函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smack_access.c Create Date:2022-07-27 20:55:09
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:smk_import_entry - import a label, return the list entry*@string: a text string that might be a Smack label*@len: the maximum size, or zero if it is NULL terminated

函数原型:struct smack_known *smk_import_entry(const char *string, int len)

返回类型:struct smack_known

参数:

类型参数名称
const char *string
intlen
529  smack等于smk_parse_smack - parse smack label from a text string*@string: a text string that might contain a Smack label*@len: the maximum size, or zero if it is NULL terminated.* Returns a pointer to the clean label or an error code.
530  如果是错误则返回:错误指示
533  mutex_lock( & smack_known_lock)
535  skp等于smk_find_entry - find a label on the list, return the list entry*@string: a text string that might be a Smack label* Returns a pointer to the entry in the label list that* matches the passed string or NULL if not found.
536  如果(skp != NULL)则转到:freeout
539  skp等于分配内存并置零
540  如果(skp == NULL)则
541  skp等于错误号
542  转到:freeout
545  smk_known等于smack
546  smk_secid等于The initial value needs to be bigger than any of the* known values above.自加
547  domain等于smk_known
548  flags等于NETLBL_SECATTR_DOMAIN按位或NETLBL_SECATTR_MLS_LVL
554  slen等于strlen - Find the length of a string*@s: The string to be sized
555  如果slen小于Maximum number of bytes for the levels in a CIPSO IP option.* Why 23? CIPSO is constrained to 30, so a 32 byte buffer is* bigger than can be used, and 24 is the next lower multiple* of 8, and there are too many issues if there isn't space setrc等于smk_netlbl_mls - convert a catset to netlabel mls categories*@catset: the Smack categories*@sap: where to put the netlabel categories* Allocates and fills attr.mls* Returns 0 on success, error code on failure.
558  否则rc等于smk_netlbl_mls - convert a catset to netlabel mls categories*@catset: the Smack categories*@sap: where to put the netlabel categories* Allocates and fills attr.mls* Returns 0 on success, error code on failure.
562  如果rc大于等于0则
563  初始化链表头
564  mutex_init - initialize the mutex*@mutex: the mutex to be initialized* Initialize the mutex to unlocked state.* It is not allowed to initialize an already locked mutex.( & lock for rules )
569  smk_insert_entry - insert a smack label into a hash map,* this function must be called under smack_known_lock
570  转到:unlockout
575  释放内存
576  skp等于错误号
577  freeout :
578  释放内存
579  unlockout :
580  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
582  返回:skp
调用者
名称描述
smack_set_mnt_optssmack_set_mnt_opts - set Smack specific mount options*@sb: the file system superblock*@mnt_opts: Smack mount options*@kern_flags: mount option from kernel space or user space*@set_kern_flags: where to store converted mount opts* Returns 0 on success, an
smack_inode_setxattrsmack_inode_setxattr - Smack check for setting xattrs*@dentry: the object*@name: name of the attribute*@value: value of the attribute*@size: size of the value*@flags: unused* This protects the Smack attribute explicitly
smack_inode_post_setxattrsmack_inode_post_setxattr - Apply the Smack update approved above*@dentry: object*@name: attribute name*@value: attribute value*@size: attribute size*@flags: unused* Set the pointer in the inode blob to the entry found* in the master label list.
smack_inode_setsecuritysmack_inode_setsecurity - set smack xattrs*@inode: the object*@name: attribute name*@value: attribute value*@size: size of the attribute*@flags: unused* Sets the named attribute in the appropriate blob* Returns 0 on success, or an error code
smack_setprocattrsmack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/
smack_audit_rule_initsmack_audit_rule_init - Initialize a smack audit rule*@field: audit rule fields given from user-space (audit.h)*@op: required testing operator (=, !=, >, <, ...)*@rulestr: smack label to be audited*@vrule: pointer to save our own audit rule representation
smk_fill_rulesmk_fill_rule - Fill Smack rule from strings*@subject: subject label string*@object: object label string*@access1: access string*@access2: string with permissions to be removed*@rule: Smack rule*@import: if non-zero, import labels*@len: label length limit
smk_set_cipsosmk_set_cipso - do the work for write() for cipso and cipso2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start*@format: /smack/cipso or /smack/cipso2
smk_write_net4addrsmk_write_net4addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net4addr per write call
smk_write_net6addrsmk_write_net6addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net6addr per write call
smk_write_ambientsmk_write_ambient - write() for /smack/ambient*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_parse_label_listsmk_parse_label_list - parse list of Smack labels, separated by spaces*@data: the string to parse*@private: destination list* Returns zero on success or error code, as appropriate
smk_write_syslogsmk_write_syslog - write() for smackfs/syslog*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate