函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\auditsc.c Create Date:2022-07-27 12:31:24
Last Modify:2020-03-17 16:31:21 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:__audit_inode - store the inode and device from a lookup*@name: name being audited*@dentry: dentry being audited*@flags: attributes for this particular entry

函数原型:void __audit_inode(struct filename *name, const struct dentry *dentry, unsigned int flags)

返回类型:void

参数:

类型参数名称
struct filename *name
const struct dentry *dentry
unsigned intflags
1947  context等于audit_context()
1948  inode等于d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
1950  parent等于flags按位与dentry represents the parent
1952  list等于Audit filter lists, defined in [Apply rule at __audit_inode_child ]
1955  如果非是系统调用则返回
1958  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
1960 i小于field_count循环
1961  f等于fields[i]
1963  如果type恒等于FileSystem Type audit_comparator(s_magic, op, val)且action恒等于Do not build context if rule matches
1967  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
1968  返回
1972  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
1974  如果非name则转到:out_alloc
1981  n等于aname
1982  如果n
1983  如果parent
1984  如果cord type 恒等于a parent audit record cord type 恒等于we don't know yet 则转到:out
1987  否则
1988  如果cord type 不等于a parent audit record 则转到:out
1994  如果ino
1996  如果ino不等于Stat data, not accessed from path walking dev不等于s_dev则继续下一循环
1999  否则如果name
2001  如果字符串比较则继续下一循环
2003  否则继续下一循环
2008  如果parent
2009  如果cord type 恒等于a parent audit record cord type 恒等于we don't know yet 则转到:out
2012  否则
2013  如果cord type 不等于a parent audit record 则转到:out
2018  out_alloc :
2020  n等于audit_alloc_name(context, we don't know yet )
2021  如果非n则返回
2023  如果name
2024  name等于name
2025  refcnt自加
2028  out :
2029  如果parent
2030  umber of chars to log 等于如果nameparent_len - find the length of the parent portion of a pathname*@path: pathname of which to determine length否则Indicates that audit should log the full pathname.
2031  cord type 等于a parent audit record
2032  如果flags按位与audit record should be hidden don't log this record = true
2034  否则
2035  umber of chars to log 等于Indicates that audit should log the full pathname.
2036  cord type 等于a "normal" audit record
2038  handle_path(dentry)
2039  Copy inode data into an audit_names.
调用者
名称描述
__audit_file