Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\tomoyo\mount.c Create Date:2022-07-28 19:44:23
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:moyo_mount_acl - Check permission for mount() operation.*@r: Pointer to "struct tomoyo_request_info".*@dev_name: Name of device file. Maybe NULL.*@dir: Pointer to "struct path".*@type: Name of filesystem type.*@flags: Mount options.

Proto:static int tomoyo_mount_acl(struct tomoyo_request_info *r, const char *dev_name, const struct path *dir, const char *type, unsigned long flags)

Type:int

Parameter:

TypeParameterName
struct tomoyo_request_info *r
const char *dev_name
const struct path *dir
const char *type
unsigned longflags
82  struct tomoyo_obj_info obj = {}
84  struct file_system_type * fstype = NULL
85  const char * requested_type = NULL
86  const char * requested_dir_name = NULL
87  const char * requested_dev_name = NULL
91  need_dev = 0
92  error = -ENOMEM
94  For holding parameters specific to operations which deal files.* NULL if not dealing files. = obj
97  requested_type = tomoyo_encode(type)
98  If Not requested_type Then Go to out
100  name = requested_type
101  tomoyo_fill_path_info( & rtype)
104  Second pathname. Initialized with { NULL, NULL } if no path. = dir
105  requested_dir_name = moyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root
106  If Not requested_dir_name Then
107  error = -ENOMEM
108  Go to out
110  name = requested_dir_name
111  tomoyo_fill_path_info( & rdir)
114  If type == String table for special mount operations. [mount -o remount /dir ] Then Else if type == String table for special mount operations. [mount --make-unbindable /dir ] || type == String table for special mount operations. [mount --make-private /dir ] || type == String table for special mount operations. [mount --make-slave /dir ] || type == String table for special mount operations. [mount --make-shared /dir ] Then
121  Else if type == String table for special mount operations. [mount --bind /source /dest ] || type == String table for special mount operations. [mount --move /old /new ] Then
123  need_dev = -1
124  Else
125  fstype = get_fs_type(type)
126  If Not fstype Then
127  error = -ENODEV
128  Go to out
130  If fs_flags & FS_REQUIRES_DEV Then need_dev = 1
134  If need_dev Then
136  If Not dev_name || kern_path(dev_name, llow links at the end , & path) Then
137  error = -ENOENT
138  Go to out
140  First pathname. Initialized with { NULL, NULL } if no path. = path
141  requested_dev_name = moyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root
142  If Not requested_dev_name Then
143  error = -ENOENT
144  Go to out
146  Else
148  If Not dev_name Then dev_name = "<NULL>"
150  requested_dev_name = tomoyo_encode(dev_name)
151  If Not requested_dev_name Then
152  error = -ENOMEM
153  Go to out
156  name = requested_dev_name
157  tomoyo_fill_path_info( & rdev)
158  param_type = TOMOYO_TYPE_MOUNT_ACL
159  need_dev = need_dev
160  dev = rdev
161  dir = rdir
162  type = rtype
163  flags = flags
164  Do
165  moyo_check_acl - Do permission check.*@r: Pointer to "struct tomoyo_request_info".*@check_entry: Callback function to check type specific parameters.* Returns 0 on success, negative value otherwise.* Caller holds tomoyo_read_lock().
166  error = moyo_audit_mount_log - Audit mount log.*@r: Pointer to "struct tomoyo_request_info".* Returns 0 on success, negative value otherwise.
167  When error == Retry this request. Returned by tomoyo_supervisor() if policy violation has* occurred in enforcing mode and the userspace daemon decided to retry.* We must choose a positive value in order to distinguish "granted" (which is cycle
168  out :
169  kfree(requested_dev_name)
170  kfree(requested_dir_name)
171  If fstype Then put_filesystem(fstype)
173  kfree(requested_type)
175  If dentry Then path_put( & First pathname. Initialized with { NULL, NULL } if no path. )
177  Return error
Caller
NameDescribe
tomoyo_mount_permissionmoyo_mount_permission - Check permission for mount() operation.*@dev_name: Name of device file. Maybe NULL.*@path: Pointer to "struct path".*@type: Name of filesystem type. Maybe NULL.*@flags: Mount options.*@data_page: Optional data. Maybe NULL.