tomoyo_supervisor

函数名称：moyo_supervisor - Ask for the supervisor's decision

函数原型：int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...)

返回类型：int

参数：

类型	参数	名称
struct tomoyo_request_info *	r
const char *	fmt

2065

struct tomoyo_query entry = {}

2066

bool quota_exceeded = false

2068

va_start(args, fmt)

2069

len等于vsnprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@args: Arguments for the format string* This function generally 加1

2070

2072

va_start(args, fmt)

2073

moyo_write_log2 - Write an audit log.*@r: Pointer to "struct tomoyo_request_info".*@len: Buffer size needed for @fmt and @args.*@fmt: The printf()'s format string.*@args: va_list structure for @fmt.* Returns nothing.

2074

2076

如果granted则返回:0

2078

如果One of tomoyo_mode_index . 则moyo_update_stat - Update statistic counters.*@index: Index for policy type.* Returns nothing.

2081

当:One of tomoyo_mode_index . 恒等于TOMOYO_CONFIG_ENFORCING

2082

error等于负EPERM

2083

如果atomic_read( & Number of "struct file" referring /sys/kernel/security/tomoyo/query* interface.)则退出

2085

转到:out

2086

当:One of tomoyo_mode_index . 恒等于TOMOYO_CONFIG_LEARNING

2087

error等于0

2089

如果moyo_domain_quota_is_ok - Check for domain's quota.*@r: Pointer to "struct tomoyo_request_info".* Returns true if the domain is not exceeded quota, false otherwise.* Caller holds tomoyo_read_lock().则退出

2092

默认

2093

返回:0

2096

va_start(args, fmt)

2097

query等于moyo_init_log - Allocate buffer for audit logs

2098

2099

如果非query则转到:out

2101

query_len等于strlen - Find the length of a string*@s: The string to be sized加1

2102

如果非error则

2103

moyo_add_entry - Add an ACL to current thread's domain. Used by learning mode.*@domain: Pointer to "struct tomoyo_domain_info".*@header: Lines containing ACL.* Returns nothing.

2104

转到:out

2106

len等于moyo_round2 - Round up to power of 2 for calculating memory usage.*@size: Size to be rounded up.* Returns @size.* Since SLOB does not round up, this function simply returns @size.

2107

domain等于domain

2108

2109

如果tomoyo_memory_quota[TOMOYO_MEMORY_QUERY]且tomoyo_memory_used[TOMOYO_MEMORY_QUERY]加len大于等于tomoyo_memory_quota[TOMOYO_MEMORY_QUERY]则

2112

quota_exceeded = true

2113

否则

2114

serial等于tomoyo_serial自加

2115

retry等于retry

2116

tomoyo_memory_used[TOMOYO_MEMORY_QUERY]加等于len

2117

添加链表项

2119

自旋锁解锁

2120

如果quota_exceeded则转到:out

2123

当timer小于10循环

2124

wake_up_all( & Wait queue for kernel -> userspace notification. )

2125

如果(wait_event_interruptible_timeout - sleep until a condition gets true or a timeout elapses*@wq_head: the waitqueue to wait on*@condition: a C expression for the event to wait for*@timeout: timeout, in jiffies* The process is put to sleep (Wait queue for userspace -> kernel notification. , answer || !atomic_read( & Number of "struct file" referring /sys/kernel/security/tomoyo/query* interface.), HZ))则退出

2129

timer自加

2131

2132

删除链表项

2133

tomoyo_memory_used[TOMOYO_MEMORY_QUERY]减等于len

2134

自旋锁解锁

2136

当:answer恒等于3

2137

error等于Retry this request. Returned by tomoyo_supervisor() if policy violation has* occurred in enforcing mode and the userspace daemon decided to retry.* We must choose a positive value in order to distinguish "granted" (which is

2138

retry自加

2139

2140

当:answer恒等于1

2142

error等于0

2143

2144

默认

2146

2148

out :

2149

2150

返回:error

**调用者**
名称	描述
tomoyo_audit_env_log	moyo_audit_env_log - Audit environment variable name log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_path_log	moyo_audit_path_log - Audit path request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_path2_log	moyo_audit_path2_log - Audit path/path request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_mkdev_log	moyo_audit_mkdev_log - Audit path/number/number/number request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_path_number_log	moyo_audit_path_number_log - Audit path/number request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_mount_log	moyo_audit_mount_log - Audit mount log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_net_log	moyo_audit_net_log - Audit network log.@r: Pointer to "struct tomoyo_request_info".@family: Name of socket family ("inet" or "unix").@protocol: Name of protocol in @family.@operation: Name of socket operation.*@address: Name of address.

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码