Function report |
Source Code:security\integrity\ima\ima_main.c |
Create Date:2022-07-28 19:58:17 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
home page | Tree |
Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:process_measurement
Proto:static int process_measurement(struct file *file, const struct cred *cred, unsigned int secid, char *buf, loff_t size, int mask, enum ima_hooks func)
Type:int
Parameter:
Type | Parameter | Name |
---|---|---|
struct file * | file | |
const struct cred * | cred | |
unsigned int | secid | |
char * | buf | |
loff_t | size | |
int | mask | |
enum ima_hooks | func |
196 | inode = file_inode(file) |
197 | struct integrity_iint_cache * iint = NULL |
198 | struct ima_template_desc * template_desc = NULL |
199 | char * pathbuf = NULL |
201 | const char * pathname = NULL |
202 | rc = 0 , must_appraise = 0 |
204 | struct evm_ima_xattr_data * xattr_value = NULL |
206 | xattr_len = 0 |
210 | If Not current content of the policy || Not S_ISREG(i_mode) Then Return 0 |
219 | violation_check = ( func == FILE_CHECK || func == MMAP_CHECK ) && current content of the policy & action cache flags |
221 | If Not action && Not violation_check Then Return 0 |
224 | must_appraise = action & IMA_APPRAISE |
227 | If action & subaction appraise cache flags Then func = FILE_CHECK |
230 | inode_lock(inode) |
232 | If action Then |
242 | inode_unlock(inode) |
266 | flags &= ~IMA_DONE_MASK |
267 | measured_pcrs = 0 |
275 | action &= IMA_DO_MASK |
276 | action &= ~((flags & (IMA_DONE_MASK ^ IMA_MEASURED)) >> 1) |
279 | If action & action cache flags && measured_pcrs & 0x1 << pcr Then action ^= action cache flags |
285 | xattr_len = ima_read_xattr(file_dentry(file), & xattr_value) |
286 | If xattr_value && xattr_len > 2 && type == EVM_IMA_XATTR_DIGSIG Then Atomically set a bit in memory |
289 | flags |= IMA_HASHED |
295 | If Not action Then |
296 | If must_appraise Then |
299 | If Not rc Then rc = ima_get_cache_status(iint, func) |
302 | Go to out_locked |
305 | If action & IMA_APPRAISE_SUBMASK || strcmp(name, IMA_TEMPLATE_IMA_NAME) != 0 Then |
308 | xattr_len = ima_read_xattr(file_dentry(file), & xattr_value) |
315 | If flags & IMA_MODSIG_ALLOWED Then |
318 | If Not rc && ima_template_has_modsig(template_desc) && flags & IMA_MEASURED Then action |= action cache flags |
333 | If action & action cache flags Then ma_store_measurement - store file measurement* Create an "ima" template and then store the template by calling* ima_store_template |
337 | If rc == 0 && action & IMA_APPRAISE_SUBMASK Then |
338 | rc = ma_check_blacklist - determine if the binary is blacklisted.* Add the hash of the blacklisted binary to the measurement list, based* on policy.* Returns -EPERM if the hash is blacklisted. |
340 | inode_lock(inode) |
344 | inode_unlock(inode) |
346 | If Not rc Then rc = Prevent mmap'ing a file execute that is already mmap'ed write |
350 | If action & IMA_AUDIT Then ima_audit_measurement(iint, pathname) |
353 | If f_flags & O_DIRECT && flags & IMA_PERMIT_DIRECTIO Then rc = 0 |
355 | out_locked : |
356 | If mask & MAY_WRITE && st_bit - Determine whether a bit is set*@nr: bit number to test*@addr: Address to start counting from && Not (flags & IMA_NEW_FILE) Then rc = -EACCES |
360 | kfree(xattr_value) |
361 | ima_free_modsig(modsig) |
362 | out : |
365 | If must_appraise Then |
366 | If rc && ima_appraise & Appraise integrity measurements Then Return -EACCES |
368 | If f_mode & le is open for writing Then Atomically set a bit in memory |
371 | Return 0 |
Name | Describe |
---|---|
ima_file_mmap | ma_file_mmap - based on policy, collect/store measurement.*@file: pointer to the file to be measured (May be NULL)*@prot: contains the protection that will be applied by the kernel.* Measure files being mmapped executable based on the ima_must_measure() |
ima_bprm_check | ma_bprm_check - based on policy, collect/store measurement.*@bprm: contains the linux_binprm structure* The OS protects against an executable file, already open for write,* from being executed in deny_write_access() and an executable file, |
ima_file_check | ma_path_check - based on policy, collect/store measurement.*@file: pointer to the file to be measured*@mask: contains MAY_READ, MAY_WRITE, MAY_EXEC or MAY_APPEND* Measure files based on the ima_must_measure() policy decision.* On success return 0 |
ima_post_read_file | ma_post_read_file - in memory collect/appraise/audit measurement*@file: pointer to the file to be measured/appraised/audit*@buf: pointer to in memory file contents*@size: size of in memory file contents*@read_id: caller identifier |
Source code conversion tool public plug-in interface | X |
---|---|
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |