函数逻辑报告 |
Source Code:kernel\auditfilter.c |
Create Date:2022-07-27 12:28:09 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
首页 | 函数Tree |
注解内核,赢得工具 | 下载SCCT | English |
函数名称:Compare two rules in kernel format. Considered success if rules* don't match.
函数原型:static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
返回类型:int
参数:
类型 | 参数 | 名称 |
---|---|---|
struct audit_krule * | a | |
struct audit_krule * | b |
700 | 如果flags不等于flags或pflags不等于pflags或listnr不等于listnr或action不等于action或field_count不等于field_count则返回:1 |
707 | 以i小于field_count循环 |
713 | 当:type恒等于security label user |
714 | 当:type恒等于security label role |
715 | 当:type恒等于security label type |
718 | 当:type恒等于AUDIT_OBJ_USER |
719 | 当:type恒等于AUDIT_OBJ_ROLE |
720 | 当:type恒等于AUDIT_OBJ_TYPE |
721 | 当:type恒等于AUDIT_OBJ_LEV_LOW |
722 | 当:type恒等于AUDIT_OBJ_LEV_HIGH |
726 | 当:type恒等于AUDIT_WATCH |
736 | 当:type恒等于AUDIT_FILTERKEY |
748 | 当:type恒等于AUDIT_EUID |
749 | 当:type恒等于AUDIT_SUID |
750 | 当:type恒等于AUDIT_FSUID |
751 | 当:type恒等于AUDIT_LOGINUID |
752 | 当:type恒等于AUDIT_OBJ_UID |
757 | 当:type恒等于AUDIT_EGID |
758 | 当:type恒等于AUDIT_SGID |
759 | 当:type恒等于AUDIT_FSGID |
760 | 当:type恒等于AUDIT_OBJ_GID |
764 | 默认 |
772 | 返回:1 |
774 | 返回:0 |
名称 | 描述 |
---|---|
audit_find_rule | Find an existing audit rule.* Caller must hold audit_filter_mutex to prevent stale rule data. |
源代码转换工具 开放的插件接口 | X |
---|---|
支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |