Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\domain.c Create Date:2022-07-28 19:51:35
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:aa_xattrs_match - check whether a file matches the xattrs defined in profile*@bprm: binprm struct for the process to validate*@profile: profile to match against (NOT NULL)*@state: state to start match in* Returns: number of extended attributes that

Proto:static int aa_xattrs_match(const struct linux_binprm *bprm, struct aa_profile *profile, unsigned int state)

Type:int

Parameter:

TypeParameterName
const struct linux_binprm *bprm
struct aa_profile *profile
unsigned intstate
315  char * value = NULL
316  value_size = 0 , ret = xattr_count
318  If Not bprm || Not xattr_count Then Return 0
320  might_sleep()
323  state = aa_dfa_null_transition - step to next state after null character*@dfa: the dfa to match against*@start: the state of the dfa to start matching in* aa_dfa_null_transition transitions to the next state after a null* character which is not used in standard
325  d = dentry
327  When i < xattr_count cycle
328  size = vfs_getxattr_alloc(d, xattrs[i], & value, value_size, GFP_KERNEL)
330  If size >= 0 Then
334  state = aa_dfa_match_len - traverse @dfa to find state @str stops at*@dfa: the dfa to match @str against (NOT NULL)*@start: the state of the dfa to start matching in*@str: the string of bytes to match against the dfa (NOT NULL)*@len: length of the string of bytes
336  perm = map old dfa inline permissions to new format(xmatch, state)
337  If Not (perm & MAY_EXEC) Then
338  ret = -EINVAL
339  Go to out
343  state = aa_dfa_null_transition - step to next state after null character*@dfa: the dfa to match against*@start: the state of the dfa to start matching in* aa_dfa_null_transition transitions to the next state after a null* character which is not used in standard
344  If size < 0 Then
350  If Not state Then
351  ret = -EINVAL
352  Go to out
355  ret--
359  out :
360  kfree(value)
361  Return ret
Caller
NameDescribe
find_attachd_attach - do attachment search for unconfined processes*@bprm - binprm structure of transitioning task*@ns: the current namespace (NOT NULL)*@head - profile list to walk (NOT NULL)*@name - to match against (NOT NULL)*@info - info message if there was an
profile_transition