函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smack_lsm.c Create Date:2022-07-27 20:53:34
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:smack_inet_conn_request - Smack access check on connect*@sk: socket involved*@skb: packet*@req: unused* Returns 0 if a task with the packet label could write to* the socket, otherwise an error code

函数原型:static int smack_inet_conn_request(struct sock *sk, struct sk_buff *skb, struct request_sock *req)

返回类型:int

参数:

类型参数名称
struct sock *sk
struct sk_buff *skb
struct request_sock *req
4084  family等于sk_family
4086  ssp等于sk_security
4098  如果family恒等于PF_INET6
4104  如果protocol恒等于htons(Internet Protocol packet )则family等于PF_INET
4106  否则返回:0
4117  如果skbsecmark不等于0则
4118  skp等于smack_from_secid(secmark)
4119  转到:access_check
4123  lbl_secattr_init - Initialize a netlbl_lsm_secattr struct*@secattr: the struct to initialize* Description:* Initialize an already allocated netlbl_lsm_secattr struct.
4124  rc等于netlbl_skbuff_getattr(skb, family, & secattr)
4125  如果rc恒等于0则skp等于smack_from_secattr - Convert a netlabel attr.mls.lvl/attr.mls.cat pair to smack*@sap: netlabel secattr*@ssp: socket security information* Returns a pointer to a Smack label entry found on the label list.
4127  否则skp等于smack_known_huh
4129  lbl_secattr_destroy - Clears a netlbl_lsm_secattr struct*@secattr: the struct to clear* Description:* Destroys the @secattr struct, including freeing all of the internal buffers.* The struct must be reset with a call to netlbl_secattr_init() before reuse.
4132  access_check :
4136  smk_ad_init_net( & ad, __func__, LSM_AUDIT_DATA_NET, & net)
4137  family等于family
4138  netif等于skb_iif
4139  pv4_skb_to_auditdata : fill auditdata from skb*@skb : the skb*@ad : the audit data to fill*@proto : the layer 4 protocol* return 0 on success
4145  rc等于smk_access(skp, inbound label , MAY_WRITE, & ad)
4146  rc等于smk_bu_note("IPv4 connect", skp, inbound label , MAY_WRITE, rc)
4147  如果rc不等于0则返回:rc
4154  peer_secid等于smk_secid
4161  hdr等于ip_hdr(skb)
4162  s_addr等于saddr
4163  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
4164  hskp等于smack_ipv4host_label - check host based restrictions*@sip: the object end* looks for host based access restrictions* This version will only be appropriate for really small sets of single label* hosts
4165  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
4167  如果(hskp == NULL)则rc等于netlbl_req_setattr(req, & wire labels )
4169  否则netlbl_req_delattr(req)
4172  返回:rc