函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-27 20:26:30
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Allow filesystems with binary mount data to explicitly set mount point* labeling information.

函数原型:static int selinux_set_mnt_opts(struct super_block *sb, void *mnt_opts, unsigned long kern_flags, unsigned long *set_kern_flags)

返回类型:int

参数:

类型参数名称
struct super_block *sb
void *mnt_opts
unsigned longkern_flags
unsigned long *set_kern_flags
651  cred等于current_cred - Access the current task's subjective credentials* Access the subjective credentials of the current task. RCU-safe,* since nobody else can modify it.()
652  sbsec等于s_security
653  root等于s_root
654  opts等于mnt_opts
656  fscontext_sid等于0, context_sid等于0, rootcontext_sid等于0
657  defcontext_sid等于0
658  rc等于0
660  mutex_lock( & lock)
662  如果非initialized
663  如果非opts
667  转到:out
669  rc等于负EINVAL
670  打印警告信息("SELinux: Unable to set superblock options before the security server is initialized\n")
672  转到:out
674  如果kern_flags且非set_kern_flags
677  rc等于负EINVAL
678  转到:out
692  如果 which mount options were specified 按位与Non-mount related flags fs_flags按位与FS_BINARY_MOUNTDATA且非opts则转到:out
696  root_isec等于backing_inode_security_novalidate(root)
703  如果opts
704  如果fscontext
705  rc等于parse_sid(sb, fscontext, & fscontext_sid)
706  如果rc则转到:out
708  如果bad_option(sbsec, FSCONTEXT_MNT, SID of file system superblock , fscontext_sid)则转到:out_double_mount
711  which mount options were specified 或等于FSCONTEXT_MNT
713  如果context
714  rc等于parse_sid(sb, context, & context_sid)
715  如果rc则转到:out
717  如果bad_option(sbsec, BE CAREFUL, these need to be the low order bits for selinux_get_mnt_opts , SECURITY_FS_USE_MNTPOINT context for files , context_sid)则转到:out_double_mount
720  which mount options were specified 或等于BE CAREFUL, these need to be the low order bits for selinux_get_mnt_opts
722  如果rootcontext
723  rc等于parse_sid(sb, rootcontext, & rootcontext_sid)
724  如果rc则转到:out
726  如果bad_option(sbsec, ROOTCONTEXT_MNT, SID of this object , rootcontext_sid)则转到:out_double_mount
729  which mount options were specified 或等于ROOTCONTEXT_MNT
731  如果defcontext
732  rc等于parse_sid(sb, defcontext, & defcontext_sid)
733  如果rc则转到:out
735  如果bad_option(sbsec, DEFCONTEXT_MNT, default SID for labeling , defcontext_sid)则转到:out_double_mount
738  which mount options were specified 或等于DEFCONTEXT_MNT
742  如果 which mount options were specified 按位与Non-mount related flags
744  如果 which mount options were specified 按位与Mask for just the mount related flags 且非opts则转到:out_double_mount
746  rc等于0
747  转到:out
750  如果字符串比较恒等于0则 which mount options were specified 或等于SE_SBPROC按位或SE_SBGENFS
753  如果非字符串比较或非字符串比较或非字符串比较 which mount options were specified 或等于SE_SBGENFS
758  如果非字符串比较或非字符串比较或非字符串比较 which mount options were specified 或等于SE_SBGENFS按位或SE_SBGENFS_XATTR
763  如果非 labeling behavior
768  rc等于security_fs_use( & selinux_state, sb)
769  如果rc
770  打印警告信息("%s: security_fs_use(%s) returned %d\n", __func__, name, rc)
772  转到:out
781  如果* Owning user namespace and default context in which to * interpret filesystem uids, gids, quotas, device nodes, * xattrs and security labels.不等于userns count is 1 for root user, 1 for init_uts_ns,* and 1 for... ?字符串比较字符串比较字符串比较
785  如果context_sidfscontext_sidrootcontext_siddefcontext_sid
787  rc等于负EACCES
788  转到:out
790  如果 labeling behavior 恒等于use xattr
791  labeling behavior 等于use mountpoint labeling
792  rc等于security_transition_sid( & selinux_state, get the subjective security ID of the current task, get the subjective security ID of the current task, SECCLASS_FILE, NULL, & SECURITY_FS_USE_MNTPOINT context for files )
797  如果rc则转到:out
800  转到:out_set_opts
804  如果fscontext_sid
805  rc等于may_context_mount_sb_relabel(fscontext_sid, sbsec, cred)
806  如果rc则转到:out
809  SID of file system superblock 等于fscontext_sid
817  如果kern_flags按位与LSM Agnostic defines for fs_context::lsm_flags 且非context_sid
818  labeling behavior 等于use native label support
819  set_kern_flags或等于LSM Agnostic defines for fs_context::lsm_flags
822  如果context_sid
823  如果非fscontext_sid
824  rc等于may_context_mount_sb_relabel(context_sid, sbsec, cred)
826  如果rc则转到:out
828  SID of file system superblock 等于context_sid
829  否则
830  rc等于may_context_mount_inode_relabel(context_sid, sbsec, cred)
832  如果rc则转到:out
835  如果非rootcontext_sidrootcontext_sid等于context_sid
838  SECURITY_FS_USE_MNTPOINT context for files 等于context_sid
839  labeling behavior 等于use mountpoint labeling
842  如果rootcontext_sid
843  rc等于may_context_mount_inode_relabel(rootcontext_sid, sbsec, cred)
845  如果rc则转到:out
848  SID of this object 等于rootcontext_sid
849  initialization flag 等于 initialized
852  如果defcontext_sid
853  如果 labeling behavior 不等于use xattr labeling behavior 不等于use native label support
855  rc等于负EINVAL
856  打印警告信息("SELinux: defcontext option is invalid for this filesystem type\n")
858  转到:out
861  如果defcontext_sid不等于 default SID for labeling
862  rc等于may_context_mount_inode_relabel(defcontext_sid, sbsec, cred)
864  如果rc则转到:out
868  default SID for labeling 等于defcontext_sid
871  out_set_opts :
872  rc等于sb_finish_set_opts(sb)
873  out :
874  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
875  返回:rc
876  out_double_mount :
877  rc等于负EINVAL
878  打印警告信息("SELinux: mount invalid. Same superblock, different security settings for (dev %s, type %s)\n", Informational name , name)
881  转到:out
调用者
名称描述
delayed_superblock_init