get_file

Name:Attempt to get the on-exec apply capability sets for an executable file from* its xattrs and, if present, apply them to the proposed credentials being* constructed by execve().

Proto:static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_fcap)

Type:int

Parameter:

Type	Parameter	Name
struct linux_binprm *	bprm
bool *	effective
bool *	has_fcap

652

rc = 0

655

cap_clear( caps we're permitted )

657

If Not file_caps_enabled Then Return 0

660

If Not mnt_may_suid(mnt) Then Return 0

668

If Not current_in_userns(s_user_ns) Then Return 0

671

rc = Extract the on-exec-apply capability sets for an executable file.

672

If rc < 0 Then

673

If rc == -EINVAL Then printk - print a kernel message*@fmt: format string* This is printk(). It can be called from any context. We want it to work.* We try to grab the console_lock. If we succeed, it's easy - we log the* output and call the console drivers

676

Else if rc == -ENODATA Then rc = 0

678

Go to out

681

rc = Calculate the new process capability sets from the capability sets attached* to a file.

683

out :

684

If rc Then cap_clear( caps we're permitted )

687

Return rc

**Caller**
Name	Describe
cap_bprm_set_creds	ap_bprm_set_creds - Set up the proposed credentials for execve().@bprm: The execution parameters, including the proposed creds Set up the proposed credentials for a new execution context being* constructed by execve()

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report