函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_policy.c Create Date:2022-07-27 22:03:28
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:ma_init_policy - initialize the default measure rules.* ima_rules points to either the ima_default_rules or the* the new ima_policy_rules.

函数原型:void __init ima_init_policy(void)

返回类型:void

参数:

655  如果ima_policyadd_rules(The minimum rule set to allow for full TCB coverage. Measures all files* opened or mmap for exec and everything read by root. Dangerous because* normal users can easily run the machine out of memory simply building* and running executables., ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(The minimum rule set to allow for full TCB coverage. Measures all files* opened or mmap for exec and everything read by root. Dangerous because* normal users can easily run the machine out of memory simply building* and running executables.), IMA_DEFAULT_POLICY)
660  :ima_policy恒等于ORIGINAL_TCB
661  add_rules(original_measurement_rules, ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(original_measurement_rules), IMA_DEFAULT_POLICY)
664  退出
665  :ima_policy恒等于DEFAULT_TCB
666  add_rules(default_measurement_rules, ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(default_measurement_rules), IMA_DEFAULT_POLICY)
669  默认
670  退出
679  arch_entries等于ima_init_arch_policy()
680  如果非arch_entries打印信息("No architecture policies found\n")
682  否则add_rules(An array of architecture specific rules , arch_entries, IMA_DEFAULT_POLICY | IMA_CUSTOM_POLICY)
690  如果ima_use_secure_bootadd_rules(secure_boot_rules, ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(secure_boot_rules), IMA_DEFAULT_POLICY)
700  build_appraise_entries等于ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(build_appraise_rules)
701  如果build_appraise_entries
702  如果ima_use_secure_bootadd_rules(build_appraise_rules, build_appraise_entries, IMA_CUSTOM_POLICY)
705  否则add_rules(build_appraise_rules, build_appraise_entries, IMA_DEFAULT_POLICY | IMA_CUSTOM_POLICY)
710  如果ima_use_appraise_tcbadd_rules(default_appraise_rules, ARRAY_SIZE - get the number of elements in array @arr*@arr: array to be sized(default_appraise_rules), IMA_DEFAULT_POLICY)
715  ima_rules等于ima_default_rules
716  Initialize the ima_policy_flag variable based on the currently* loaded policy. Based on this flag, the decision to short circuit* out of a function or not call the function in the first place* can be made earlier.