Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\domain.c Create Date:2022-07-28 19:51:36
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:x_to_label - get target label for a given xindex*@profile: current profile (NOT NULL)*@bprm: binprm structure of transitioning task*@name: name to lookup (NOT NULL)*@xindex: index into x transition table*@lookupname: returns: name used in lookup if one

Proto:static struct aa_label *x_to_label(struct aa_profile *profile, const struct linux_binprm *bprm, const char *name, unsigned int xindex, const char **lookupname, const char **info)

Type:struct aa_label

Parameter:

TypeParameterName
struct aa_profile *profile
const struct linux_binprm *bprm
const char *name
unsigned intxindex
const char **lookupname
const char **info
556  struct aa_label * new = NULL
557  ns = ns
558  xtype = xindex & AA_X_TYPE_MASK
559  const char * stack = NULL
562  Case xtype == AA_X_NONE
564  * lookupname = NULL
565  Break
566  Case xtype == use a specified name ->n#
568  stack = table[xindex & The xindex is broken into 3 parts* - index - an index into either the exec name table or the variable table* - exec type - which determines how the executable name and index are used* - flags - which modify how the destination name is applied]
569  If stack != '&' Then
571  new = x_table_lookup - lookup an x transition name via transition table*@profile: current profile (NOT NULL)*@xindex: index into x transition table*@name: returns: name tested to find label (NOT NULL)* Returns: refcounted label, or NULL on failure (MAYBE NULL)
572  stack = NULL
573  Break
576  Case xtype == use executable name px
577  If xindex & make >AA_X_NONE apply to children Then new = d_attach - do attachment search for unconfined processes*@bprm - binprm structure of transitioning task*@ns: the current namespace (NOT NULL)*@head - profile list to walk (NOT NULL)*@name - to match against (NOT NULL)*@info - info message if there was an
581  Else new = d_attach - do attachment search for unconfined processes*@bprm - binprm structure of transitioning task*@ns: the current namespace (NOT NULL)*@head - profile list to walk (NOT NULL)*@name - to match against (NOT NULL)*@info - info message if there was an
585  lookupname = name
586  Break
589  If Not new Then
590  If xindex & AA_X_INHERIT Then
594  info = "ix fallback"
596  new = aa_get_newest_label - find the newest version of @l*@l: the label to check for newer versions of* Returns: refcounted newest version of @l taking into account* replacement, renames and removals* return @l.
597  Else if xindex & AA_X_UNCONFINED Then
598  new = aa_get_newest_label - find the newest version of @l*@l: the label to check for newer versions of* Returns: refcounted newest version of @l taking into account* replacement, renames and removals* return @l.
599  info = "ux fallback"
603  If new && stack Then
605  base = new
607  new = aa_label_parse(base, stack, GFP_KERNEL, true, false)
608  If IS_ERR(new) Then new = NULL
610  aa_put_label(base)
614  Return new
Caller
NameDescribe
profile_transition