函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_queue.c Create Date:2022-07-27 21:58:14
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Add template entry to the measurement list and hash table, and* extend the pcr.* On systems which support carrying the IMA measurement list across* kexec, maintain the total memory size required for serializing the* binary_runtime_measurements.

函数原型:int ima_add_template_entry(struct ima_template_entry *entry, int violation, const char *op, struct inode *inode, const unsigned char *filename)

返回类型:int

参数:

类型参数名称
struct ima_template_entry *entry
intviolation
const char *op
struct inode *inode
const unsigned char *filename
169  audit_cause等于"hash_added"
171  audit_info等于1
172  result等于0, tpmresult等于0
174  mutex_lock( & mutex protects atomicity of extending measurement list* and extending the TPM PCR aggregate. Since tpm_extend can take* long (and the tpm driver uses a mutex), we can't use the spinlock.)
175  如果非violation
176  memcpy(digest, sha1 or md5 measurement hash , digest的长度)
177  如果lookup up the digest value in the hash table, and return the entry
178  audit_cause等于"hash_exists"
179  result等于负EEXIST
180  转到:out
184  result等于ma_add_template_entry helper function:* - Add template entry to the measurement list and hash table, for* all entries except those carried across kexec.* (Called with ima_extend_list_mutex held.)
185  如果result小于0则
186  audit_cause等于"ENOMEM"
187  audit_info等于0
188  转到:out
191  如果violationmemset(digest, 0xff, digest的长度)
194  tpmresult等于Return the amount of memory required for serializing the* entire binary_runtime_measurement list, including the ima_kexec_hdr* structure.
195  如果tpmresult不等于0则
196  snprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@
198  audit_cause等于tpm_audit_cause
199  audit_info等于0
201  out :
202  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
203  integrity_audit_msg(PCR invalidation msgs , inode, filename, op, audit_cause, result, audit_info)
205  返回:result
调用者
名称描述
ima_store_templatema_store_template - store ima template measurements* Calculate the hash of a template entry, add the template entry* to an ordered list of measurement entries maintained inside the kernel,* and also update the aggregate integrity value (maintained inside