__file_path

Name:__file_path_perm

Proto:static int __file_path_perm(const char *op, struct aa_label *label, struct aa_label *flabel, struct file *file, unsigned int request, unsigned int denied, bool in_atomic)

Type:int

Parameter:

Type	Parameter	Name
const char *	op
struct aa_label *	label
struct aa_label *	flabel
struct file *	file
unsigned int	request
unsigned int	denied
bool	in_atomic

521

struct aa_perms perms = {}

522

struct path_cond cond = {uid = i_uid, mode = i_mode}

530

If Not denied && aa_label_is_subset(flabel, label) Then Return 0

534

flags = delegate deleted files | If S_ISDIR(mode) Then path is a directory Else 0

535

buffer = aa_get_buffer(in_atomic)

536

If Not buffer Then Return -ENOMEM

540

error = fn_for_each_not_in_set(flabel, label, profile, profile_path_perm(op, profile, & f_path, buffer, request, & cond, flags, & perms))

543

If denied && Not error Then

552

If label == flabel Then error = fn_for_each(label, profile, profile_path_perm(op, profile, & f_path, buffer, request, & cond, flags, & perms))

557

Else error = fn_for_each_not_in_set(label, flabel, profile, profile_path_perm(op, profile, & f_path, buffer, request, & cond, flags, & perms))

563

If Not error Then update_file_ctx(file_ctx(file), label, request)

566

aa_put_buffer(buffer)

568

Return error

**Caller**
Name	Describe
aa_file_perm	aa_file_perm - do permission revalidation check & audit for @file@op: operation being checked@label: label being enforced (NOT NULL)@file: file to revalidate access permissions on (NOT NULL)@request: requested permissions*@in_atomic: whether

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report