Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\tomoyo\condition.c Create Date:2022-07-28 19:38:34
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:moyo_get_condition - Parse condition part.*@param: Pointer to "struct tomoyo_acl_param".* Returns pointer to "struct tomoyo_condition" on success, NULL otherwise.

Proto:struct tomoyo_condition *tomoyo_get_condition(struct tomoyo_acl_param *param)

Type:struct tomoyo_condition

Parameter:

TypeParameterName
struct tomoyo_acl_param *param
497  struct tomoyo_condition * entry = NULL
498  struct tomoyo_condition_element * condp = NULL
499  struct tomoyo_number_union * numbers_p = NULL
500  struct tomoyo_name_union * names_p = NULL
501  struct tomoyo_argv * argv = NULL
502  struct tomoyo_envp * envp = NULL
503  struct tomoyo_condition e = {}
504  start_of_string = moyo_get_transit_preference - Parse domain transition preference for execve().*@param: Pointer to "struct tomoyo_acl_param".*@e: Pointer to "struct tomoyo_condition".* Returns the condition string part.
506  end_of_string = start_of_string + strlen - Find the length of a string*@s: The string to be sized
509  rerun :
510  pos = start_of_string
511  When 1 cycle
512  left = -1
513  right = -1
514  left_word = pos
519  If Not left_word Then Break
531  cp = strchr - Find the first occurrence of the character c in the string s.*@s: the string to be searched*@c: the character to search for
532  If cp Then
533  cp = '\0'
534  pos = cp + 1
535  Else
536  pos = ""
538  right_word = strchr - Find the first occurrence of the character c in the string s.*@s: the string to be searched*@c: the character to search for
539  If Not right_word || right_word == left_word Then Go to out
541  is_not = *(right_word - 1) == '!'
542  If is_not Then * (right_word++ - 1) = '\0'
544  Else if *(right_word + 1) != '=' Then right_word++ = '\0'
546  Else Go to out
548  Define this to enable debug mode. (warning conditions "%u: <%s>%s=<%s>\n", __LINE__, left_word, is_not ? "!" : "", right_word)
550  If Not strcmp(left_word, "grant_log") Then
551  If entry Then
562  Continue
564  If Not strncmp(left_word, "exec.argv[", 10) Then
565  If Not argv Then
568  Else
577  Go to store_value
579  If Not strncmp(left_word, "exec.envp[\"", 11) Then
580  If Not envp Then
583  Else
592  Go to store_value
594  left = moyo_condition_type - Get condition type.*@word: Keyword string.* Returns one of values in "enum tomoyo_conditions_index" on success,* TOMOYO_MAX_CONDITION_KEYWORD otherwise.
595  Define this to enable debug mode. (warning conditions "%u: <%s> left=%u\n", __LINE__, left_word, left)
597  If left == TOMOYO_MAX_CONDITION_KEYWORD Then
598  If Not numbers_p Then
600  Else
610  If Not condp Then Number of conditions in this struct. ++
612  Else Number of conditions in this struct. --
614  If left == TOMOYO_EXEC_REALPATH || left == TOMOYO_SYMLINK_TARGET Then
616  If Not names_p Then
618  Else
626  Go to store_value
628  right = moyo_condition_type - Get condition type.*@word: Keyword string.* Returns one of values in "enum tomoyo_conditions_index" on success,* TOMOYO_MAX_CONDITION_KEYWORD otherwise.
629  If right == TOMOYO_MAX_CONDITION_KEYWORD Then
630  If Not numbers_p Then
632  Else
641  store_value :
642  If Not condp Then
643  Define this to enable debug mode. (warning conditions "%u: dry_run left=%u right=%u match=%u\n", __LINE__, left, right, !is_not)
645  Continue
647  Left hand operand. A "struct tomoyo_argv" for TOMOYO_ARGV_ENTRY, a* "struct tomoyo_envp" for TOMOYO_ENVP_ENTRY is attached to the tail* of the array of this struct. = left
648  Right hand operand. A "struct tomoyo_number_union" for* TOMOYO_NUMBER_UNION, a "struct tomoyo_name_union" for* TOMOYO_NAME_UNION is attached to the tail of the array of this* struct. = right
649  Equation operator. True if equals or overlaps, false otherwise. = Not is_not
