函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-27 20:32:33
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:selinux_sock_rcv_skb_compat

函数原型:static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb, u16 family)

返回类型:int

参数:

类型参数名称
struct sock *sk
struct sk_buff *skb
u16family
4969  err等于0
4970  sksec等于sk_security
4971  sk_sid等于 SID of this object
4973  struct lsm_network_audit net = {0, }
4976  type等于LSM_AUDIT_DATA_NET
4977  net等于net
4978  netif等于skb_iif
4979  family等于family
4980  err等于selinux_parse_skb(skb, & ad, & addrp, 1, NULL)
4981  如果err则返回:err
4984  如果selinux_secmark_enabled - Check to see if SECMARK is currently enabled* Description:* This function checks the SECMARK reference counter to see if any SECMARK* targets are currently configured, if the reference counter is greater than
4985  err等于avc_has_perm - Check permissions and perform any appropriate auditing
4988  如果err则返回:err
4992  err等于selinux_netlbl_sock_rcv_skb - Do an inbound access check using NetLabel*@sksec: the sock's sk_security_struct*@skb: the packet*@family: protocol family*@ad: the audit data* Description:* Fetch the NetLabel security attributes from @skb and perform an
4993  如果err则返回:err
4995  err等于LSM hook that controls access to unlabelled packets. If* a xfrm_state is authorizable (defined by macro) then it was* already authorized by the IPSec process. If not, then* we need to check for unlabelled access since this may not have
4997  返回:err
调用者
名称描述
selinux_socket_sock_rcv_skb