函数逻辑报告 |
Source Code:security\selinux\avc.c |
Create Date:2022-07-27 20:17:30 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
首页 | 函数Tree |
注解内核,赢得工具 | 下载SCCT | English |
函数名称:avc_update_node Update an AVC entry*@event : Updating event*@perms : Permission mask bits*@ssid,@tsid,@tclass : identifier of an AVC entry*@seqno : sequence number when decision was made*@xpd: extended_perms_decision to be added to the node
函数原型:static int avc_update_node(struct selinux_avc *avc, unsigned int event, unsigned int perms, u8 driver, u8 xperm, unsigned int ssid, unsigned int tsid, u16 tclass, unsigned int seqno, struct extended_perms_decision *xpd, unsigned int flags)
返回类型:int
参数:
类型 | 参数 | 名称 |
---|---|---|
struct selinux_avc * | avc | |
unsigned int | event | |
unsigned int | perms | |
u8 | driver | |
u8 | xperm | |
unsigned int | ssid | |
unsigned int | tsid | |
u16 | tclass | |
unsigned int | seqno | |
struct extended_perms_decision * | xpd | |
unsigned int | flags |
834 | rc等于0 |
855 | node等于avc_alloc_node(avc) |
856 | 如果非node则 |
864 | head等于 head for avc_node->list [hvalue] |
865 | lock等于 lock for writes [hvalue] |
867 | spin_lock_irqsave(lock, flag) |
879 | 如果非orig则 |
891 | 如果xp_node则 |
892 | rc等于avc_xperms_populate(node, xp_node) |
893 | 如果rc则 |
894 | avc_node_kill(avc, node) |
895 | 转到:out_unlock |
900 | 当:event恒等于AVC_CALLBACK_GRANT |
904 | 退出 |
905 | 当:event恒等于AVC_CALLBACK_TRY_REVOKE |
906 | 当:event恒等于AVC_CALLBACK_REVOKE |
910 | auditallow或等于perms |
911 | 退出 |
913 | auditallow与等于perms的反 |
914 | 退出 |
921 | 当:event恒等于AVC_CALLBACK_ADD_XPERMS |
922 | avc_add_xperms_decision(node, xpd) |
923 | 退出 |
925 | avc_node_replace(avc, node, orig) |
926 | out_unlock : |
927 | spin_unlock_irqrestore(lock, flag) |
928 | out : |
929 | 返回:rc |
名称 | 描述 |
---|---|
avc_denied | |
avc_has_extended_perms | The avc extended permissions logic adds an additional 256 bits of* permissions to an avc node when extended permissions for that node are* specified in the avtab |
源代码转换工具 开放的插件接口 | X |
---|---|
支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |