slow_avc_audit

函数名称：This is the slow part of avc audit with big stack footprint

函数原型：noinline int slow_avc_audit(struct selinux_state *state, unsigned int ssid, unsigned int tsid, u16 tclass, unsigned int requested, unsigned int audited, unsigned int denied, int result, struct common_audit_data *a)

返回类型：int

参数：

类型	参数	名称
struct selinux_state *	state
unsigned int	ssid
unsigned int	tsid
u16	tclass
unsigned int	requested
unsigned int	audited
unsigned int	denied
int	result
struct common_audit_data *	a

763

如果WARN_ON(!tclass || tclass >= ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(Note: The name for any socket class should be suffixed by "socket",* and doesn't contain more than one substr of "socket".))则返回:负EINVAL

766

如果非a则

767

a等于stack_data

768

type等于LSM_AUDIT_DATA_NONE

771

tclass等于tclass

772

requested等于requested

773

ssid等于ssid

774

tsid等于tsid

775

audited等于audited

776

denied等于denied

777

result等于result

778

state等于state

780

selinux_audit_data等于sad

782

common_lsm_audit(a, avc_audit_pre_callback - SELinux specific information* will be called by generic audit code*@ab: the audit buffer*@a: audit_data, avc_audit_post_callback - SELinux specific information* will be called by generic audit code*@ab: the audit buffer*@a: audit_data)

783

返回:0

**调用者**
名称	描述
avc_xperms_audit
audit_inode_permission

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码