函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_fs.c Create Date:2022-07-27 21:57:41
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:ima_write_policy

函数原型:static ssize_t ima_write_policy(struct file *file, const char __user *buf, size_t datalen, loff_t *ppos)

返回类型:ssize_t

参数:

类型参数名称
struct file *file
const char __user *buf
size_tdatalen
loff_t *ppos
318  如果datalen大于等于PAGE_SIZEdatalen等于PAGE_SIZE减1
322  result等于负EINVAL
323  如果ppos不等于0则转到:out
326  data等于memdup_user_nul - duplicate memory region from user space and NUL-terminate*@src: source address in user space*@len: number of bytes to copy* Return: an ERR_PTR() on failure.
327  如果是错误
328  result等于错误
329  转到:out
332  result等于mutex_lock_interruptible( & ima_write_mutex)
333  如果result小于0则转到:out_free
336  如果data[0]恒等于'/'则
337  result等于ima_read_policy(data)
338  否则如果ima_appraise按位与IMA_APPRAISE_POLICY
339  打印错误信息("signed policy file (specified as an absolute pathname) required\n")
340  integrity_audit_msg(Integrity enable status , NULL, NULL, "policy_update", "signed policy required", 1, 0)
343  如果ima_appraise按位与Appraise integrity measurements result等于负EACCES
345  否则
346  result等于ma_parse_add_rule - add a rule to ima_policy_rules*@rule - ima measurement policy rule* Avoid locking by allowing just one writer at a time in ima_write_policy()* Returns the length of the rule parsed, an error code on failure
348  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
349  out_free :
350  释放内存
351  out :
352  如果result小于0则valid_policy等于0
355  返回:result