函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\xfrm.c Create Date:2022-07-27 20:46:05
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Allocates a xfrm_sec_state and populates it using the supplied security* xfrm_user_sec_ctx context.

函数原型:static int selinux_xfrm_alloc_user(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *uctx, gfp_t gfp)

返回类型:int

参数:

类型参数名称
struct xfrm_sec_ctx **ctxp
struct xfrm_user_sec_ctx *uctx
gfp_tgfp
79  tsec等于selinux_cred(current_cred - Access the current task's subjective credentials* Access the subjective credentials of the current task. RCU-safe,* since nobody else can modify it.())
80  struct xfrm_sec_ctx * ctx = NULL
83  如果ctxp恒等于NULLuctx恒等于NULLctx_doi不等于XFRM_SC_DOI_LSMLSMs: e.g., selinux == 1 不等于XFRM_SC_ALG_SELINUX则返回:负EINVAL
88  str_len等于ctx_len
89  如果str_len大于等于PAGE_SIZE则返回:负ENOMEM
92  ctx等于开辟内存
93  如果非ctx则返回:负ENOMEM
96  ctx_doi等于XFRM_SC_DOI_LSM
97  ctx_alg等于XFRM_SC_ALG_SELINUX
98  ctx_len等于str_len
99  memcpy(ctx_str, & uctx[1], str_len)
100  ctx_str[str_len]等于'\0'
101  rc等于security_context_to_sid( & selinux_state, ctx_str, str_len, & ctx_sid, gfp)
103  如果rc则转到:err
106  rc等于avc_has_perm - Check permissions and perform any appropriate auditing
109  如果rc则转到:err
112  ctxp等于ctx
113  atomic_inc( & Labeled XFRM instance counter )
114  返回:0
116  err :
117  释放内存
118  返回:rc
调用者
名称描述
selinux_xfrm_policy_allocLSM hook implementation that allocs and transfers uctx spec to xfrm_policy.
selinux_xfrm_state_allocLSM hook implementation that allocates a xfrm_sec_state, populates it using* the supplied security context, and assigns it to the xfrm_state.