函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\lib.c Create Date:2022-07-27 21:28:07
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:aa_check_perms - do audit mode selection based on perms set*@profile: profile being checked*@perms: perms computed for the request*@request: requested perms*@deny: Returns: explicit deny set*@sa: initialized audit structure (MAY BE NULL if not

函数原型:int aa_check_perms(struct aa_profile *profile, struct aa_perms *perms, unsigned int request, struct common_audit_data *sa, void (*cb)(struct audit_buffer *, void *))

返回类型:int

参数:

类型参数名称
struct aa_profile *profile
struct aa_perms *perms
unsigned intrequest
struct common_audit_data *sa
void (*cb
434  denied等于request按位与allow的反按位或 explicit deny, or conflict if allow also set 的值
436  如果此条件成立可能性大(为编译器优化)(!denied)则
438  request与等于 set only when allow is set
439  如果非request或非sa则返回:0
442  type等于AUDIT_APPARMOR_AUDIT
443  error等于0
444  否则
445  error等于负EACCES
447  如果denied按位与 set only when ~allow | deny type等于AUDIT_APPARMOR_KILL
449  否则如果denied恒等于denied按位与 accumulates only used when ~allow & ~deny 的值则type等于AUDIT_APPARMOR_ALLOWED
451  否则type等于AUDIT_APPARMOR_DENIED
454  如果denied恒等于denied按位与 set only when ~allow | deny 的值则error等于负ENOENT
457  denied与等于 set only when ~allow | deny 的反
458  如果非sa或非denied则返回:error
462  如果sa
463  label等于label
464  request等于request
465  denied等于denied
466  error等于error
467  aa_audit_msg - Log a message to the audit subsystem*@sa: audit event structure (NOT NULL)*@cb: optional callback fn for type specific fields (MAYBE NULL)
470  如果type恒等于AUDIT_APPARMOR_ALLOWEDerror等于0
473  返回:error
调用者
名称描述
profile_signal_perm
aa_profile_label_permrrently unused
aa_profile_af_permGeneric af perm
profile_ptrace_permTODO: conditionals