函数逻辑报告 |
Source Code:security\apparmor\lib.c |
Create Date:2022-07-27 21:28:07 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
首页 | 函数Tree |
注解内核,赢得工具 | 下载SCCT | English |
函数名称:aa_check_perms - do audit mode selection based on perms set*@profile: profile being checked*@perms: perms computed for the request*@request: requested perms*@deny: Returns: explicit deny set*@sa: initialized audit structure (MAY BE NULL if not
函数原型:int aa_check_perms(struct aa_profile *profile, struct aa_perms *perms, unsigned int request, struct common_audit_data *sa, void (*cb)(struct audit_buffer *, void *))
返回类型:int
参数:
类型 | 参数 | 名称 |
---|---|---|
struct aa_profile * | profile | |
struct aa_perms * | perms | |
unsigned int | request | |
struct common_audit_data * | sa | |
void (* | cb |
434 | denied等于request按位与allow的反按位或 explicit deny, or conflict if allow also set 的值 |
436 | 如果此条件成立可能性大(为编译器优化)(!denied)则 |
442 | type等于AUDIT_APPARMOR_AUDIT |
443 | error等于0 |
444 | 否则 |
447 | 如果denied按位与 set only when ~allow | deny 则type等于AUDIT_APPARMOR_KILL |
449 | 否则如果denied恒等于denied按位与 accumulates only used when ~allow & ~deny 的值则type等于AUDIT_APPARMOR_ALLOWED |
451 | 否则type等于AUDIT_APPARMOR_DENIED |
454 | 如果denied恒等于denied按位与 set only when ~allow | deny 的值则error等于负ENOENT |
457 | denied与等于 set only when ~allow | deny 的反 |
462 | 如果sa则 |
470 | 如果type恒等于AUDIT_APPARMOR_ALLOWED则error等于0 |
473 | 返回:error |
名称 | 描述 |
---|---|
profile_signal_perm | |
aa_profile_label_perm | rrently unused |
aa_profile_af_perm | Generic af perm |
profile_ptrace_perm | TODO: conditionals |
源代码转换工具 开放的插件接口 | X |
---|---|
支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |