Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\tomoyo\condition.c Create Date:2022-07-28 19:39:09
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:moyo_condition - Check condition part.*@r: Pointer to "struct tomoyo_request_info".*@cond: Pointer to "struct tomoyo_condition". Maybe NULL.* Returns true on success, false otherwise.* Caller holds tomoyo_read_lock().

Proto:bool tomoyo_condition(struct tomoyo_request_info *r, const struct tomoyo_condition *cond)

Type:bool

Parameter:

TypeParameterName
struct tomoyo_request_info *r
const struct tomoyo_condition *cond
769  unsigned long min_v[2] = {0, 0}
770  unsigned long max_v[2] = {0, 0}
780  struct linux_binprm * bprm = NULL
782  If Not cond Then Return true
784  condc = Number of conditions in this struct.
785  argc = Number of "struct tomoyo_argv".
786  envc = Number of "struct tomoyo_envp".
787  obj = For holding parameters specific to operations which deal files.* NULL if not dealing files.
788  If For holding parameters specific to execve() request.* NULL if not dealing do_execve(). Then bprm = bprm
790  If Not bprm && (argc || envc) Then Return false
792  condp = cond + 1
793  numbers_p = condp + condc
794  names_p = numbers_p + Number of "struct tomoyo_number_union values".
796  argv * moyo_argv - Check argv[] in "struct linux_binbrm".*@index: Index number of @arg_ptr.*@arg_ptr: Contents of argv[@index].*@argc: Length of @argv.*@argv: Pointer to "struct tomoyo_argv".*@checked: Set to true if @argv[@index] was found. = names_p + Number of "struct tomoyo_name_union names".
797  envp * moyo_envp - Check envp[] in "struct linux_binbrm".*@env_name: The name of environment variable.*@env_value: The value of environment variable.*@envc: Length of @envp.*@envp: Pointer to "struct tomoyo_envp". = argv + argc
798  When i < condc cycle
799  match = Equation operator. True if equals or overlaps, false otherwise.
800  left = Left hand operand. A "struct tomoyo_argv" for TOMOYO_ARGV_ENTRY, a* "struct tomoyo_envp" for TOMOYO_ENVP_ENTRY is attached to the tail* of the array of this struct.
801  right = Right hand operand. A "struct tomoyo_number_union" for* TOMOYO_NUMBER_UNION, a "struct tomoyo_name_union" for* TOMOYO_NAME_UNION is attached to the tail of the array of this* struct.
802  bool is_bitop[2] = {TSC's on different sockets may be reset asynchronously.* This may cause the TSC ADJUST value on socket 0 to be NOT 0., TSC's on different sockets may be reset asynchronously.* This may cause the TSC ADJUST value on socket 0 to be NOT 0.}
805  condp++
807  If left == TOMOYO_ARGV_ENTRY || left == TOMOYO_ENVP_ENTRY Then Continue
810  If right == TOMOYO_NAME_UNION Then
811  ptr = names_p++
817  Case left == TOMOYO_SYMLINK_TARGET
824  Case left == TOMOYO_EXEC_REALPATH
832  Continue
835  When j < 2 cycle
836  index = If j Then right Else left
837  value = 0
840  Case index == current_uid()
843  Case index == current_euid()
846  Case index == current_suid()
849  Case index == current_fsuid()
852  Case index == current_gid()
855  Case index == current_egid()
858  Case index == current_sgid()
861  Case index == current_fsgid()
864  Case index == sys_getpid()
867  Case index == sys_getppid()
870  Case index == S_IFSOCK
871  value = S_IFSOCK
872  Break
873  Case index == S_IFLNK
