprobe_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read the modprobe sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_net_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read network sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_network_state</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read the network state information. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the state. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows caller to read the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type allowed to read the ring buffer. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_rpc_sysctl</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_software_raid_state</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read the state information for software raid. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading software raid state. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_system_state</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows caller to read system state information. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the system state information. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_unix_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read unix domain socket sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_read_vm_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to read virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_relabel_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to relabel unlabeled objects. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type relabeling the objects. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rootfs_mountpoint</b>( directory_type )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows the kernel to mount filesystems on the specified directory type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> directory_type </td><td> The type of the directory to use as a mountpoint. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_all_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write all sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_device_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write device sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_fs_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write fileystem sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_hotplug_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write the hotplug sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_irq_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write IRQ sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_modprobe_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write the modprobe sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_net_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allow caller to modiry contents of sysctl network files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_rpc_sysctl</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unix_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write unix domain socket sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_rw_vm_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_share_state</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows the kernel to share state information with the caller. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process with which to share state information. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Send a SIGCHLD signal to kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process sending the signal. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Send a child terminated signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_signal_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Send general signals to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_signull_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Send a null signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_sigstop_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Send a stop signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to the kernel. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_use_fd</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Permits caller to use kernel file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process using the descriptors. </td><td> No </td></tr> </table> </div> </div> <div id="interface"> <div id="codeblock"> <b>kernel_userland_entry</b>( domain , entrypoint )<br> </div> <div id="description"> <h5>Description</h5> <p> Allows to start userland processes by transitioning to the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type entered by kernel. </td><td> No </td></tr> <tr><td> entrypoint </td><td> The executable type for the entrypoint. </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>