Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smackfs.c Create Date:2022-07-28 19:27:15
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:smk_set_cipso - do the work for write() for cipso and cipso2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start*@format: /smack/cipso or /smack/cipso2

Proto:static ssize_t smk_set_cipso(struct file *file, const char __user *buf, size_t count, loff_t *ppos, int format)

Type:ssize_t

Parameter:

TypeParameterName
struct file *file
const char __user *buf
size_tcount
loff_t *ppos
intformat
840  rc = -EINVAL
841  char * data = NULL
851  If Not smack_privileged - are all privilege requirements met*@cap: The requested capability* Is the task privileged and allowed to be privileged* by the onlycap rule.* Returns true if the task is allowed to be privileged, false if it's not. Then Return -EPERM
853  If ppos != 0 Then Return -EINVAL
855  If format == Fixed 24byte label format && ( count < SMK_CIPSOMIN || count > SMK_CIPSOMAX ) Then Return -EINVAL
859  data = memdup_user_nul - duplicate memory region from user space and NUL-terminate*@src: source address in user space*@len: number of bytes to copy* Return: an ERR_PTR() on failure.
860  If IS_ERR(data) Then Return PTR_ERR(data)
863  rule = data
868  mutex_lock( & List locks)
870  skp = smk_import_entry - import a label, return the list entry*@string: a text string that might be a Smack label*@len: the maximum size, or zero if it is NULL terminated
871  If IS_ERR(skp) Then
872  rc = PTR_ERR(skp)
873  Go to out
876  If format == Fixed 24byte label format Then rule += Smack labels were limited to 23 characters for a long time.
878  Else rule += strlen - Find the length of a string*@s: The string to be sized + 1
881  ret = sscanf - Unformat a buffer into a list of arguments*@buf: input buffer*@fmt: formatting of buffer*@...: resulting arguments
882  If ret != 1 || maplevel > CIPSO 2.2 standard Then Go to out
885  rule += Values for parsing cipso rules* SMK_DIGITLEN: Length of a digit field in a rule.* SMK_CIPSOMIN: Minimum possible cipso rule length.* SMK_CIPSOMAX: Maximum possible cipso rule length.
886  ret = sscanf - Unformat a buffer into a list of arguments*@buf: input buffer*@fmt: formatting of buffer*@...: resulting arguments
887  If ret != 1 || catlen > 23 * 8 Then Go to out
890  If format == Fixed 24byte label format && count != SMK_CIPSOMIN + catlen * Values for parsing cipso rules* SMK_DIGITLEN: Length of a digit field in a rule.* SMK_CIPSOMIN: Minimum possible cipso rule length.* SMK_CIPSOMAX: Maximum possible cipso rule length. Then Go to out
894  memset(mapcatset, 0, size of mapcatset )
896  When i < catlen cycle
897  rule += Values for parsing cipso rules* SMK_DIGITLEN: Length of a digit field in a rule.* SMK_CIPSOMIN: Minimum possible cipso rule length.* SMK_CIPSOMAX: Maximum possible cipso rule length.
898  ret = sscanf - Unformat a buffer into a list of arguments*@buf: input buffer*@fmt: formatting of buffer*@...: resulting arguments
899  If ret != 1 || cat > 23 * 8 Then Go to out
902  Stricly for CIPSO level manipulation.* Set the category bit number in a smack label sized buffer.
905  rc = smk_netlbl_mls - convert a catset to netlabel mls categories*@catset: the Smack categories*@sap: where to put the netlabel categories* Allocates and fills attr.mls* Returns 0 on success, error code on failure.
906  If rc >= 0 Then
907  lbl_catmap_free - Free a LSM secattr catmap*@catmap: the category bitmap* Description:* Free a LSM secattr catmap.
908  cat = cat
909  lvl = lvl
910  rc = count
913  out :
914  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
915  kfree(data)
916  Return rc
Caller
NameDescribe
smk_write_cipsosmk_write_cipso - write() for /smack/cipso*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one cipso rule per write call
smk_write_cipso2smk_write_cipso2 - write() for /smack/cipso2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one cipso rule per write call