函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\file.c Create Date:2022-07-27 21:42:31
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:__file_path_perm

函数原型:static int __file_path_perm(const char *op, struct aa_label *label, struct aa_label *flabel, struct file *file, unsigned int request, unsigned int denied, bool in_atomic)

返回类型:int

参数:

类型参数名称
const char *op
struct aa_label *label
struct aa_label *flabel
struct file *file
unsigned intrequest
unsigned intdenied
boolin_atomic
521  struct aa_perms perms = {}
522  struct path_cond cond = {uid = i_uid, mode = i_mode}
530  如果非deniedaa_label_is_subset(flabel, label)则返回:0
534  flags等于 delegate deleted files 按位或如果S_ISDIR(mode)则 path is a directory 否则0
535  buffer等于aa_get_buffer(in_atomic)
536  如果非buffer则返回:负ENOMEM
540  error等于fn_for_each_not_in_set(flabel, label, profile, profile_path_perm(op, profile, & f_path, buffer, request, & cond, flags, & perms))
543  如果denied且非error
552  如果label恒等于flabelerror等于fn_for_each(label, profile, profile_path_perm(op, profile, & f_path, buffer, request, & cond, flags, & perms))
557  否则error等于fn_for_each_not_in_set(label, flabel, profile, profile_path_perm(op, profile, & f_path, buffer, request, & cond, flags, & perms))
563  如果非errorupdate_file_ctx(file_ctx(file), label, request)
566  aa_put_buffer(buffer)
568  返回:error
调用者
名称描述
aa_file_permaa_file_perm - do permission revalidation check & audit for @file*@op: operation being checked*@label: label being enforced (NOT NULL)*@file: file to revalidate access permissions on (NOT NULL)*@request: requested permissions*@in_atomic: whether