avc_update

Name:avc_update_node Update an AVC entry*@event : Updating event*@perms : Permission mask bits*@ssid,@tsid,@tclass : identifier of an AVC entry*@seqno : sequence number when decision was made*@xpd: extended_perms_decision to be added to the node

Proto:static int avc_update_node(struct selinux_avc *avc, unsigned int event, unsigned int perms, u8 driver, u8 xperm, unsigned int ssid, unsigned int tsid, u16 tclass, unsigned int seqno, struct extended_perms_decision *xpd, unsigned int flags)

Type:int

Parameter:

Type	Parameter	Name
struct selinux_avc *	avc
unsigned int	event
unsigned int	perms
u8	driver
u8	xperm
unsigned int	ssid
unsigned int	tsid
u16	tclass
unsigned int	seqno
struct extended_perms_decision *	xpd
unsigned int	flags

834

rc = 0

836

struct avc_node * pos, * node, * orig = NULL

852

If flags & blocking Then Return 0

855

node = avc_alloc_node(avc)

856

If Not node Then

857

rc = -ENOMEM

858

Go to out

862

hvalue = avc_hash(ssid, tsid, tclass)

864

head = head for avc_node->list [hvalue]

865

lock = lock for writes [hvalue]

867

spin_lock_irqsave(lock, flag)

870

If ssid == ssid && tsid == tsid && tclass == tclass && seqno == seqno Then

874

orig = pos

875

Break

879

If Not orig Then

880

rc = -ENOENT

881

avc_node_kill(avc, node)

882

Go to out_unlock

889

avc_node_populate(node, ssid, tsid, tclass, & avd)

891

If xp_node Then

892

rc = avc_xperms_populate(node, xp_node)

893

If rc Then

894

avc_node_kill(avc, node)

895

Go to out_unlock

900

Case event == AVC_CALLBACK_GRANT

901

allowed |= perms

902

If xp_node && flags & update extended permissions Then avc_xperms_allow_perm(xp_node, driver, xperm)

904

Break

905

Case event == AVC_CALLBACK_TRY_REVOKE

906

Case event == AVC_CALLBACK_REVOKE

907

allowed &= ~perms

908

Break

909

Case event == AVC_CALLBACK_AUDITALLOW_ENABLE

910

auditallow |= perms

911

Break

912

Case event == AVC_CALLBACK_AUDITALLOW_DISABLE

913

auditallow &= ~perms

914

Break

915

Case event == AVC_CALLBACK_AUDITDENY_ENABLE

916

auditdeny |= perms

917

Break

918

Case event == AVC_CALLBACK_AUDITDENY_DISABLE

919

auditdeny &= ~perms

920

Break

921

Case event == AVC_CALLBACK_ADD_XPERMS

922

avc_add_xperms_decision(node, xpd)

923

Break

925

avc_node_replace(avc, node, orig)

926

out_unlock :

927

spin_unlock_irqrestore(lock, flag)

928

out :

929

Return rc

**Caller**
Name	Describe
avc_denied
avc_has_extended_perms	The avc extended permissions logic adds an additional 256 bits of* permissions to an avc node when extended permissions for that node are* specified in the avtab

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report