aa_check_perms

函数名称：aa_check_perms - do audit mode selection based on perms set*@profile: profile being checked*@perms: perms computed for the request*@request: requested perms*@deny: Returns: explicit deny set*@sa: initialized audit structure (MAY BE NULL if not

函数原型：int aa_check_perms(struct aa_profile *profile, struct aa_perms *perms, unsigned int request, struct common_audit_data *sa, void (*cb)(struct audit_buffer *, void *))

返回类型：int

参数：

类型	参数	名称
struct aa_profile *	profile
struct aa_perms *	perms
unsigned int	request
struct common_audit_data *	sa
void (*	cb

434

denied等于request按位与allow的反按位或 explicit deny, or conflict if allow also set 的值

436

如果此条件成立可能性大(为编译器优化)(!denied)则

438

request与等于 set only when allow is set

439

如果非request或非sa则返回:0

442

type等于AUDIT_APPARMOR_AUDIT

443

error等于0

444

否则

445

error等于负EACCES

447

如果denied按位与 set only when ~allow | deny 则type等于AUDIT_APPARMOR_KILL

449

否则如果denied恒等于denied按位与 accumulates only used when ~allow & ~deny 的值则type等于AUDIT_APPARMOR_ALLOWED

451

否则type等于AUDIT_APPARMOR_DENIED

454

如果denied恒等于denied按位与 set only when ~allow | deny 的值则error等于负ENOENT

457

denied与等于 set only when ~allow | deny 的反

458

如果非sa或非denied则返回:error

462

如果sa则

463

label等于label

464

request等于request

465

denied等于denied

466

error等于error

467

aa_audit_msg - Log a message to the audit subsystem*@sa: audit event structure (NOT NULL)*@cb: optional callback fn for type specific fields (MAYBE NULL)

470

如果type恒等于AUDIT_APPARMOR_ALLOWED则error等于0

473

返回:error

**调用者**
名称	描述
profile_signal_perm
aa_profile_label_perm	rrently unused
aa_profile_af_perm	Generic af perm
profile_ptrace_perm	TODO: conditionals

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码