函数逻辑报告 |
Source Code:security\smack\smack.h |
Create Date:2022-07-27 20:48:31 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| 首页 | 函数Tree |
| 注解内核,赢得工具 | 下载SCCT | English |
函数名称:some inline functions to set up audit data* they do nothing if CONFIG_AUDIT is not set
函数原型:static inline void smk_ad_init(struct smk_audit_info *a, const char *func, char type)
返回类型:void
参数:
| 类型 | 参数 | 名称 |
|---|---|---|
| struct smk_audit_info * | a | |
| const char * | func | |
| char | type |
| 456 | smack_audit_data等于sad |
| 名称 | 描述 |
|---|---|
| smk_ptrace_rule_check | smk_ptrace_rule_check - helper for ptrace access*@tracer: tracer process*@tracee_known: label entry of the process that's about to be traced*@mode: ptrace attachment mode (PTRACE_MODE_*)*@func: name of the function that called us, used for audit* Returns |
| smack_sb_statfs | smack_sb_statfs - Smack check on statfs*@dentry: identifies the file system in question* Returns 0 if current can read the floor of the filesystem,* and error code otherwise |
| smack_inode_link | smack_inode_link - Smack check on link*@old_dentry: the existing object*@dir: unused*@new_dentry: the new object* Returns 0 if access is permitted, an error code otherwise |
| smack_inode_unlink | smack_inode_unlink - Smack check on inode deletion*@dir: containing directory object*@dentry: file to unlink* Returns 0 if current can write the containing directory* and the object, error code otherwise |
| smack_inode_rmdir | smack_inode_rmdir - Smack check on directory deletion*@dir: containing directory object*@dentry: directory to unlink* Returns 0 if current can write the containing directory* and the directory, error code otherwise |
| smack_inode_rename | smack_inode_rename - Smack check on rename*@old_inode: unused*@old_dentry: the old object*@new_inode: unused*@new_dentry: the new object* Read and write access is required on both the old and* new directories |
| smack_inode_permission | smack_inode_permission - Smack version of permission()*@inode: the inode in question*@mask: the access requested* This is the important Smack hook.* Returns 0 if access is permitted, an error code otherwise |
| smack_inode_setattr | smack_inode_setattr - Smack check for setting attributes*@dentry: the object*@iattr: for the force flag* Returns 0 if access is permitted, an error code otherwise |
| smack_inode_getattr | smack_inode_getattr - Smack check for getting attributes*@path: path to extract the info from* Returns 0 if access is permitted, an error code otherwise |
| smack_inode_setxattr | smack_inode_setxattr - Smack check for setting xattrs*@dentry: the object*@name: name of the attribute*@value: value of the attribute*@size: size of the value*@flags: unused* This protects the Smack attribute explicitly |
| smack_inode_getxattr | smack_inode_getxattr - Smack check on getxattr*@dentry: the object*@name: unused* Returns 0 if access is permitted, an error code otherwise |
| smack_inode_removexattr | smack_inode_removexattr - Smack check on removexattr*@dentry: the object*@name: name of the attribute* Removing the Smack attribute requires CAP_MAC_ADMIN* Returns 0 if access is permitted, an error code otherwise |
| smack_file_ioctl | smack_file_ioctl - Smack check on ioctls*@file: the object*@cmd: what to do*@arg: unused* Relies heavily on the correct use of the ioctl command conventions.* Returns 0 if allowed, error code otherwise |
| smack_file_lock | smack_file_lock - Smack check on file locking*@file: the object*@cmd: unused* Returns 0 if current has lock access, error code otherwise |
| smack_file_fcntl | smack_file_fcntl - Smack check on fcntl*@file: the object*@cmd: what action to check*@arg: unused* Generally these operations are harmless |
| smack_file_send_sigiotask | smack_file_send_sigiotask - Smack on sigio*@tsk: The target task*@fown: the object the signal come from*@signum: unused* Allow a privileged task to get signals even if it shouldn't* Returns 0 if a subject with the object's smack could |
| smack_file_receive | smack_file_receive - Smack file receive check*@file: the object* Returns 0 if current has access, error code otherwise |
| smack_file_open | smack_file_open - Smack dentry open processing*@file: the object* Set the security blob in the file structure.* Allow the open only if the task has read access. There are* many read operations (e.g. fstat) that you can do with an |
| smk_curacc_on_task | smk_curacc_on_task - helper to log task related access*@p: the task object*@access: the access requested*@caller: name of the calling function for audit* Return 0 if access is permitted |
| smack_task_kill | smack_task_kill - Smack check on signal delivery*@p: the task object*@info: unused*@sig: unused*@cred: identifies the cred to use in lieu of current's* Return 0 if write access is permitted |
| smk_curacc_shm | smk_curacc_shm : check if current has access on shm*@isp : the object*@access : access requested* Returns 0 if current has the requested access, error code otherwise |
| smk_curacc_sem | smk_curacc_sem : check if current has access on sem*@isp : the object*@access : access requested* Returns 0 if current has the requested access, error code otherwise |
| smk_curacc_msq | smk_curacc_msq : helper to check if current has access on msq*@isp : the msq*@access : access requested* return 0 if current has access, error otherwise |
| smack_ipc_permission | smack_ipc_permission - Smack access for ipc_permission()*@ipp: the object permissions*@flag: access requested* Returns 0 if current has read and write access, error code otherwise |
| smack_key_permission | smack_key_permission - Smack access on a key*@key_ref: gets to the object*@cred: the credentials to use*@perm: requested key permissions* Return 0 if the task has read and write to the object,* an error code otherwise |
| smk_ad_init_net |
| 源代码转换工具 开放的插件接口 | X |
|---|---|
| 支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |