函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\device_cgroup.c Create Date:2022-07-27 21:52:09
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:verify_new_ex - verifies if a new exception is allowed by parent cgroup's permissions*@dev_cgroup: dev cgroup to be tested against*@refex: new exception*@behavior: behavior of the exception's dev_cgroup* This is used to make sure a child cgroup won't have

函数原型:static bool verify_new_ex(struct dev_cgroup *dev_cgroup, struct dev_exception_item *refex, enum devcg_behavior behavior)

返回类型:bool

参数:

类型参数名称
struct dev_cgroup *dev_cgroup
struct dev_exception_item *refex
enum devcg_behaviorbehavior
393  bool match = false
395  RCU_LOCKDEP_WARN(!_read_lock_held() - might we be in RCU read-side critical section?* If CONFIG_DEBUG_LOCK_ALLOC is selected, returns nonzero iff in an RCU* read-side critical section && !lockdep_is_held( & devcgroup_mutex), "device_cgroup:verify_new_ex called without proper synchronization")
399  如果behavior恒等于DEVCG_DEFAULT_ALLOW
400  如果behavior恒等于DEVCG_DEFAULT_ALLOW
405  返回:true
406  否则
412  match等于match_exception_partial - iterates the exception list trying to find a partial match*@exceptions: list of exceptions*@type: device type (DEVCG_DEV_BLOCK or DEVCG_DEV_CHAR)*@major: device file major number, ~0 to match all*@minor: device file minor number,
418  如果match则返回:false
420  返回:true
422  否则
429  match等于match_exception - iterates the exception list trying to find a complete match*@exceptions: list of exceptions*@type: device type (DEVCG_DEV_BLOCK or DEVCG_DEV_CHAR)*@major: device file major number, ~0 to match all*@minor: device file minor number, ~0 to
433  如果match则返回:true
436  否则返回:false
439  返回:false
调用者
名称描述
parent_has_permparent_has_perm:* when adding a new allow rule to a device exception list, the rule* must be allowed in the parent device