pub trait AccessVectorComputer {
// Required method
fn access_decision_to_kernel_access_decision(
&self,
class: KernelClass,
av: AccessDecision,
) -> KernelAccessDecision;
}Expand description
An owner of policy information that can translate [crate::Permission] values into
AccessVector values that are consistent with the owned policy.
Required Methods§
Sourcefn access_decision_to_kernel_access_decision(
&self,
class: KernelClass,
av: AccessDecision,
) -> KernelAccessDecision
fn access_decision_to_kernel_access_decision( &self, class: KernelClass, av: AccessDecision, ) -> KernelAccessDecision
Translates the given AccessDecision to a KernelAccessDecision.
The loaded policy’s “handle unknown” configuration determines how permissions
entries not explicitly defined by the policy are handled. Allow-unknown will
result in unknown permissions being allowed, while they are denied (and audited)
if the policy uses deny-unknown.