Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_main.c Create Date:2022-07-28 19:58:16
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:ma_rdwr_violation_check* Only invalidate the PCR for measured files:* - Opening a file for write when already open for read,* results in a time of measure, time of use (ToMToU) error.* - Opening a file for read when already open for write,

Proto:static void ima_rdwr_violation_check(struct file *file, struct integrity_iint_cache *iint, int must_measure, char **pathbuf, const char **pathname, char *filename)

Type:void

Parameter:

TypeParameterName
struct file *file
struct integrity_iint_cache *iint
intmust_measure
char **pathbuf
const char **pathname
char *filename
113  inode = file_inode(file)
114  mode = f_mode
115  bool send_tomtou = TSC's on different sockets may be reset asynchronously.* This may cause the TSC ADJUST value on socket 0 to be NOT 0., send_writers = false
117  If mode & le is open for writing Then
126  Else
127  If must_measure Then Atomically set a bit in memory
129  If inode_is_open_for_write(inode) && must_measure Then send_writers = true
133  If Not send_tomtou && Not send_writers Then Return
136  pathname = ima_d_path( & f_path, pathbuf, filename)
138  If send_tomtou Then ma_add_violation - add violation to measurement list.* Violations are flagged in the measurement list with zero hash values.* By extending the PCR with 0xFF's instead of with zeroes, the PCR* value is invalidated.
141  If send_writers Then ma_add_violation - add violation to measurement list.* Violations are flagged in the measurement list with zero hash values.* By extending the PCR with 0xFF's instead of with zeroes, the PCR* value is invalidated.
Caller
NameDescribe
process_measurement