函数逻辑报告 |
Source Code:include\linux\capability.h |
Create Date:2022-07-27 06:41:17 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| 首页 | 函数Tree |
| 注解内核,赢得工具 | 下载SCCT | English |
函数名称:ns_capable
函数原型:static inline bool ns_capable(struct user_namespace *ns, int cap)
返回类型:bool
参数:
| 类型 | 参数 | 名称 |
|---|---|---|
| struct user_namespace * | ns | |
| int | cap |
| 239 | 返回:true |
| 名称 | 描述 |
|---|---|
| capable_wrt_inode_uidgid | apable_wrt_inode_uidgid - Check nsown_capable and uid and gid mapped*@inode: The inode in question*@cap: The capability in question* Return true if the current task has the given capability targeted at* its own user namespace and that the given inode's |
| kill_ok_by_cred | alled with RCU read lock from check_kill_permission() |
| set_one_prio_perm | Returns true if current's euid is same as p's uid or euid,* or has CAP_SYS_NICE to p's user_ns.* Called with rcu_read_lock, creds are safe |
| SYSCALL_DEFINE2 | |
| SYSCALL_DEFINE2 | Only setdomainname; getdomainname can be implemented by calling* uname() |
| check_prlimit_permission | lock must be held |
| alloc_pid | 分配进程句柄 |
| copy_namespaces | 复制名称空间 |
| unshare_nsproxy_namespaces | Called from unshare. Unshare all the namespaces part of nsproxy.* On success, returns the new nsproxy. |
| SYSCALL_DEFINE4 | Reboot system call: for obvious reasons only root may call it,* and even root needs to set up some magic numbers in the registers* so that some mistake won't make this reboot the whole machine.* You can also set the meaning of the ctrl-alt-del-key here. |
| set_permissions | |
| may_setgroups | |
| sched_setaffinity | |
| copy_cgroup_ns | |
| cgroupns_install | |
| cgroup1_get_tree | |
| utsns_install | |
| new_idmap_permitted | |
| userns_install | |
| pidns_install | |
| ipcperms | pcperms - check ipc permissions*@ns: ipc namespace*@ipcp: ipc permission set*@flag: desired permission set* Check user, group, other permissions for access* to ipc resources. return 0 if allowed*@flag will most probably be 0 or ``S_ |
| ipcctl_obtain_check | pcctl_obtain_check - retrieve an ipc object and check permissions*@ns: ipc namespace*@ids: the table of ids where to look for the ipc*@id: the id of the ipc to retrieve*@cmd: the cmd to check*@perm: the permission to set*@extra_perm: one extra permission |
| shmctl_do_lock | |
| ipcns_install | |
| keyctl_get_persistent | Get the persistent keyring for a specific UID and link it to the nominated* keyring. |
| cap_ptrace_access_check | ap_ptrace_access_check - Determine whether the current process may access* another*@child: The process to be accessed*@mode: The mode of attachment.* If we are in the same or an ancestor user_ns and have all the target |
| cap_convert_nscap | User requested a write of security.capability. If needed, update the* xattr to change from v2 to v3, or to fixup the v3 rootid.* If all is ok, we return the new size, on error return < 0. |
| cap_bprm_set_creds | ap_bprm_set_creds - Set up the proposed credentials for execve().*@bprm: The execution parameters, including the proposed creds* Set up the proposed credentials for a new execution context being* constructed by execve() |
| cap_inode_setxattr | ap_inode_setxattr - Determine whether an xattr may be altered*@dentry: The inode/dentry being altered*@name: The name of the xattr to be changed*@value: The value that the xattr will be changed to*@size: The size of value*@flags: The replacement flag* |
| cap_inode_removexattr | ap_inode_removexattr - Determine whether an xattr may be removed*@dentry: The inode/dentry being altered*@name: The name of the xattr to be changed* Determine whether an xattr may be removed from an inode, returning 0 if |
| cap_safe_nice | Rationale: code calling task_setscheduler, task_setioprio, and* task_setnice, assumes that* |
| cap_prctl_drop | Implement PR_CAPBSET_DROP. Attempt to remove the specified capability from* the current task's bounding set. Returns 0 on success, -ve on error. |
| policy_admin_capable | |
| yama_ptrace_access_check | yama_ptrace_access_check - validate PTRACE_ATTACH calls*@child: task that current task is attempting to ptrace*@mode: ptrace attach mode* Returns 0 if following the ptrace is allowed, -ve on error. |
| ksys_chroot | |
| mount_capable | |
| ioctl_fsfreeze | |
| ioctl_fsthaw | |
| inode_owner_or_capable | de_owner_or_capable - check current task permissions to inode*@inode: inode being checked* Return true if current either has CAP_FOWNER in a namespace with the* inode owner uid mapped, or owns the file. |
| chown_ok | |
| chgrp_ok | |
| do_umount | |
| may_mount | Is the caller allowed to modify his namespace? |
| do_remount | hange filesystem flags. dir should be a physical root of filesystem.* If you've mounted a non-root directory somewhere and want to do remount* on it - tough luck. |
| mntns_install | |
| SYSCALL_DEFINE2 | Open a filesystem by name so that it can be configured for mounting.* We are allowed to specify a container in which the filesystem will be* opened, thereby indicating which namespaces will be used (notably, which |
| SYSCALL_DEFINE3 | Pick a superblock into a context for reconfiguration. |
| vfs_fsconfig_locked | Check the state and apply the configuration. Note that this function is* allowed to 'steal' the value by setting param->xxx to NULL before returning. |
| 源代码转换工具 开放的插件接口 | X |
|---|---|
| 支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |