函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-27 20:32:40
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:selinux_socket_sock_rcv_skb

函数原型:static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)

返回类型:int

参数:

类型参数名称
struct sock *sk
struct sk_buff *skb
5003  sksec等于sk_security
5004  family等于sk_family
5005  sk_sid等于 SID of this object
5007  struct lsm_network_audit net = {0, }
5012  如果family不等于PF_INETfamily不等于PF_INET6则返回:0
5016  如果family恒等于PF_INET6protocol恒等于htons(Internet Protocol packet )则family等于PF_INET
5023  如果非selinux_policycap_netpeer()则返回:selinux_sock_rcv_skb_compat(sk, skb, family)
5026  secmark_active等于selinux_secmark_enabled - Check to see if SECMARK is currently enabled* Description:* This function checks the SECMARK reference counter to see if any SECMARK* targets are currently configured, if the reference counter is greater than
5027  peerlbl_active等于selinux_peerlbl_enabled - Check to see if peer labeling is currently enabled* Description:* This function checks if NetLabel or labeled IPSEC is enabled
5028  如果非secmark_active且非peerlbl_active则返回:0
5031  type等于LSM_AUDIT_DATA_NET
5032  net等于net
5033  netif等于skb_iif
5034  family等于family
5035  err等于selinux_parse_skb(skb, & ad, & addrp, 1, NULL)
5036  如果err则返回:err
5039  如果peerlbl_active
5042  err等于selinux_skb_peerlbl_sid - Determine the peer label of a packet*@skb: the packet*@family: protocol family*@sid: the packet's peer label SID* Description:* Check the various different forms of network peer labeling and determine* the peer label/SID for the
5043  如果err则返回:err
5045  err等于selinux_inet_sys_rcv_skb(sock_net(sk), skb_iif, addrp, family, peer_sid, & ad)
5047  如果err
5049  返回:err
5051  err等于avc_has_perm - Check permissions and perform any appropriate auditing
5054  如果err
5056  返回:err
5060  如果secmark_active
5061  err等于avc_has_perm - Check permissions and perform any appropriate auditing
5064  如果err则返回:err
5068  返回:err