Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\netlabel.c Create Date:2022-07-28 19:17:47
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:selinux_netlbl_sock_rcv_skb - Do an inbound access check using NetLabel*@sksec: the sock's sk_security_struct*@skb: the packet*@family: protocol family*@ad: the audit data* Description:* Fetch the NetLabel security attributes from @skb and perform an

Proto:int selinux_netlbl_sock_rcv_skb(struct sk_security_struct *sksec, struct sk_buff *skb, u16 family, struct common_audit_data *ad)

Type:int

Parameter:

TypeParameterName
struct sk_security_struct *sksec
struct sk_buff *skb
u16family
struct common_audit_data *ad
438  If Not LSM protocol operations (NetLabel LSM/kernel API) Then Return 0
441  lbl_secattr_init - Initialize a netlbl_lsm_secattr struct*@secattr: the struct to initialize* Description:* Initialize an already allocated netlbl_lsm_secattr struct.
442  rc = netlbl_skbuff_getattr(skb, family, & secattr)
443  If rc == 0 && flags != map values for 'flags' Then rc = selinux_netlbl_sidlookup_cached - Cache a SID lookup*@skb: the packet*@secattr: the NetLabel security attributes*@sid: the SID* Description:* Query the SELinux security server to lookup the correct SID for the given* security attributes
446  Else nlbl_sid = SECINITSID_UNLABELED
448  lbl_secattr_destroy - Clears a netlbl_lsm_secattr struct*@secattr: the struct to clear* Description:* Destroys the @secattr struct, including freeing all of the internal buffers.* The struct must be reset with a call to netlbl_secattr_init() before reuse.
449  If rc != 0 Then Return rc
453  Case sock security class == SECCLASS_UDP_SOCKET
454  perm = UDP_SOCKET__RECVFROM
455  Break
456  Case sock security class == SECCLASS_TCP_SOCKET
457  perm = TCP_SOCKET__RECVFROM
458  Break
459  Default
460  perm = RAWIP_SOCKET__RECVFROM
463  rc = avc_has_perm - Check permissions and perform any appropriate auditing
465  If rc == 0 Then Return 0
468  If nlbl_sid != SECINITSID_UNLABELED Then netlbl_skbuff_err(skb, family, rc, 0)
470  Return rc
Caller
NameDescribe
selinux_sock_rcv_skb_compat