函数逻辑报告 |
Source Code:security\integrity\ima\ima_main.c |
Create Date:2022-07-27 21:59:58 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
首页 | 函数Tree |
注解内核,赢得工具 | 下载SCCT | English |
函数名称:process_buffer_measurement - Measure the buffer to ima log
函数原型:void process_buffer_measurement(const void *buf, int size, const char *eventname, enum ima_hooks func, int pcr)
返回类型:void
参数:
类型 | 参数 | 名称 |
---|---|---|
const void * | buf | |
int | size | |
const char * | eventname | |
enum ima_hooks | func | |
int | pcr |
642 | ret等于0 |
643 | struct ima_template_entry * entry = NULL |
644 | struct integrity_iint_cache iint = {} |
645 | struct ima_event_data event_data = {iint = & iint, filename = eventname, buf = buf, buf_len = size} |
649 | struct ima_template_desc * template = NULL |
650 | struct{struct ima_digest_data hdr;char digest[64];}hash = {} |
654 | violation等于0 |
655 | action等于0 |
658 | 如果非current content of the policy 则返回 |
668 | 如果func则 |
669 | security_task_getsecid(当前进程, & secid) |
672 | 如果非action按位与 action cache flags 的值则返回 |
676 | 如果非pcr则pcr等于CONFIG_IMA_MEASURE_PCR_IDX |
679 | 如果非template则 |
680 | template等于lookup_template_desc("ima-buf") |
681 | ret等于template_desc_init_fields(fmt, & (fields), & (num_fields)) |
684 | 如果ret小于0则 |
685 | 打印错误信息("template %s init failed, result: %d\n", (strlen - Find the length of a string*@s: The string to be sized ? name : fmt), ret) |
688 | 返回 |
693 | algo等于ima_hash_algo |
696 | ret等于ima_calc_buffer_hash(buf, size, ima_hash) |
700 | ret等于ima_alloc_init_template( & event_data, & entry, template) |
706 | 如果ret小于0则ima_free_template_entry(entry) |
709 | out : |
710 | 返回 |
名称 | 描述 |
---|---|
ima_kexec_cmdline | ma_kexec_cmdline - measure kexec cmdline boot args*@buf: pointer to buffer*@size: size of buffer* Buffers can only be measured, not appraised. |
ima_check_blacklist | ma_check_blacklist - determine if the binary is blacklisted.* Add the hash of the blacklisted binary to the measurement list, based* on policy.* Returns -EPERM if the hash is blacklisted. |
源代码转换工具 开放的插件接口 | X |
---|---|
支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |