函数逻辑报告 |
Source Code:security\integrity\ima\ima_appraise.c |
Create Date:2022-07-27 22:06:48 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
首页 | 函数Tree |
注解内核,赢得工具 | 下载SCCT | English |
函数名称:ma_appraise_measurement - appraise file measurement* Call evm_verifyxattr() to verify the integrity of 'security.ima'.* Assuming success, compare the xattr hash with the collected measurement.* Return 0 on success, error code otherwise
函数原型:int ima_appraise_measurement(enum ima_hooks func, struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig)
返回类型:int
参数:
类型 | 参数 | 名称 |
---|---|---|
enum ima_hooks | func | |
struct integrity_iint_cache * | iint | |
struct file * | file | |
const unsigned char * | filename | |
struct evm_ima_xattr_data * | xattr_value | |
int | xattr_len | |
const struct modsig * | modsig |
353 | op[]等于"appraise_data" |
354 | cause等于"unknown" |
355 | dentry等于file_dentry(file) |
357 | status等于INTEGRITY_UNKNOWN |
359 | try_modsig等于flags按位与IMA_MODSIG_ALLOWED且modsig |
362 | 如果非i_opflags按位与IOP_XATTR的值且非try_modsig则返回:INTEGRITY_UNKNOWN |
366 | 如果rc小于等于0且非try_modsig则 |
370 | cause等于如果flags按位与IMA_DIGSIG_REQUIRED则"IMA-signature-required"否则"missing-hash" |
372 | status等于INTEGRITY_NOLABEL |
373 | 如果f_mode按位与FMODE_CREATED则flags或等于IMA_NEW_FILE |
375 | 如果flags按位与IMA_NEW_FILE且非flags按位与IMA_DIGSIG_REQUIRED的值或i_size恒等于0的值则status等于INTEGRITY_PASS |
379 | 转到:out |
384 | 当:status恒等于INTEGRITY_PASS |
385 | 当:status恒等于INTEGRITY_PASS_IMMUTABLE |
386 | 当:status恒等于INTEGRITY_UNKNOWN |
387 | 退出 |
388 | 当:status恒等于INTEGRITY_NOXATTRS |
390 | 如果try_modsig则退出 |
393 | 当:status恒等于INTEGRITY_NOLABEL |
396 | 当:status恒等于INTEGRITY_FAIL |
399 | 默认 |
403 | 如果xattr_value则rc等于xattr_verify - verify xattr digest or signature* Verify whether the hash or signature matches the file contents.* Return 0 on success, error code otherwise. |
416 | out : |
426 | status等于INTEGRITY_FAIL |
427 | cause等于"unverifiable-signature" |
428 | integrity_audit_msg(Data integrity verification , inode, filename, op, cause, rc, 0) |
430 | 否则如果status不等于INTEGRITY_PASS则 |
432 | 如果ima_appraise按位与IMA_APPRAISE_FIX且非try_modsig且非xattr_value或type不等于EVM_IMA_XATTR_DIGSIG的值则 |
435 | 如果非ima_fix_xattr(dentry, iint)则status等于INTEGRITY_PASS |
440 | 如果i_size恒等于0且flags按位与IMA_NEW_FILE且xattr_value且type恒等于EVM_IMA_XATTR_DIGSIG则 |
442 | status等于INTEGRITY_PASS |
445 | integrity_audit_msg(Data integrity verification , inode, filename, op, cause, rc, 0) |
447 | 否则 |
448 | ima_cache_flags(iint, func) |
451 | ima_set_cache_status(iint, func, status) |
452 | 返回:status |
名称 | 描述 |
---|---|
process_measurement |
源代码转换工具 开放的插件接口 | X |
---|---|
支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |