Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\device_cgroup.c Create Date:2022-07-28 19:55:51
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Modify the exception list using allow/deny rules

Proto:static int devcgroup_update_access(struct dev_cgroup *devcgroup, int filetype, char *buffer)

Type:int

Parameter:

TypeParameterName
struct dev_cgroup *devcgroup
intfiletype
char *buffer
600  rc = 0
602  parent = css_to_devcgroup(PI: the parent css. Placed here for cache proximity to following* fields of the containing structure.)
604  If Not Check operation authority Then Return -EPERM
607  memset( & ex, 0, size of ex )
608  b = buffer
611  Case b == 'a'
613  Case filetype == DEVCG_ALLOW
614  If ss_has_online_children - does a css have online children*@css: the target css* Returns %true if @css has any online children; otherwise, %false. This* function can be called from any context but the caller is responsible Then Return -EINVAL
617  If Not may_allow_all - checks if it's possible to change the behavior to* allow based on parent's rules.*@parent: device cgroup's parent* returns: != 0 in case it's allowed, 0 otherwise Then Return -EPERM
619  dev_exception_clean - frees all entries of the exception list*@dev_cgroup: dev_cgroup with the exception list to be cleaned* called under devcgroup_mutex
620  behavior = DEVCG_DEFAULT_ALLOW
621  If Not parent Then Break
624  rc = alled under devcgroup_mutex
626  If rc Then Return rc
628  Break
629  Case filetype == DEVCG_DENY
630  If ss_has_online_children - does a css have online children*@css: the target css* Returns %true if @css has any online children; otherwise, %false. This* function can be called from any context but the caller is responsible Then Return -EINVAL
633  dev_exception_clean - frees all entries of the exception list*@dev_cgroup: dev_cgroup with the exception list to be cleaned* called under devcgroup_mutex
634  behavior = DEVCG_DEFAULT_DENY
635  Break
636  Default
637  Return -EINVAL
639  Return 0
640  Case b == 'b'
641  type = DEVCG_DEV_BLOCK
642  Break
643  Case b == 'c'
644  type = DEVCG_DEV_CHAR
645  Break
646  Default
647  Return -EINVAL
649  b++
650  If Not Note: isspace() must return false for %NUL-terminator ( * b) Then Return -EINVAL
652  b++
653  If b == '*' Then
654  major = ~0
655  b++
656  Else if isdigit( * b) Then
657  memset(temp, 0, size of temp )
658  When count < size of temp - 1 cycle
659  temp[count] = b
660  b++
661  If Not isdigit( * b) Then Break
664  rc = kstrtou32(temp, 10, & major)
665  If rc Then Return -EINVAL
667  Else
668  Return -EINVAL
670  If b != ':' Then Return -EINVAL
672  b++
675  If b == '*' Then
676  minor = ~0
677  b++
678  Else if isdigit( * b) Then
679  memset(temp, 0, size of temp )
680  When count < size of temp - 1 cycle
681  temp[count] = b
682  b++
683  If Not isdigit( * b) Then Break
686  rc = kstrtou32(temp, 10, & minor)
687  If rc Then Return -EINVAL
689  Else
690  Return -EINVAL
692  If Not Note: isspace() must return false for %NUL-terminator ( * b) Then Return -EINVAL
694  When count < 3 cycle
696  Case b == 'r'
697  access |= DEVCG_ACC_READ
698  Break
699  Case b == 'w'
700  access |= DEVCG_ACC_WRITE
701  Break
702  Case b == 'm'
703  access |= DEVCG_ACC_MKNOD
704  Break
705  Case b == '\n'
706  Case b == '\0'
707  count = 3
708  Break
709  Default
710  Return -EINVAL
715  Case filetype == DEVCG_ALLOW
733  Case filetype == DEVCG_DENY
749  Default
750  rc = -EINVAL
752  Return rc
Caller
NameDescribe
devcgroup_access_write