audit_match_perm

Name:audit_match_perm

Proto:static int audit_match_perm(struct audit_context *ctx, int mask)

Type:int

Parameter:

Type	Parameter	Name
struct audit_context *	ctx
int	mask

136

If Value for the false possibility is greater at compile time(!ctx) Then Return 0

138

n = syscall number

141

Case audit_classify_syscall(arch, n) == 0

142

If mask & AUDIT_PERM_WRITE && audit_match_class(AUDIT_CLASS_WRITE, n) Then Return 1

145

If mask & AUDIT_PERM_READ && audit_match_class(AUDIT_CLASS_READ, n) Then Return 1

148

If mask & AUDIT_PERM_ATTR && audit_match_class(AUDIT_CLASS_CHATTR, n) Then Return 1

151

Return 0

152

Case audit_classify_syscall(arch, n) == 1

153

If mask & AUDIT_PERM_WRITE && audit_match_class(AUDIT_CLASS_WRITE_32, n) Then Return 1

156

If mask & AUDIT_PERM_READ && audit_match_class(AUDIT_CLASS_READ_32, n) Then Return 1

159

If mask & AUDIT_PERM_ATTR && audit_match_class(AUDIT_CLASS_CHATTR_32, n) Then Return 1

162

Return 0

163

Case audit_classify_syscall(arch, n) == 2

164

Return mask & ACC_MODE(syscall arguments [1])

165

Case audit_classify_syscall(arch, n) == 3

166

Return mask & ACC_MODE(syscall arguments [2])

167

Case audit_classify_syscall(arch, n) == 4

168

Return mask & AUDIT_PERM_WRITE && syscall arguments [0] == sys_bind(2)

169

Case audit_classify_syscall(arch, n) == 5

170

Return mask & AUDIT_PERM_EXEC

171

Default

172

Return 0

**Caller**
Name	Describe
audit_filter_rules	Compare a task_struct with an audit_rule. Return 1 on match, 0* otherwise.* If task_creation is true, this is an explicit indication that we are* filtering a task rule at task creation time. This and tsk == current are

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion