<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_bootloader.html'> bootloader</a><br/> - <a href='kernel_corecommands.html'> corecommands</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_domain.html'> domain</a><br/> - <a href='kernel_files.html'> files</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_mls.html'> mls</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: kernel</h1><p/> <h2>Module: kernel</h2><p/> <h3>Description:</h3> <p><p> Policy for kernel threads, proc filesystem,and unlabeled processes and objects. </p></p> <p>This module is required to be included in all policies.</p> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_kernel_change_ring_buffer_level"></a> <div id="interface"> <div id="codeblock"> <b>kernel_change_ring_buffer_level</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change the level of kernel messages logged to the console. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_clear_ring_buffer"></a> <div id="interface"> <div id="codeblock"> <b>kernel_clear_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows the caller to clear the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type clearing the buffer. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_core"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_core</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of core kernel interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_message_if"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_message_if</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of kernel message interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_blk_dev"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_blk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get attributes for unlabeled block devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_chr_dev"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_chr_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get attributes for unlabeled character devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_file"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of an unlabeled file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_pipes"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of unlabeled named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_sockets"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of unlabeled named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_getattr_unlabeled_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_getattr_unlabeled_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to get the attributes of unlabeled symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_list_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_list_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list the contents of directories in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_list_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_list_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_proc_symlink"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_proc_symlink</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to read system state information in proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_ring_buffer"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_system_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_system_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to read system state information in proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_read_unlabeled_file"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_read_unlabeled_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to read an unlabeled file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_network_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_network_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the network state directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the state. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_network_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_network_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to search network sysctl directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_search_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_search_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts by caller to search the base directory of sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_use_fd"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_use_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use kernel file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of process not to audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_dontaudit_write_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_dontaudit_write_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_get_sysvipc_info"></a> <div id="interface"> <div id="codeblock"> <b>kernel_get_sysvipc_info</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get information on all System V IPC objects. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_core"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_core</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to get attribues of core kernel interface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type getting the attibutes. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_message_if"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_message_if</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to get the attributes of kernel message interface (/proc/kmsg). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type getting the attributes. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the proc filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_getattr_proc_files"></a> <div id="interface"> <div id="codeblock"> <b>kernel_getattr_proc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of files in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_kill_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_kill_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a kill signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_list_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_list_from</b>( dir_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to read the contents of the specified directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> dir_type </td><td> Directory type to list. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_list_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_list_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of directories in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_list_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_list_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_load_module"></a> <div id="interface"> <div id="codeblock"> <b>kernel_load_module</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to load kernel modules </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to allow to load kernel modules. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_mount_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_mount_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the domain mounting the filesystem. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_all_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_all_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read all sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read information from the debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_device_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_device_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the device sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to allow to read the device sysctls. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_file_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_file_from</b>( dir_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to read the specified file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> dir_type </td><td> Directory type to list. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_fs_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_fs_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read filesystem sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_hotplug_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_hotplug_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the hotplug sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_irq_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_irq_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read IRQ sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_messages"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_messages</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read kernel messages using the /proc/kmsg interface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the messages. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_modprobe_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_modprobe_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the modprobe sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_net_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_net_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read network sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_network_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_network_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the network state information. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the state. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_network_state_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_network_state_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the network state symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the state. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_proc_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_proc_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_ring_buffer"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_ring_buffer</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to read the ring buffer. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type allowed to read the ring buffer. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_rpc_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_rpc_sysctl</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_software_raid_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_software_raid_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read the state information for software raid. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading software raid state. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow access to read sysctl directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type to allow to read sysctl directories. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_system_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_system_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows caller to read system state information in proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the system state information. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_unix_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_unix_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read unix domain socket sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_read_vm_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_read_vm_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_relabel_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_relabel_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to relabel unlabeled objects. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type relabeling the objects. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_remount_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_remount_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Remount a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the domain remounting the filesystem. