函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\keys\key.c Create Date:2022-07-27 19:50:27
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:key_alloc - Allocate a key of the specified type.*@type: The type of key to allocate.*@desc: The key description to allow the key to be searched out.*@uid: The owner of the new key.*@gid: The group ID for the new key's group permissions.

函数原型:struct key *key_alloc(struct key_type *type, const char *desc, kuid_t uid, kgid_t gid, const struct cred *cred, key_perm_t perm, unsigned long flags, struct key_restriction *restrict_link)

返回类型:struct key

参数:

类型参数名称
struct key_type *type
const char *desc
kuid_tuid
kgid_tgid
const struct cred *cred
key_perm_tperm
unsigned longflags
struct key_restriction *restrict_link
229  struct key_user * user = NULL
234  key等于错误号
235  如果非desc或非desc则转到:error
238  如果vet_description
239  ret等于vet_description(desc)
240  如果ret小于0则
241  key等于错误号
242  转到:error
246  desclen等于strlen(desc)
247  quotalen等于desclen加1加default payload length for quota precalculation (optional)* - this can be used instead of calling key_payload_reserve(), that* function only needs to be called if the real datalen is different
250  user等于Get the key quota record for a user, allocating a new record if one doesn't* already exist.
251  如果非user则转到:no_memory_1
256  如果非flags按位与 in quota 的值则
257  maxkeys等于如果uid_eq(uid, GLOBAL_ROOT_UID)则's key count quota 否则general key count quota
259  maxbytes等于如果uid_eq(uid, GLOBAL_ROOT_UID)则's key space quota 否则general key space quota
262  加自旋锁
263  如果非flags按位与add to quota, permit even if overrun 的值则
264  如果umber of keys allocated to this user 加1大于maxkeysumber of bytes allocated to this user quotalen大于maxbytesumber of bytes allocated to this user quotalen小于umber of bytes allocated to this user 则转到:no_quota
270  umber of keys allocated to this user 自加
271  umber of bytes allocated to this user 加等于quotalen
272  自旋锁解锁
276  key等于Shortcuts
277  如果非key则转到:no_memory_2
280  desc_len等于desclen
281  description等于kmemdup - duplicate region of memory*@src: memory region to duplicate*@len: memory region length*@gfp: GFP mask to use* Return: newly allocated copy of @src or %NULL in case of error
282  如果非description则转到:no_memory_3
284  type等于type
285  key_set_index_key( & index_key)
287  _set - set a refcount's value*@r: the refcount*@n: value to which the refcount will be set
288  init_rwsem( & change vs change sem )
289  lockdep_set_class( & change vs change sem , & key->sem lock class )
290  owner of this key 等于user
291  length added to quota 等于quotalen
292  payload data length * - may not match RCU dereferenced payload * - payload should contain own length等于default payload length for quota precalculation (optional)* - this can be used instead of calling key_payload_reserve(), that* function only needs to be called if the real datalen is different
293  uid等于uid
294  gid等于gid
295  access permissions 等于perm
296  This is set on a keyring to restrict the addition of a link to a key * to it. If this structure isn't provided then it is assumed that the * keyring is open to any addition. It is ignored for non-keyring * keys. Only set this value using keyring_restrict(等于restrict_link
297  last time used for LRU keyring discard 等于ktime_get_real_seconds - Get the seconds portion of CLOCK_REALTIME* Returns the wall clock seconds since 1970. This replaces the* get_seconds() interface which is not y2038 safe on 32bit systems.
299  如果非flags按位与 in quota 的值则 status flags (change with bitops) 或等于1左移set if key consumes quota
301  如果flags按位与Key is built into kernel status flags (change with bitops) 或等于1左移set if key is built in to the kernel
303  如果flags按位与allocating a user or user session keyring status flags (change with bitops) 或等于1左移set if key is a user or user session keyring
311  ret等于security_key_alloc(key, cred, flags)
312  如果ret小于0则转到:security_error
316  _inc - increment a refcount*@r: the refcount to increment* Similar to atomic_inc(), but will saturate at REFCOUNT_SATURATED and WARN
317  atomic_inc( & umber of keys )
318  Allocate a serial number for a key. These are assigned randomly to avoid* security issues through covert channel problems.
320  error :
321  返回:key
323  security_error :
324  释放内存
325  kmem_cache_free(key_jar, key)
326  如果非flags按位与 in quota 的值则
327  加自旋锁
328  umber of keys allocated to this user 自减
329  umber of bytes allocated to this user 减等于quotalen
330  自旋锁解锁
332  Dispose of a user structure
333  key等于错误号
334  转到:error
336  no_memory_3 :
337  kmem_cache_free(key_jar, key)
338  no_memory_2 :
339  如果非flags按位与 in quota 的值则
340  加自旋锁
341  umber of keys allocated to this user 自减
342  umber of bytes allocated to this user 减等于quotalen
343  自旋锁解锁
345  Dispose of a user structure
346  no_memory_1 :
347  key等于错误号
348  转到:error
350  no_quota :
351  自旋锁解锁
352  Dispose of a user structure
353  key等于错误号
354  转到:error
调用者
名称描述
key_create_or_updatekey_create_or_update - Update or create and instantiate a key.*@keyring_ref: A pointer to the destination keyring with possession flag.*@type: The type of key.*@description: The searchable description for the key.
keyring_allocAllocate a keyring and link into the destination keyring.
construct_alloc_keyAllocate a new key in under-construction state and attempt to link it in to* the requested keyring.* May return a key that's already under construction instead if there was a* race between two thread calling request_key().
request_key_auth_newCreate an authorisation token for /sbin/request-key or whoever to gain* access to the caller's security data.
add_new_master_keyAllocate a new fscrypt_master_key which contains the given secret, set it as* the payload of a new 'struct key' of type fscrypt, and link the 'struct key'* into the given keyring. Synchronized by fscrypt_add_key_mutex.