函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\audit_watch.c Create Date:2022-07-27 12:32:45
Last Modify:2020-03-17 17:15:07 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:audit_exe_compare

函数原型:int audit_exe_compare(struct task_struct *tsk, struct audit_fsnotify_mark *mark)

返回类型:int

参数:

类型参数名称
struct task_struct *tsk
struct audit_fsnotify_mark *mark
547  exe_file等于get_task_exe_file - acquire a reference to the task's executable file* Returns %NULL if task's mm (if any) has no associated executable file or* this is a kernel thread with borrowed mm (see the comment above get_task_mm).
548  如果非exe_file则返回:0
550  ino等于Stat data, not accessed from path walking
551  dev等于s_dev
552  fput(exe_file)
553  返回:audit_mark_compare(mark, ino, dev)
调用者
名称描述
audit_filter
audit_filter_rulesCompare a task_struct with an audit_rule. Return 1 on match, 0* otherwise.* If task_creation is true, this is an explicit indication that we are* filtering a task rule at task creation time. This and tsk == current are