函数逻辑报告 |
Source Code:kernel\auditfilter.c |
Create Date:2022-07-27 12:28:35 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| 首页 | 函数Tree |
| 注解内核,赢得工具 | 下载SCCT | English |
函数名称:audit_comparator
函数原型:int audit_comparator(unsigned int left, unsigned int op, unsigned int right)
返回类型:int
参数:
| 类型 | 参数 | 名称 |
|---|---|---|
| unsigned int | left | |
| unsigned int | op | |
| unsigned int | right |
| 1200 | 当:op恒等于Audit_equal |
| 1202 | 当:op恒等于Audit_not_equal |
| 1212 | 当:op恒等于Audit_bitmask |
| 1214 | 当:op恒等于Audit_bittest |
| 1216 | 默认 |
| 1217 | 返回:0 |
| 名称 | 描述 |
|---|---|
| audit_filter | |
| audit_filter_rules | Compare a task_struct with an audit_rule. Return 1 on match, 0* otherwise.* If task_creation is true, this is an explicit indication that we are* filtering a task rule at task creation time. This and tsk == current are |
| __audit_inode | __audit_inode - store the inode and device from a lookup*@name: name being audited*@dentry: dentry being audited*@flags: attributes for this particular entry |
| __audit_inode_child | __audit_inode_child - collect inode info for created/removed objects*@parent: inode of dentry parent*@dentry: dentry being audited*@type: AUDIT_TYPE_* value that we're looking for* For syscalls that create or remove filesystem objects, audit_inode |
| 源代码转换工具 开放的插件接口 | X |
|---|---|
| 支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |