.\" This manpage has been automatically generated by docbook2man 
.\" from a DocBook document.  This tool can be found at:
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> 
.\" Please send any bug reports, improvements, comments, patches, 
.\" etc. to Steve Cheng <steve@ggi-project.org>.
.TH "AVC_HAS_PERM_NOAUDIT" "9" "09 October 2005" "" ""

.SH NAME
avc_has_perm_noaudit \- Check permissions but perform no auditing.
.SH SYNOPSIS
"SYNOPSIS"
.sp
\fB
.sp
int avc_has_perm_noaudit  (u32 \fIssid\fB, u32 \fItsid\fB, u16 \fItclass\fB, u32 \fIrequested\fB, struct av_decision * \fIavd\fB);
\fR
.SH "ARGUMENTS"
.TP
\fB\fIssid\fB\fR
source security identifier
.TP
\fB\fItsid\fB\fR
target security identifier
.TP
\fB\fItclass\fB\fR
target security class
.TP
\fB\fIrequested\fB\fR
requested permissions, interpreted based on \fItclass\fR
.TP
\fB\fIavd\fB\fR
access vector decisions
.SH "DESCRIPTION"
.PP
Check the AVC to determine whether the \fIrequested\fR permissions are granted
for the SID pair (\fIssid\fR, \fItsid\fR), interpreting the permissions
based on \fItclass\fR, and call the security server on a cache miss to obtain
a new decision and add it to the cache.  Return a copy of the decisions
in \fIavd\fR\&.  Return 0 if all \fIrequested\fR permissions are granted,
-EACCES if any permissions are denied, or another -errno upon
other errors.  This function is typically called by \fBavc_has_perm\fR,
but may also be called directly to separate permission checking from
auditing, e.g. in cases where a lock must be held for the check but
should be released for the auditing.