函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\commoncap.c Create Date:2022-07-27 20:10:28
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Attempt to get the on-exec apply capability sets for an executable file from* its xattrs and, if present, apply them to the proposed credentials being* constructed by execve().

函数原型:static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_fcap)

返回类型:int

参数:

类型参数名称
struct linux_binprm *bprm
bool *effective
bool *has_fcap
652  rc等于0
655  cap_clear( caps we're permitted )
657  如果非file_caps_enabled则返回:0
660  如果非mnt_may_suid(mnt)则返回:0
668  如果非current_in_userns(s_user_ns)则返回:0
671  rc等于Extract the on-exec-apply capability sets for an executable file.
672  如果rc小于0则
673  如果rc恒等于负EINVALprintk - print a kernel message*@fmt: format string* This is printk(). It can be called from any context. We want it to work.* We try to grab the console_lock. If we succeed, it's easy - we log the* output and call the console drivers
676  否则如果rc恒等于负ENODATArc等于0
678  转到:out
681  rc等于Calculate the new process capability sets from the capability sets attached* to a file.
683  out :
684  如果rccap_clear( caps we're permitted )
687  返回:rc
调用者
名称描述
cap_bprm_set_credsap_bprm_set_creds - Set up the proposed credentials for execve().*@bprm: The execution parameters, including the proposed creds* Set up the proposed credentials for a new execution context being* constructed by execve()