874  value = S_IFLNK
875  Break
876  Case index == S_IFREG
877  value = S_IFREG
878  Break
879  Case index == S_IFBLK
880  value = S_IFBLK
881  Break
882  Case index == S_IFDIR
883  value = S_IFDIR
884  Break
885  Case index == S_IFCHR
886  value = S_IFCHR
887  Break
888  Case index == S_IFIFO
889  value = S_IFIFO
890  Break
891  Case index == S_ISUID
892  value = S_ISUID
893  Break
894  Case index == S_ISGID
895  value = S_ISGID
896  Break
897  Case index == S_ISVTX
898  value = S_ISVTX
899  Break
900  Case index == S_IRUSR
901  value = 0400
902  Break
903  Case index == S_IWUSR
904  value = 0200
905  Break
906  Case index == S_IXUSR
907  value = 0100
908  Break
909  Case index == S_IRGRP
910  value = 0040
911  Break
912  Case index == S_IWGRP
913  value = 0020
914  Break
915  Case index == S_IXGRP
916  value = 0010
917  Break
918  Case index == S_IROTH
919  value = 0004
920  Break
921  Case index == S_IWOTH
922  value = 0002
923  Break
924  Case index == S_IXOTH
925  value = 0001
926  Break
927  Case index == "struct linux_binprm *"->argc
928  If Not bprm Then Go to out
930  value = argc
931  Break
932  Case index == "struct linux_binprm *"->envc
933  If Not bprm Then Go to out
935  value = envc
936  Break
937  Case index == TOMOYO_NUMBER_UNION
939  Break
940  Default
941  If Not obj Then Go to out
943  If Not * True if tomoyo_get_attributes() was already called, false otherwise. Then
944  moyo_get_attributes - Revalidate "struct inode".*@obj: Pointer to "struct tomoyo_obj_info".* Returns nothing.
945  * True if tomoyo_get_attributes() was already called, false otherwise. = true
952  Case index == TOMOYO_PATH1_UID
953  Case index == TOMOYO_PATH1_GID
954  Case index == TOMOYO_PATH1_INO
955  Case index == TOMOYO_PATH1_MAJOR
956  Case index == TOMOYO_PATH1_MINOR
957  Case index == TOMOYO_PATH1_TYPE
958  Case index == TOMOYO_PATH1_DEV_MAJOR
959  Case index == TOMOYO_PATH1_DEV_MINOR
960  Case index == TOMOYO_PATH1_PERM
961  stat_index = TOMOYO_PATH1
962  Break
963  Case index == TOMOYO_PATH2_UID
964  Case index == TOMOYO_PATH2_GID
965  Case index == TOMOYO_PATH2_INO
966  Case index == TOMOYO_PATH2_MAJOR
967  Case index == TOMOYO_PATH2_MINOR
968  Case index == TOMOYO_PATH2_TYPE
969  Case index == TOMOYO_PATH2_DEV_MAJOR
970  Case index == TOMOYO_PATH2_DEV_MINOR
971  Case index == TOMOYO_PATH2_PERM
972  stat_index = TOMOYO_PATH2
973  Break
974  Case index == TOMOYO_PATH1_PARENT_UID
975  Case index == TOMOYO_PATH1_PARENT_GID
976  Case index == TOMOYO_PATH1_PARENT_INO
977  Case index == TOMOYO_PATH1_PARENT_PERM
978  stat_index = TOMOYO_PATH1_PARENT
980  Break
981  Case index == TOMOYO_PATH2_PARENT_UID
982  Case index == TOMOYO_PATH2_PARENT_GID
983  Case index == TOMOYO_PATH2_PARENT_INO
984  Case index == TOMOYO_PATH2_PARENT_PERM
985  stat_index = TOMOYO_PATH2_PARENT
987  Break
988  Default
989  Go to out
991  If Not True if @stat[] is valid. [stat_index] Then Go to out
993  stat = * Information on @path1, @path1's parent directory, @path2, @path2's * parent directory.[stat_index]
995  Case index == TOMOYO_PATH1_UID
996  Case index == TOMOYO_PATH2_UID
997  Case index == TOMOYO_PATH1_PARENT_UID
998  Case index == TOMOYO_PATH2_PARENT_UID
1001  Case index == TOMOYO_PATH1_GID
1002  Case index == TOMOYO_PATH2_GID