650  Define this to enable debug mode. (warning conditions "%u: left=%u right=%u match=%u\n", __LINE__, Left hand operand. A "struct tomoyo_argv" for TOMOYO_ARGV_ENTRY, a* "struct tomoyo_envp" for TOMOYO_ENVP_ENTRY is attached to the tail* of the array of this struct., Right hand operand. A "struct tomoyo_number_union" for* TOMOYO_NUMBER_UNION, a "struct tomoyo_name_union" for* TOMOYO_NAME_UNION is attached to the tail of the array of this* struct., Equation operator. True if equals or overlaps, false otherwise. )
653  condp++
655  Define this to enable debug mode. (formational "%u: cond=%u numbers=%u names=%u ac=%u ec=%u\n", __LINE__, Number of conditions in this struct. , Number of "struct tomoyo_number_union values". , Number of "struct tomoyo_name_union names". , Number of "struct tomoyo_argv". , Number of "struct tomoyo_envp". )
658  If entry Then
659  BUG_ON(Number of "struct tomoyo_name_union names". | Number of "struct tomoyo_number_union values". | Number of "struct tomoyo_argv". | Number of "struct tomoyo_envp". | Number of conditions in this struct. )
661  Return moyo_commit_condition - Commit "struct tomoyo_condition".*@entry: Pointer to "struct tomoyo_condition".* Returns pointer to "struct tomoyo_condition" on success, NULL otherwise.* This function merges duplicated entries. This function returns NULL if
663  Memory size allocated for this entry. = size of entry + Number of conditions in this struct. * sizeof(structtomoyo_condition_element) + Number of "struct tomoyo_number_union values". * sizeof(structtomoyo_number_union) + Number of "struct tomoyo_name_union names". * sizeof(structtomoyo_name_union) + Number of "struct tomoyo_argv". * size of moyo_argv - Check argv[] in "struct linux_binbrm".*@index: Index number of @arg_ptr.*@arg_ptr: Contents of argv[@index].*@argc: Length of @argv.*@argv: Pointer to "struct tomoyo_argv".*@checked: Set to true if @argv[@index] was found. + Number of "struct tomoyo_envp". * size of moyo_envp - Check envp[] in "struct linux_binbrm".*@env_name: The name of environment variable.*@env_value: The value of environment variable.*@envc: Length of @envp.*@envp: Pointer to "struct tomoyo_envp".
669  entry = kzalloc - allocate memory. The memory is set to zero.*@size: how many bytes of memory are required.*@flags: the type of memory to allocate (see kmalloc).
670  If Not entry Then Go to out2
672  entry = e
673  Maybe NULL. = NULL
674  condp = entry + 1
675  numbers_p = condp + Number of conditions in this struct.
676  names_p = numbers_p + Number of "struct tomoyo_number_union values".
677  argv * moyo_argv - Check argv[] in "struct linux_binbrm".*@index: Index number of @arg_ptr.*@arg_ptr: Contents of argv[@index].*@argc: Length of @argv.*@argv: Pointer to "struct tomoyo_argv".*@checked: Set to true if @argv[@index] was found. = names_p + Number of "struct tomoyo_name_union names".
678  envp * moyo_envp - Check envp[] in "struct linux_binbrm".*@env_name: The name of environment variable.*@env_value: The value of environment variable.*@envc: Length of @envp.*@envp: Pointer to "struct tomoyo_envp". = argv + Number of "struct tomoyo_argv".
680  bool flag = false
682  When pos < end_of_string cycle
683  If pos Then Continue
685  If flag Then pos = ' '
687  Else if *(pos + 1) == '=' Then pos = '!'
689  Else pos = '='
691  flag = Not flag
694  Go to rerun
695  out :
696  Define this to enable debug mode. (warning conditions "%u: %s failed\n", __LINE__, __func__)
697  If entry Then
698  moyo_del_condition - Delete members in "struct tomoyo_condition".*@element: Pointer to "struct list_head".* Returns nothing.
699  kfree(entry)
701  out2 :
702  moyo_put_name - Drop reference on "struct tomoyo_name".*@name: Pointer to "struct tomoyo_path_info". Maybe NULL.* Returns nothing.
703  Return NULL
Caller
NameDescribe
tomoyo_update_domainmoyo_update_domain - Update an entry for domain policy.*@new_entry: Pointer to "struct tomoyo_acl_info".*@size: Size of @new_entry in bytes.*@param: Pointer to "struct tomoyo_acl_param".*@check_duplicate: Callback function to find duplicated entry.