Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_fs.c Create Date:2022-07-28 19:57:48
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:ima_write_policy

Proto:static ssize_t ima_write_policy(struct file *file, const char __user *buf, size_t datalen, loff_t *ppos)

Type:ssize_t

Parameter:

TypeParameterName
struct file *file
const char __user *buf
size_tdatalen
loff_t *ppos
318  If datalen >= PAGE_SIZE Then datalen = PAGE_SIZE - 1
322  result = -EINVAL
323  If ppos != 0 Then Go to out
326  data = memdup_user_nul - duplicate memory region from user space and NUL-terminate*@src: source address in user space*@len: number of bytes to copy* Return: an ERR_PTR() on failure.
327  If IS_ERR(data) Then
328  result = PTR_ERR(data)
329  Go to out
332  result = mutex_lock_interruptible( & ima_write_mutex)
333  If result < 0 Then Go to out_free
336  If data[0] == '/' Then
337  result = ima_read_policy(data)
338  Else if ima_appraise & IMA_APPRAISE_POLICY Then
339  pr_err("signed policy file (specified as an absolute pathname) required\n")
340  integrity_audit_msg(Integrity enable status , NULL, NULL, "policy_update", "signed policy required", 1, 0)
343  If ima_appraise & Appraise integrity measurements Then result = -EACCES
345  Else
346  result = ma_parse_add_rule - add a rule to ima_policy_rules*@rule - ima measurement policy rule* Avoid locking by allowing just one writer at a time in ima_write_policy()* Returns the length of the rule parsed, an error code on failure
348  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
349  out_free :
350  kfree(data)
351  out :
352  If result < 0 Then valid_policy = 0
355  Return result