函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\auditfilter.c Create Date:2022-07-27 12:28:35
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:audit_comparator

函数原型:int audit_comparator(unsigned int left, unsigned int op, unsigned int right)

返回类型:int

参数:

类型参数名称
unsigned intleft
unsigned intop
unsigned intright
1200  :op恒等于Audit_equal
1201  返回:left恒等于right
1202  :op恒等于Audit_not_equal
1203  返回:left不等于right
1204  :op恒等于Audit_lt
1205  返回:left小于right
1206  :op恒等于Audit_le
1207  返回:left小于等于right
1208  :op恒等于Audit_gt
1209  返回:left大于right
1210  :op恒等于Audit_ge
1211  返回:left大于等于right
1212  :op恒等于Audit_bitmask
1213  返回:left按位与right
1214  :op恒等于Audit_bittest
1215  返回:left按位与right的值恒等于right
1216  默认
1217  返回:0
调用者
名称描述
audit_filter
audit_filter_rulesCompare a task_struct with an audit_rule. Return 1 on match, 0* otherwise.* If task_creation is true, this is an explicit indication that we are* filtering a task rule at task creation time. This and tsk == current are
__audit_inode__audit_inode - store the inode and device from a lookup*@name: name being audited*@dentry: dentry being audited*@flags: attributes for this particular entry
__audit_inode_child__audit_inode_child - collect inode info for created/removed objects*@parent: inode of dentry parent*@dentry: dentry being audited*@type: AUDIT_TYPE_* value that we're looking for* For syscalls that create or remove filesystem objects, audit_inode