Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\tomoyo\domain.c Create Date:2022-07-28 19:40:32
Last Modify:2022-05-23 20:14:46 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:moyo_find_next_domain - Find a domain.*@bprm: Pointer to "struct linux_binprm".* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().

Proto:int tomoyo_find_next_domain(struct linux_binprm *bprm)

Type:int

Parameter:

TypeParameterName
struct linux_binprm *bprm
705  old_domain = moyo_domain - Get "struct tomoyo_domain_info" for current thread.* Returns pointer to "struct tomoyo_domain_info" for current thread.
706  struct tomoyo_domain_info * domain = NULL
707  original_name = Name of binary as seen by procps
708  retval = -ENOMEM
709  bool reject_on_transition_failure = false
712  ee = kzalloc - allocate memory. The memory is set to zero.*@size: how many bytes of memory are required.*@flags: the type of memory to allocate (see kmalloc).
714  If Not ee Then Return -ENOMEM
716  Size is TOMOYO_EXEC_TMPSIZE bytes = kzalloc - allocate memory. The memory is set to zero.*@size: how many bytes of memory are required.*@flags: the type of memory to allocate (see kmalloc).
717  If Not Size is TOMOYO_EXEC_TMPSIZE bytes Then
718  kfree(ee)
719  Return -ENOMEM
722  tomoyo_init_request_info( & r, NULL, TOMOYO_MAC_FILE_EXECUTE)
723  For holding parameters specific to execve() request.* NULL if not dealing do_execve(). = ee
724  bprm = bprm
725  For holding parameters specific to operations which deal files.* NULL if not dealing files. = obj
726  First pathname. Initialized with { NULL, NULL } if no path. = f_path
728  retval = -ENOENT
729  name = tomoyo_realpath_nofollow(original_name)
730  If Not name Then Go to out
732  tomoyo_fill_path_info( & exename)
733  retry :
737  list = List of policy. [TOMOYO_ID_AGGREGATOR]
741  candidate = exename
744  If rue or false or TOMOYO_GC_IN_PROGRESS || Not moyo_path_matches_pattern - Check whether the given filename matches the given pattern.*@filename: The filename to check.*@pattern: The pattern to compare.* Returns true if matches, false otherwise.* The following patterns are available.* \\ \ itself. Then Continue
748  candidate = aggregated_name
749  Break
754  retval = moyo_execute_permission - Check permission for execute operation.*@r: Pointer to "struct tomoyo_request_info".*@filename: Filename to check.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().
755  If retval == Retry this request. Returned by tomoyo_supervisor() if policy violation has* occurred in enforcing mode and the userspace daemon decided to retry.* We must choose a positive value in order to distinguish "granted" (which is Then Go to retry
757  If retval < 0 Then Go to out
765  If For using wildcards at tomoyo_find_next_domain(). Then candidate = For using wildcards at tomoyo_find_next_domain().
774  If transition Then
775  domainname = name
777  reject_on_transition_failure = true
778  If Not strcmp(domainname, "keep") Then Go to force_keep_domain
780  If Not strcmp(domainname, "child") Then Go to force_child_domain
782  If Not strcmp(domainname, "reset") Then Go to force_reset_domain
784  If Not strcmp(domainname, "initialize") Then Go to force_initialize_domain
786  If Not strcmp(domainname, "parent") Then
789  strncpy( Size is TOMOYO_EXEC_TMPSIZE bytes , name, TOMOYO_EXEC_TMPSIZE - 1)
791  cp = strrchr - Find the last occurrence of a character in a string*@s: The string to be searched*@c: The character to search for
792  If cp Then cp = '\0'
794  Else if domainname == '<' Then strncpy( Size is TOMOYO_EXEC_TMPSIZE bytes , domainname, TOMOYO_EXEC_TMPSIZE - 1)
796  Else snprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@
799  Go to force_jump_domain
807  Case moyo_transition_type - Get domain transition type == TOMOYO_TRANSITION_CONTROL_RESET
808  force_reset_domain :
810  snprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@
816  reject_on_transition_failure = true
817  Break
818  Case moyo_transition_type - Get domain transition type == TOMOYO_TRANSITION_CONTROL_INITIALIZE
819  force_initialize_domain :
821  snprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@
823  Break
824  Case moyo_transition_type - Get domain transition type == TOMOYO_TRANSITION_CONTROL_KEEP
825  force_keep_domain :
827  domain = old_domain
828  Break
829  Default
830  If old_domain == The initial domain. && Not External variable definitions. ********* Then
838  domain = old_domain
839  Break
841  force_child_domain :
843  snprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@
845  Break
847  force_jump_domain :
848  If Not domain Then domain = moyo_assign_domain - Create a domain or a namespace.*@domainname: The name of domain.*@transit: True if transit to domain found or created.* Returns pointer to "struct tomoyo_domain_info" on success, NULL otherwise.* Caller holds tomoyo_read_lock().
850  If domain Then retval = 0
852  Else if reject_on_transition_failure Then
853  pr_warn("ERROR: Domain '%s' not ready.\n", Size is TOMOYO_EXEC_TMPSIZE bytes )
854  retval = -ENOMEM
855  Else if One of tomoyo_mode_index . == TOMOYO_CONFIG_ENFORCING Then retval = -ENOMEM
857  Else
858  retval = 0
859  If Not flags[TOMOYO_DIF_TRANSITION_FAILED] Then
867  out :
868  If Not domain Then domain = old_domain
872  s = moyo_task - Get "struct tomoyo_task" for specified thread.*@task - Pointer to "struct task_struct".* Returns pointer to "struct tomoyo_task" for specified thread.
874  old_domain_info = domain_info
875  domain_info = domain
876  atomic_inc( & Number of referring tasks. )
878  kfree(name)
879  If Not retval Then
880  domain = domain
881  retval = moyo_environ - Check permission for environment variable names.*@ee: Pointer to "struct tomoyo_execve".* Returns 0 on success, negative value otherwise.
883  kfree( Size is TOMOYO_EXEC_TMPSIZE bytes )
884  kfree(Contents of "page". Size is PAGE_SIZE. )
885  kfree(ee)
886  Return retval
Caller
NameDescribe
tomoyo_bprm_check_securitymoyo_bprm_check_security - Target for security_bprm_check().*@bprm: Pointer to "struct linux_binprm".* Returns 0 on success, negative value otherwise.