Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\tomoyo\domain.c Create Date:2022-07-28 19:39:36
Last Modify:2022-05-23 20:14:46 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:moyo_check_acl - Do permission check.*@r: Pointer to "struct tomoyo_request_info".*@check_entry: Callback function to check type specific parameters.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().

Proto:void tomoyo_check_acl(struct tomoyo_request_info *r, bool (*check_entry)(struct tomoyo_request_info *, const struct tomoyo_acl_info *))

Type:void

Parameter:

TypeParameterName
struct tomoyo_request_info *r
bool (*check_entry
165  domain = domain
167  list = acl_info_list
168  i = 0
170  retry :
173  If true or false or TOMOYO_GC_IN_PROGRESS || One of values in "enum tomoyo_acl_entry_type_index". != param_type Then Continue
175  If Not check_entry(r, ptr) Then Continue
177  If Not moyo_condition - Check condition part.*@r: Pointer to "struct tomoyo_request_info".*@cond: Pointer to "struct tomoyo_condition". Maybe NULL.* Returns true on success, false otherwise.* Caller holds tomoyo_read_lock(). Then Continue
179  matched_acl = ptr
180  granted = true
181  Return
183  When i < Group number is an integer between 0 and 255. cycle
184  If Not st_bit - Determine whether a bit is set*@nr: bit number to test*@addr: Address to start counting from Then Continue
186  list = The global ACL referred by "use_group" keyword. [i++]
187  Go to retry
189  granted = false
Caller
NameDescribe
tomoyo_env_permmoyo_env_perm - Check permission for environment variable's name.*@r: Pointer to "struct tomoyo_request_info".*@env: The name of environment variable.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().
tomoyo_path_permissionmoyo_path_permission - Check permission for single path operation.*@r: Pointer to "struct tomoyo_request_info".*@operation: Type of operation.*@filename: Filename to check.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().
tomoyo_execute_permissionmoyo_execute_permission - Check permission for execute operation.*@r: Pointer to "struct tomoyo_request_info".*@filename: Filename to check.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().
tomoyo_path_number_permmoyo_path_number_perm - Check permission for "create", "mkdir", "mkfifo", "mksock", "ioctl", "chmod", "chown", "chgrp".*@type: Type of operation.*@path: Pointer to "struct path".*@number: Number.* Returns 0 on success, negative value otherwise.
tomoyo_mkdev_permmoyo_mkdev_perm - Check permission for "mkblock" and "mkchar".*@operation: Type of operation. (TOMOYO_TYPE_MKCHAR or TOMOYO_TYPE_MKBLOCK)*@path: Pointer to "struct path".*@mode: Create mode.*@dev: Device number.
tomoyo_path2_permmoyo_path2_perm - Check permission for "rename", "link" and "pivot_root".*@operation: Type of operation.*@path1: Pointer to "struct path".*@path2: Pointer to "struct path".* Returns 0 on success, negative value otherwise.
tomoyo_mount_aclmoyo_mount_acl - Check permission for mount() operation.*@r: Pointer to "struct tomoyo_request_info".*@dev_name: Name of device file. Maybe NULL.*@dir: Pointer to "struct path".*@type: Name of filesystem type.*@flags: Mount options.
tomoyo_inet_entrymoyo_inet_entry - Check permission for INET network operation.*@address: Pointer to "struct tomoyo_addr_info".* Returns 0 on success, negative value otherwise.
tomoyo_unix_entrymoyo_unix_entry - Check permission for UNIX network operation.*@address: Pointer to "struct tomoyo_addr_info".* Returns 0 on success, negative value otherwise.
tomoyo_write_selfmoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface