aa_profile_af_perm

函数名称：Generic af perm

函数原型：int aa_profile_af_perm(struct aa_profile *profile, struct common_audit_data *sa, unsigned int request, u16 family, int type)

返回类型：int

参数：

类型	参数	名称
struct aa_profile *	profile
struct common_audit_data *	sa
unsigned int	request
u16	family
int	type

109

struct aa_perms perms = {}

113

AA_BUG(family >= For now.. )

114

AA_BUG(type < 0 || type >= SOCK_MAX)

116

如果profile_unconfined(profile)则返回:0

118

state等于PROFILE_MEDIATES(profile, AA_CLASS_NET)

119

如果非state则返回:0

122

buffer[0]等于cpu_to_be16(family)

123

buffer[1]等于cpu_to_be16((u16)type)

124

state等于aa_dfa_match_len - traverse @dfa to find state @str stops at*@dfa: the dfa to match @str against (NOT NULL)*@start: the state of the dfa to start matching in*@str: the string of bytes to match against the dfa (NOT NULL)*@len: length of the string of bytes

126

aa_compute_perms(Generic policy DFA specific rule types will be subsections of it , state, & perms)

127

aa_apply_modes_to_perms - apply namespace and profile flags to perms*@profile: that perms where computed from*@perms: perms to apply mode modifiers to* TODO: split into profile and ns based flags for when accumulating perms

129

返回:aa_check_perms - do audit mode selection based on perms set*@profile: profile being checked*@perms: perms computed for the request*@request: requested perms*@deny: Returns: explicit deny set*@sa: initialized audit structure (MAY BE NULL if not

**调用者**
名称	描述
aa_af_perm

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码