函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\file.c Create Date:2022-07-27 21:42:18
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:profile_path_link

函数原型:static int profile_path_link(struct aa_profile *profile, const struct path *link, char *buffer, const struct path *target, char *buffer2, struct path_cond *cond)

返回类型:int

参数:

类型参数名称
struct aa_profile *profile
const struct path *link
char *buffer
const struct path *target
char *buffer2
struct path_cond *cond
372  const char * lname, * tname = NULL
373  struct aa_perms lperms = {}, perms
374  const char * info = NULL
375  request等于pair
379  error等于path_name(OP_LINK, & label, link, path_flags, buffer, & lname, cond, pair )
381  如果error则转到:audit
385  error等于path_name(OP_LINK, & label, target, path_flags, buffer2, & tname, cond, pair )
387  如果error则转到:audit
390  error等于负EACCES
392  state等于aa_str_perms - find permission that match @name*@dfa: to match against (MAYBE NULL)*@state: state to start matching in*@name: string to match against dfa (NOT NULL)*@cond: conditions to consider for permission set computation (NOT NULL)*@perms: Returns -
395  如果非allow按位与pair 的值则转到:audit
399  state等于aa_dfa_null_transition - step to next state after null character*@dfa: the dfa to match against*@start: the state of the dfa to start matching in* aa_dfa_null_transition transitions to the next state after a null* character which is not used in standard
400  aa_str_perms - find permission that match @name*@dfa: to match against (MAYBE NULL)*@state: state to start matching in*@name: string to match against dfa (NOT NULL)*@cond: conditions to consider for permission set computation (NOT NULL)*@perms: Returns -
405  set only when allow is set 等于 set only when allow is set
406  set only when ~allow | deny 等于 set only when ~allow | deny
407  set only when ~allow | deny 等于 set only when ~allow | deny
409  如果非allow按位与pair 的值则
410  info等于"target restricted"
411  lperms等于perms
412  转到:audit
416  如果非allow按位与verlaid 的值则转到:done_tests
422  aa_str_perms - find permission that match @name*@dfa: to match against (MAYBE NULL)*@state: state to start matching in*@name: string to match against dfa (NOT NULL)*@cond: conditions to consider for permission set computation (NOT NULL)*@perms: Returns -
426  request等于allow按位与pair 的反
427  allow与等于allow按位或pair
429  request或等于AA_AUDIT_FILE_MASK按位与allow按位与allow的反
430  如果request按位与allow的反则
431  转到:audit
432  否则如果allow按位与MAY_EXEC且非xindex_is_subset - helper for aa_path_link*@link: link permission set*@target: target permission set* test target x permissions are equal OR a subset of link x permissions* this is done as part of the subset test, where a hardlink must have
434  allow与等于MAY_EXEC的反
435  request或等于MAY_EXEC
436  info等于"link not subset of target"
437  转到:audit
440  done_tests :
441  error等于0
443  audit :
444  返回:aa_audit_file - handle the auditing of file operations*@profile: the profile being enforced (NOT NULL)*@perms: the permissions computed for the request (NOT NULL)*@op: operation being mediated*@request: permissions requested*@name: name of object being
调用者
名称描述
aa_path_linkaa_path_link - Handle hard link permission check*@label: the label being enforced (NOT NULL)*@old_dentry: the target dentry (NOT NULL)*@new_dir: directory the new link will be created in (NOT NULL)*@new_dentry: the link being created (NOT NULL)