Function report |
Source Code:kernel\auditfilter.c |
Create Date:2022-07-28 11:25:27 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:audit_comparator
Proto:int audit_comparator(unsigned int left, unsigned int op, unsigned int right)
Type:int
Parameter:
| Type | Parameter | Name |
|---|---|---|
| unsigned int | left | |
| unsigned int | op | |
| unsigned int | right |
| 1200 | Case op == Audit_equal |
| 1202 | Case op == Audit_not_equal |
| 1212 | Case op == Audit_bitmask |
| 1214 | Case op == Audit_bittest |
| 1216 | Default |
| 1217 | Return 0 |
| Name | Describe |
|---|---|
| audit_filter | |
| audit_filter_rules | Compare a task_struct with an audit_rule. Return 1 on match, 0* otherwise.* If task_creation is true, this is an explicit indication that we are* filtering a task rule at task creation time. This and tsk == current are |
| __audit_inode | __audit_inode - store the inode and device from a lookup*@name: name being audited*@dentry: dentry being audited*@flags: attributes for this particular entry |
| __audit_inode_child | __audit_inode_child - collect inode info for created/removed objects*@parent: inode of dentry parent*@dentry: dentry being audited*@type: AUDIT_TYPE_* value that we're looking for* For syscalls that create or remove filesystem objects, audit_inode |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |