Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\apparmor\mount.c Create Date:2022-07-28 19:54:44
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:helper fn for transition on pivotroot* Returns: label for transition or ERR_PTR. Does not return NULL

Proto:static struct aa_label *build_pivotroot(struct aa_profile *profile, const struct path *new_path, char *new_buffer, const struct path *old_path, char *old_buffer)

Type:struct aa_label

Parameter:

TypeParameterName
struct aa_profile *profile
const struct path *new_path
char *new_buffer
const struct path *old_path
char *old_buffer
644  const char * old_name, * new_name = NULL, * info = NULL
645  const char * trans_name = NULL
646  struct aa_perms perms = {}
650  AA_BUG(!profile)
651  AA_BUG(!new_path)
652  AA_BUG(!old_path)
654  If profile_unconfined(profile) || Not PROFILE_MEDIATES(profile, AA_CLASS_MOUNT) Then Return aa_get_newest_label - find the newest version of @l*@l: the label to check for newer versions of* Returns: refcounted newest version of @l taking into account* replacement, renames and removals* return @l.
658  error = aa_path_name - get the pathname to a buffer ensure dir / is appended*@path: path the file (NOT NULL)*@flags: flags controlling path name generation*@buffer: buffer to put name in (NOT NULL)*@name: Returns - the generated path name if !error (NOT
661  If error Then Go to audit
663  error = aa_path_name - get the pathname to a buffer ensure dir / is appended*@path: path the file (NOT NULL)*@flags: flags controlling path name generation*@buffer: buffer to put name in (NOT NULL)*@name: Returns - the generated path name if !error (NOT
666  If error Then Go to audit
669  error = -EACCES
670  state = aa_dfa_match - traverse @dfa to find state @str stops at*@dfa: the dfa to match @str against (NOT NULL)*@start: the state of the dfa to start matching in*@str: the null terminated string of bytes to match against the dfa (NOT NULL)* aa_dfa_match will
673  state = aa_dfa_null_transition - step to next state after null character*@dfa: the dfa to match against*@start: the state of the dfa to start matching in* aa_dfa_null_transition transitions to the next state after a null* character which is not used in standard
674  state = aa_dfa_match - traverse @dfa to find state @str stops at*@dfa: the dfa to match @str against (NOT NULL)*@start: the state of the dfa to start matching in*@str: the null terminated string of bytes to match against the dfa (NOT NULL)* aa_dfa_match will
675  perms = mpute_mnt_perms - compute mount permission associated with @state*@dfa: dfa to match against (NOT NULL)*@state: state match finished in* Returns: mount permissions
677  If mount perms & allow Then error = 0
680  audit :
681  error = audit_mount - handle the auditing of mount operations*@profile: the profile being enforced (NOT NULL)*@op: operation being mediated (NOT NULL)*@name: name of object being mediated (MAYBE NULL)*@src_name: src_name of object being mediated
684  If error Then Return ERR_PTR(error)
687  Return aa_get_newest_label - find the newest version of @l*@l: the label to check for newer versions of* Returns: refcounted newest version of @l taking into account* replacement, renames and removals* return @l.
Caller
NameDescribe
aa_pivotroot