selinux-refpolicy/www/api-docs/kernel_devices.html

3091 lines
36 KiB
HTML

<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: kernel</h1><p/>
<h2>Module: devices</h2><p/>
<h3>Description:</h3>
<p>
</p><p>
This module creates the device node concept and provides
the policy for many of the device files. Notable exceptions are
the mass storage and terminal devices that are covered by other
modules.
</p><p>
</p><p>
This module creates the concept of a device node. That is a
char or block device file, usually in /dev. All types that
are used to label device nodes should use the dev_node macro.
</p><p>
</p><p>
Additionally, this module controls access to three things:
</p><ul><li>the device directories containing device nodes</li><li>device nodes as a group</li><li>individual access to specific device nodes covered by
this module.</li></ul><p>
</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>dev_create_dev_node</b>(
domain
,
file
,
objectclass(es)
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, and write device nodes. The node
will be transitioned to the type provided.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
<tr><td>
file
</td><td>
Type to which the created node will be transitioned.
</td><td>
No
</td></tr>
<tr><td>
objectclass(es)
</td><td>
Object class(es) (single or set including {}) for which this
the transition will occur.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_create_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create a directory in the device directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed to create the directory.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_create_generic_chr_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow read, write, and create for generic character device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_del_generic_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete symbolic links in device directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_delete_lvm_control</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete the lvm control device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_getattr_all_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit getattr on all block file device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_getattr_all_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit getattr on all character file device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_getattr_generic_blk_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit getattr on generic block devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_getattr_generic_chr_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit getattr for generic character device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_getattr_generic_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit getattr on generic pipes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_list_all_dev_nodes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit attempts to list all device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit listing of device nodes.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_rw_dri_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit read and write on the dri devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_dontaudit_rw_generic_dev_nodes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit getattr for generic device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to dontaudit access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_getattr_agp_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Getattr the agp devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_getattr_all_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Getattr on all block file device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_getattr_all_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Getattr on all character file device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_getattr_generic_blk_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow getattr on generic block devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_getattr_generic_chr_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow getattr for generic character device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_list_all_dev_nodes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List all of the device nodes in a device directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed to list device nodes.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_list_usbfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Allow caller to get a list of usb hardware.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type getting the list.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_all_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read, write, create, and delete all block device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_all_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read, write, create, and delete all character device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_dev_nodes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, delete, read, and write device nodes in device directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_generic_blk_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow read, write, create, and delete for generic
block files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_generic_blk_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, delete, read, and write block device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_generic_chr_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, delete, read, and write character device files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_manage_generic_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, delete, read, and write symbolic links in device directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_node</b>(
object_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the passed in type a type appropriate for
use on device nodes (usually files in /dev).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
object_type
</td><td>
The object type that will be used on device nodes.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_cpuid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the multiplexed input device (/dev/input).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_framebuffer</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the framebuffer device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_input</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the multiplexed input device (/dev/input).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_lvm_control</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the lvm comtrol device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_misc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read miscellaneous devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_mouse</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the mouse devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_mtrr</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the mtrr device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_rand</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read from random devices (e.g., /dev/random)
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_raw_memory</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read raw memory devices (e.g. /dev/mem).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_realtime_clock</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the realtime clock (/dev/rtc).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_snd_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the sound devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_snd_mixer_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the sound mixer devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_sysfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Allow caller to read hardware state information.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type reading hardware state information.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_urand</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read from pseudo random devices (e.g., /dev/urandom)
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_read_usbfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Read USB hardware information using
the usbfs filesystem interface.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_relabel_all_dev_nodes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow full relabeling (to and from) of all device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed to relabel.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_relabel_dev_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow full relabeling (to and from) of directories in /dev.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed to relabel.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_agp_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the agp devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_cpu_microcode</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the the cpu microcode device. This
is required to load cpu microcode.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_dri_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the dri devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_lvm_control</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the lvm control device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_null_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write to the null device (/dev/null).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_power_management</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the the power management device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_realtime_clock</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the realtime clock (/dev/rtc).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_scanner</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the the scanner device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_sysfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Allow caller to modify hardware state information.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type modifying hardware state information.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_usbfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Allow caller to modify usb hardware configuration files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type modifying the options.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rw_zero_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write to the zero device (/dev/zero).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rwx_zero_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read, write, and execute the zero device (/dev/zero).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_rx_raw_memory</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and execute raw memory devices (e.g. /dev/mem).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_search_sysfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Search the directory containing hardware information.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_search_usbfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Search the directory containing USB hardware information.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_setattr_all_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Setattr on all block file device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_setattr_all_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Setattr on all character file device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_framebuffer</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write the framebuffer device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_misc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write miscellaneous devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_mtrr</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write the mtrr device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_rand</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write to the random device (e.g., /dev/random). This adds
entropy used to generate the random data read from the
random device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_raw_memory</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write raw memory devices (e.g. /dev/mem).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_realtime_clock</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the realtime clock (/dev/rtc).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_snd_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write the sound devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_snd_mixer_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write the sound mixer devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_write_urand</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write to the pseudo random device (e.g., /dev/urandom). This
sets the random number generator seed.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dev_wx_raw_memory</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write and execute raw memory devices (e.g. /dev/mem).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</body>
</html>