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rootfs_mountpoint"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rootfs_mountpoint</b>( directory_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows the kernel to mount filesystems on the specified directory type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> directory_type </td><td> The type of the directory to use as a mountpoint. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_all_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_all_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write all sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_device_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_device_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write device sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_fs_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_fs_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write fileystem sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_hotplug_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_hotplug_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write the hotplug sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_irq_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_irq_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write IRQ sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_kernel_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_kernel_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write generic kernel sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_modprobe_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_modprobe_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write the modprobe sysctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_net_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_net_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to modiry contents of sysctl network files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_pipe"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_pipe</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write kernel unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_rpc_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_rpc_sysctl</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_software_raid_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_software_raid_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read and set the state information for software raid. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading software raid state. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unix_dgram_socket"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unix_dgram_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write kernel unix datagram sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unix_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unix_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unix domain socket sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_unlabeled_dir"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_unlabeled_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unlabeled directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_rw_vm_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_rw_vm_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_from</b>( dir_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to search the specified directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> dir_type </td><td> Directory type to search. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_network_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_network_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow searching of network state directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type reading the state. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_network_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_network_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search network sysctl directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_proc"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_proc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search directories in /proc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_search_vm_sysctl"></a> <div id="interface"> <div id="codeblock"> <b>kernel_search_vm_sysctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to search virtual memory sysctls. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_send_syslog_msg_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_send_syslog_msg_from</b>( socket , syslog_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to send a syslog message to the specified domain, connecting over the specified named socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> socket </td><td> The type of the named socket file. </td><td> No </td></tr> <tr><td> syslog_type </td><td> The domain of the syslog daemon. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sendrecv_unlabeled_association"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sendrecv_unlabeled_association</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send and receive messages from an unlabeled IPSEC association. </p> <h5>Description</h5> <p> </p><p> Send and receive messages from an unlabeled IPSEC association. Network connections that are not protected by IPSEC have use an unlabeled assocation. </p><p> </p><p> The corenetwork interface corenet_sendrecv_no_ipsec() should be used instead of this one. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sendto_unix_dgram_socket"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sendto_unix_dgram_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send messages to kernel unix datagram sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_setpgid"></a> <div id="interface"> <div id="codeblock"> <b>kernel_setpgid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the process group of kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_share_state"></a> <div id="interface"> <div id="codeblock"> <b>kernel_share_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows the kernel to share state information with the caller. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process with which to share state information. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigchld"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a SIGCHLD signal to kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process sending the signal. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigchld_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld_from</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to send a SIGCHLD signal to the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain receiving the SIGCHLD. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigchld_from_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld_from_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow unlabeled processes to send a SIGCHLD signal to the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain receiving the SIGCHLD. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigchld_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigchld_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a child terminated signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_signal"></a> <div id="interface"> <div id="codeblock"> <b>kernel_signal</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a generic signal to kernel threads. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process sending the signal. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_signal_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_signal_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send general signals to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_signull_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_signull_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a null signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_sigstop_unlabeled"></a> <div id="interface"> <div id="codeblock"> <b>kernel_sigstop_unlabeled</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a stop signal to unlabeled processes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_tcp_recvfrom"></a> <div id="interface"> <div id="codeblock"> <b>kernel_tcp_recvfrom</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Receive messages from kernel TCP sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_udp_recvfrom"></a> <div id="interface"> <div id="codeblock"> <b>kernel_udp_recvfrom</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Receive messages from kernel UDP sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_udp_sendfrom"></a> <div id="interface"> <div id="codeblock"> <b>kernel_udp_sendfrom</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to send UDP network traffic the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the receiving domain. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>kernel_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to the kernel. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_unmount_debugfs"></a> <div id="interface"> <div id="codeblock"> <b>kernel_unmount_debugfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unmount a kernel debugging filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the domain unmounting the filesystem. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_use_fd"></a> <div id="interface"> <div id="codeblock"> <b>kernel_use_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Permits caller to use kernel file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process using the descriptors. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_use_ld_so_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_use_ld_so_from</b>( lib_type , ld_type , cache_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use the specified types for /lib directory and use the dynamic link/loader for automatic loading of shared libraries, and the link/loader cache. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> lib_type </td><td> The type of the lib directories. </td><td> No </td></tr> <tr><td> ld_type </td><td> The type of the dynamic link/loader. </td><td> No </td></tr> <tr><td> cache_type </td><td> The type of the dynamic link/loader cache. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_use_shared_libs_from"></a> <div id="interface"> <div id="codeblock"> <b>kernel_use_shared_libs_from</b>( lib_dir_type , shlib_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the kernel to load and execute functions from the specified shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> lib_dir_type </td><td> The type of the lib directories. </td><td> No </td></tr> <tr><td> shlib_type </td><td> Shared library type. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_use_unlabeled_blk_dev"></a> <div id="interface"> <div id="codeblock"> <b>kernel_use_unlabeled_blk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unlabeled block device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_userland_entry"></a> <div id="interface"> <div id="codeblock"> <b>kernel_userland_entry</b>( domain , entrypoint )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allows to start userland processes by transitioning to the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The process type entered by kernel. </td><td> No </td></tr> <tr><td> entrypoint </td><td> The executable type for the entrypoint. </td><td> No </td></tr> </table> </div> </div> <a name="link_kernel_write_proc_file"></a> <div id="interface"> <div id="codeblock"> <b>kernel_write_proc_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write to generic proc entries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>