函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\auditsc.c Create Date:2022-07-27 12:30:25
Last Modify:2020-03-17 16:31:21 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:安全审计

函数原型:int audit_alloc(struct task_struct *tsk)

返回类型:int

参数:

类型参数名称
struct task_struct *tsk
919  char * key = NULL
921  如果此条件成立可能性大(为编译器优化)(!audit_ever_enabled)则返回:0
924  state等于At process creation time, we can determine if system-call auditing is* completely disabled for this task. Since we only have the task* structure at this point, we can only check uid and gid.
925  如果state恒等于不审计
926  清除线程指定标志
927  返回:0
930  如果非context等于audit_alloc_context(state)则
931  kfree(key)
932  audit_log_lost - conditionally log lost audit message event*@message: the message stating reason for lost audit message* Emit at least 1 message per second, even if audit_rate_check is* throttling.* Always increment the lost messages counter.
933  返回:负ENOMEM
935  过滤规则等于key
937  audit_set_context(tsk, context)
938  Set thread flags in other task's structures.* See asm/thread_info.h for TIF_xxxx flags available:
939  返回:0