Function report |
Source Code:security\apparmor\domain.c |
Create Date:2022-07-28 19:51:37 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
home page | Tree |
Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:profile_onexec
Proto:static int profile_onexec(struct aa_profile *profile, struct aa_label *onexec, bool stack, const struct linux_binprm *bprm, char *buffer, struct path_cond *cond, bool *secure_exec)
Type:int
Parameter:
Type | Parameter | Name |
---|---|---|
struct aa_profile * | profile | |
struct aa_label * | onexec | |
bool | stack | |
const struct linux_binprm * | bprm | |
char * | buffer | |
struct path_cond * | cond | |
bool * | secure_exec |
747 | If profile_unconfined(profile) Then |
754 | Return 0 |
759 | If error Then |
760 | If profile_unconfined(profile) || flags & fallback to ix on name lookup fail Then |
766 | Go to audit |
771 | If Not (allow & her stack or change_profile ) Then |
782 | If error Then |
783 | allow &= ~her stack or change_profile |
784 | Go to audit |
787 | If Not ( Reserved: * u32 subtree; / * set only when allow is set * / & AA_X_UNSAFE) Then |
789 | dbg_printk("apparmor: scrubbing environment variables for %s label=", xname) |
791 | aa_label_printk(onexec, GFP_KERNEL) |
792 | dbg_printk("\n") |
794 | * secure_exec = true |
797 | audit : |
Name | Describe |
---|---|
handle_onexec | sure none ns domain transitions are correctly applied with onexec |
Source code conversion tool public plug-in interface | X |
---|---|
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |