Lines Matching full:api
59 opportunity to modify security behavior at those MAC API entry points.
60 Both consumers of the API (normal kernel services) and security modules
61 must be aware of the semantics of the API calls, particularly with respect
71 .Ss API for Consumers
72 The MAC API provides a large set of entry points, too broad to specifically
80 Consumers of the MAC API must be aware of the locking requirements for
81 each API entry point: generally, appropriate locks must be held over each
88 of any subject or object passed into the MAC API: all calls require that
90 (potentially lengthy) MAC API call.
93 .Ss API for Module Writers
94 Each module exports a structure describing the MAC API operations that
100 setting API function pointers in the description structure to
105 that they implement: MAC API entry points will have specific locking
111 MAC module writers must also be aware that MAC API entry points will
120 Finally, MAC API module implementors must be careful to avoid
124 MAC API modules should avoid producing scenarios in which deadlocks
127 The MAC API is intended to be easily expandable as new services are
137 introducing new MAC API entries reflecting the operation arguments,
138 scattering these MAC API entry points throughout the new or modified
139 kernel service, extending the front-end implementation of the MAC API