Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_policy.c Create Date:2022-07-28 19:58:58
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:ma_match_policy - decision based on LSM and other conditions*@inode: pointer to an inode for which the policy decision is being made*@cred: pointer to a credentials structure for which the policy decision is* being made*@secid: LSM secid of the task to be

Proto:int ima_match_policy(struct inode *inode, const struct cred *cred, unsigned int secid, enum ima_hooks func, int mask, int flags, int *pcr, struct ima_template_desc **template_desc)

Type:int

Parameter:

TypeParameterName
struct inode *inode
const struct cred *cred
unsigned intsecid
enum ima_hooksfunc
intmask
intflags
int *pcr
struct ima_template_desc **template_desc
497  action = 0 , actmask = flags | flags << 1
499  If template_desc Then template_desc = ima_template_desc_current()
502  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
505  If Not (action & actmask) Then Continue
508  If Not ma_match_rules - determine whether an inode matches the policy rule Then Continue
511  action |= flags & cache flags
513  action |= action & IMA_DO_MASK
514  If action & IMA_APPRAISE Then
515  action |= In addition to knowing that we need to appraise the file in general,* we need to differentiate between calling hooks, for hook specific rules.
516  action &= ~IMA_HASH
517  If ima_fail_unverifiable_sigs Then action |= IMA_FAIL_UNVERIFIABLE_SIGS
522  If action & IMA_DO_MASK Then actmask &= ~(action | action << 1 )
524  Else actmask &= ~(action | action >> 1 )
527  If pcr && flags & IMA_PCR Then pcr = uid_eq(), uid_gt(), uid_lt()
530  If template_desc && template Then template_desc = template
533  If Not actmask Then Break
536  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
538  Return action
Caller
NameDescribe
ima_must_appraisema_must_appraise - set appraise flag* Return 1 to appraise or hash