函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_main.c Create Date:2022-07-27 21:59:58
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:process_buffer_measurement - Measure the buffer to ima log

函数原型:void process_buffer_measurement(const void *buf, int size, const char *eventname, enum ima_hooks func, int pcr)

返回类型:void

参数:

类型参数名称
const void *buf
intsize
const char *eventname
enum ima_hooksfunc
intpcr
642  ret等于0
643  struct ima_template_entry * entry = NULL
644  struct integrity_iint_cache iint = {}
645  struct ima_event_data event_data = {iint = & iint, filename = eventname, buf = buf, buf_len = size}
649  struct ima_template_desc * template = NULL
650  struct{struct ima_digest_data hdr;char digest[64];}hash = {}
654  violation等于0
655  action等于0
658  如果非current content of the policy 则返回
668  如果func
669  security_task_getsecid(当前进程, & secid)
670  action等于LIM API function definitions
672  如果非action按位与 action cache flags 的值则返回
676  如果非pcrpcr等于CONFIG_IMA_MEASURE_PCR_IDX
679  如果非template
680  template等于lookup_template_desc("ima-buf")
681  ret等于template_desc_init_fields(fmt, & (fields), & (num_fields))
684  如果ret小于0则
685  打印错误信息("template %s init failed, result: %d\n", (strlen - Find the length of a string*@s: The string to be sized ? name : fmt), ret)
688  返回
692  ima_hash等于hdr
693  algo等于ima_hash_algo
694  length等于hash_digest_size[ima_hash_algo]
696  ret等于ima_calc_buffer_hash(buf, size, ima_hash)
697  如果ret小于0则转到:out
700  ret等于ima_alloc_init_template( & event_data, & entry, template)
701  如果ret小于0则转到:out
704  ret等于ma_store_template - store ima template measurements* Calculate the hash of a template entry, add the template entry* to an ordered list of measurement entries maintained inside the kernel,* and also update the aggregate integrity value (maintained inside
706  如果ret小于0则ima_free_template_entry(entry)
709  out :
710  返回
调用者
名称描述
ima_kexec_cmdlinema_kexec_cmdline - measure kexec cmdline boot args*@buf: pointer to buffer*@size: size of buffer* Buffers can only be measured, not appraised.
ima_check_blacklistma_check_blacklist - determine if the binary is blacklisted.* Add the hash of the blacklisted binary to the measurement list, based* on policy.* Returns -EPERM if the hash is blacklisted.