refmon Kernel Service

Purpose

Performs various access checks such as privileges, authorizations, discretionary access control checks and so on.

Syntax

#include <refmon.h>

int refmon (crp, action, flags, nargs, args[]) cred_t *crp; rfm_action_t action; uint_t flags; int nargs; void *args[];

Parameters

Item	Description
crp	Specifies the caller's (subject) credentials; If NULL, then current process credentials are referenced.
action	Specifies the type of access check that needs to be carried out.
flags	Enables auditing of this event. You can only set this parameter to the value of REFMON_AUDIT.
nargs	Specifies the number of arguments in the args parameter.
args	Specifies an array of void pointers used as input to the refmon kernel service based on the action parameter.

Description

The refmon kernel service provides an interface to perform various access checks. You can call the refmon kernel service to determine access to system resources. Most of the actions that are passed to the refmon kernel service check for specific privileges. Many of the system calls and kernel services call the refmon kernel service to check whether you are authorized or privileged to use such functions. The action parameter determines which type of checks needs to be performed. The sys/refmon.h header file contains a complete list of these actions and their corresponding description.

Execution Environment

The refmon kernel service can be called from the process environment only.

Return Values

Item	Description
0	Success.
EINVAL	The action parameter is not valid or a value that is not allowed is passed in for an action.
EPERM	The caller does not have permission to perform the intended action.