函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-27 20:30:29
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Check whether a task has the ioctl permission and cmd* operation to an inode.

函数原型:static int ioctl_has_perm(const struct cred *cred, struct file *file, unsigned int requested, u16 cmd)

返回类型:int

参数:

类型参数名称
const struct cred *cred
struct file *file
unsigned intrequested
u16cmd
3576  fsec等于selinux_file(file)
3577  inode等于file_inode(file)
3580  ssid等于get the security ID of a set of credentials
3582  driver等于cmd右移8位
3583  xperm等于cmd按位与0xff
3585  type等于LSM_AUDIT_DATA_IOCTL_OP
3586  op等于ioctl
3587  cmd等于cmd
3588  path等于f_path
3590  如果ssid不等于 SID of open file description
3591  rc等于avc_has_perm - Check permissions and perform any appropriate auditing
3596  如果rc则转到:out
3600  如果此条件成立可能性小(为编译器优化)(IS_PRIVATE(inode))则返回:0
3603  isec等于Get the security label of an inode.
3604  rc等于The avc extended permissions logic adds an additional 256 bits of* permissions to an avc node when extended permissions for that node are* specified in the avtab
3607  out :
3608  返回:rc
调用者
名称描述
selinux_file_ioctl