Function Report

Linux Kernel (v4.4)

Source File:include\linux\capability.h Create Date:2016-01-14 09:02:49
Last Modify:2016-01-11 07:01:32 Copyright©Brick
home page Tree
Annotate the kernelChinese

Function Name:capable

Function:static inline bool capable(int cap)

Return Type:static inline bool

Parameter:

Type Parameter NameRemarks
int cap

Function description:Check operation authority

238  Returning true
Caller
Function NameFunction description
sys_iopermthis changes the io permissions bitmap in the current task.
SYSC_iopl
store_cache_disable
subcaches_store
p4_validate_raw_event
intel_pmu_hw_config
mce_chrdev_ioctl
mce_writeError injection interface
mtrr_writeseq_file can seek but we ignore it.
mtrr_ioctl
msr_open
do_open
do_vm86_irq_handling
copy_processCreate a new process
proc_taintTaint values can only be increased This means we can safely use a temporary.
proc_dointvec_minmax_sysadmin
ptrace_setoptions
do_prlimitmake sure you are allowed to change@tsk limits before calling this
prctl_set_mm
proc_cap_handler
can_nice check if a task can reduce its nice value
__sched_setscheduler
proc_sched_autogroup_set_nice
snapshot_ioctl
pm_wake_lock
pm_wake_unlock
check_syslog_permissions
ntp_validate_timex Ensures the timex is ok for use in do_adjtimex
alarm_timer_create posix timer_create interface
alarm_timer_nsleep alarmtimer nanosleep
may_init_module
SYSC_acct
SYSC_kexec_load
SYSC_kexec_file_load
audit_bindRun custom bind function on netlink socket group connect or bind requests.
audit_set_loginuid_perm
perf_trace_event_perm
bpf_prog_load
SYSC_bpf
bpf_check
find_get_contextReturns a matching context with refcount and pincount.
perf_mmap
perf_copy_attr
SYSC_perf_event_open
validate_hw_breakpoint
can_do_mlock
do_mlock
SYSC_mlockall
user_shm_lock
mlock_future_check
acct_stack_growthVerify that the stack growth is acceptable and update accounting. This is shared with both the grow-up and grow-down cases.
vma_to_resize
madvise_hwpoisonError injection support for memory error handling.
SYSC_swapoff
SYSC_swapon
do_mbind
SYSC_migrate_pages
SYSC_move_pages
hwpoison_inject
hwpoison_unpoison
msgctl_downThis function handles some msgctl commands which require the rwsem to be held in write mode. NOTE: no locks must be held, the rwsem is taken inside this function.
mqueue_create
mq_attr_ok
blkpg_ioctl
__blkdev_reread_partThis is an exported API for the block driver, and will not acquire bd_mutex. This API should be used in case that caller has held bd_mutex already.
blkdev_pr_register
blkdev_pr_reserve
blkdev_pr_release
blkdev_pr_preempt
blkdev_pr_clear
blkdev_flushbuf
blkdev_roset
blkdev_bszsetset the logical block size
blkdev_ioctlalways keep this in sync with compat_blkdev_ioctl()
blk_verify_command
scsi_verify_blk_ioctl
set_task_ioprio
SYSC_ioprio_set
blk_fill_sgv4_hdr_rq
compat_blkdev_ioctlMost of the generic ioctls are handled in the normal fallback path. This assumes the blkdev's low level compat_ioctl always returns ENOIOCTLCMD for unknown ioctls.
selinux_inode_setotherxattr
selinux_inode_setxattr
selinux_setprocattr
smk_ptrace_rule_check helper for ptrace access
smack_privilegedIs the task privileged and allowed to be privileged by the onlycap rule.
aa_may_manage_policy can the current task manage policy
param_set_aalockpolicyset global flag turning off the ability to load policy
param_get_aalockpolicy
param_set_aaboolAppArmor sysfs module parameters
param_get_aabool
param_set_aauint
param_get_aauint
param_get_audit
param_set_audit
param_get_mode
param_set_mode
yama_dointvec_minmax
ima_protect_xattr protect'security.ima'
evm_protect_xattr protect the EVM extended attribute
evm_write_key write() for/evm
sys_vhangup
ep_take_care_of_epollwakeup
get_empty_filpFind an unused file structure and return a pointer to it. Returns an error pointer if some error happend e.g. we over file structures limit, run out of memory or operation is not permitted.
pipe_fcntl
vfs_mknod
SYSC_linkat
SYSC_renameat2
ioctl_fibmap
ioctl_fsfreeze
ioctl_fsthaw
should_remove_suidThe logic we want is
do_umount
SYSC_umount
do_remountchange filesystem flags. dir should be a physical root of filesystem. If you've mounted a non-root directory somewhere and want to do remount on it- tough luck.
xattr_permissionCheck permissions for extended attribute access. This is a bit complicated because different namespaces have very different rules.
simple_xattr_listxattr LIST operation for in-memory/pseudo filesystems
SYSC_bdflush
SYSC_fanotify_init
generic_setlease sets a lease on an open file
handle_to_path
ignore_hardlimit
check_quotactl_permission
oom_adj_write/proc/pid/oom_adj exists solely for backwards compatibility with previous kernels
oom_score_adj_write
proc_fault_inject_write
proc_map_files_follow_linkOnly allow CAP_SYS_ADMIN to follow the links, due to concerns about how the symlinks may be used to bypass permissions on ancestor directories in the path to the file in question.
open_kcore
configfs_setattr
SYSC_lookup_dcookie