1003  Case index == TOMOYO_PATH1_PARENT_GID
1004  Case index == TOMOYO_PATH2_PARENT_GID
1007  Case index == TOMOYO_PATH1_INO
1008  Case index == TOMOYO_PATH2_INO
1009  Case index == TOMOYO_PATH1_PARENT_INO
1010  Case index == TOMOYO_PATH2_PARENT_INO
1011  value = ino
1012  Break
1013  Case index == TOMOYO_PATH1_MAJOR
1014  Case index == TOMOYO_PATH2_MAJOR
1015  value = MAJOR(dev)
1016  Break
1017  Case index == TOMOYO_PATH1_MINOR
1018  Case index == TOMOYO_PATH2_MINOR
1019  value = MINOR(dev)
1020  Break
1021  Case index == TOMOYO_PATH1_TYPE
1022  Case index == TOMOYO_PATH2_TYPE
1023  value = mode & S_IFMT
1024  Break
1025  Case index == TOMOYO_PATH1_DEV_MAJOR
1026  Case index == TOMOYO_PATH2_DEV_MAJOR
1027  value = MAJOR(rdev)
1028  Break
1029  Case index == TOMOYO_PATH1_DEV_MINOR
1030  Case index == TOMOYO_PATH2_DEV_MINOR
1031  value = MINOR(rdev)
1032  Break
1033  Case index == TOMOYO_PATH1_PERM
1034  Case index == TOMOYO_PATH2_PERM
1035  Case index == TOMOYO_PATH1_PARENT_PERM
1036  Case index == TOMOYO_PATH2_PARENT_PERM
1037  value = mode & S_IALLUGO
1038  Break
1041  Break
1043  max_v[j] = value
1044  min_v[j] = value
1046  Case index == S_ISUID
1047  Case index == S_ISGID
1048  Case index == S_ISVTX
1049  Case index == S_IRUSR
1050  Case index == S_IWUSR
1051  Case index == S_IXUSR
1052  Case index == S_IRGRP
1053  Case index == S_IWGRP
1054  Case index == S_IXGRP
1055  Case index == S_IROTH
1056  Case index == S_IWOTH
1057  Case index == S_IXOTH
1058  is_bitop[j] = true
1061  If left == TOMOYO_NUMBER_UNION Then
1063  ptr = numbers_p++
1065  min_v[0] = values[0]
1066  max_v[0] = values[1]
1068  If right == TOMOYO_NUMBER_UNION Then
1070  ptr = numbers_p++
1072  If Maybe NULL. Then
1073  If tomoyo_number_matches_group(min_v[0], max_v[0], Maybe NULL. ) == match Then Continue
1078  Else
1079  If ( min_v[0] <= values[1] && max_v[0] >= values[0] ) == match Then Continue
1083  Go to out
1089  If is_bitop[0] && is_bitop[1] Then
1090  Go to out
1091  Else if is_bitop[0] Then
1093  Case right == TOMOYO_PATH1_PERM
1094  Case right == TOMOYO_PATH1_PARENT_PERM
1095  Case right == TOMOYO_PATH2_PERM
1096  Case right == TOMOYO_PATH2_PARENT_PERM
1097  If Not (max_v[0] & max_v[1]) == Not match Then Continue
1100  Go to out
1101  Else if is_bitop[1] Then
1103  Case left == TOMOYO_PATH1_PERM
1104  Case left == TOMOYO_PATH1_PARENT_PERM
1105  Case left == TOMOYO_PATH2_PERM
1106  Case left == TOMOYO_PATH2_PARENT_PERM
1107  If Not (max_v[0] & max_v[1]) == Not match Then Continue
1110  Go to out
1113  If ( min_v[0] <= max_v[1] && max_v[0] >= min_v[1] ) == match Then Continue
1115  out :
1116  Return false
1119  If For holding parameters specific to execve() request.* NULL if not dealing do_execve(). && (argc || envc) Then Return moyo_scan_bprm - Scan "struct linux_binprm".*@ee: Pointer to "struct tomoyo_execve".*@argc: Length of @argc.*@argv: Pointer to "struct tomoyo_argv".*@envc: Length of @envp.*@envp: Poiner to "struct tomoyo_envp".* Returns true on success, false otherwise.
1121  Return true
Caller
NameDescribe
tomoyo_check_aclmoyo_check_acl - Do permission check.*@r: Pointer to "struct tomoyo_request_info".*@check_entry: Callback function to check type specific parameters.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().