函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-27 20:29:56
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:selinux_inode_setxattr

函数原型:static int selinux_inode_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)

返回类型:int

参数:

类型参数名称
struct dentry *dentry
const char *name
const void *value
size_tsize
intflags
3138  inode等于d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
3142  sid等于get the subjective security ID of the current task
3143  rc等于0
3145  如果字符串比较
3146  rc等于ap_inode_setxattr - Determine whether an xattr may be altered*@dentry: The inode/dentry being altered*@name: The name of the xattr to be changed*@value: The value that the xattr will be changed to*@size: The size of value*@flags: The replacement flag*
3147  如果rc则返回:rc
3152  返回:Same as inode_has_perm, but pass explicit audit data containingthe dentry to help the auditing code to more easily generate thepathname if needed.
3155  如果非initialized则返回:如果inode_owner_or_capable(inode)则0否则负EPERM
3158  sbsec等于s_security
3159  如果非 which mount options were specified 按位与SBLABEL_MNT的值则返回:负EOPNOTSUPP
3162  如果非inode_owner_or_capable(inode)则返回:负EPERM
3165  type等于LSM_AUDIT_DATA_DENTRY
3166  dentry等于dentry
3168  isec等于Get the security label of a dentry's backing inode.
3169  rc等于avc_has_perm - Check permissions and perform any appropriate auditing
3172  如果rc则返回:rc
3175  rc等于security_context_to_sid( & selinux_state, value, size, & newsid, GFP_KERNEL)
3177  如果rc恒等于负EINVAL
3178  如果非has_cap_mac_admin(true)则
3184  如果value
3185  str等于value
3187  如果str[size - 1]恒等于'\0'则audit_size等于size减1
3189  否则audit_size等于size
3191  否则
3192  audit_size等于0
3194  ab等于申请审计缓冲区
3196  写入审计信息
3197  audit_log_n_untrustedstring - log a string that may contain random characters*@ab: audit_buffer*@len: length of string (not including trailing null)*@string: string to be logged* This code will escape a string that is passed to it if the string* contains
3198  发送审计信息,并释放缓冲区
3200  返回:rc
3202  rc等于security_context_to_sid_force( & selinux_state, value, size, & newsid)
3205  如果rc则返回:rc
3208  rc等于avc_has_perm - Check permissions and perform any appropriate auditing
3211  如果rc则返回:rc
3214  rc等于security_validate_transition( & selinux_state, SID of this object , newsid, sid, security class of this object )
3216  如果rc则返回:rc
3219  返回:avc_has_perm - Check permissions and perform any appropriate auditing