Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smack_access.c Create Date:2022-07-28 19:25:55
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:smack_privileged_cred - are all privilege requirements met by cred*@cap: The requested capability*@cred: the credential to use* Is the task privileged and allowed to be privileged* by the onlycap rule.

Proto:bool smack_privileged_cred(int cap, const struct cred *cred)

Type:bool

Parameter:

TypeParameterName
intcap
const struct cred *cred
634  tsp = smack_cred(cred)
635  skp = label for access control
639  rc = ap_capable - Determine whether a task has a particular effective capability*@cred: The credentials to use*@ns: The user namespace in which we need the capability*@cap: The capability to check for*@opts: Bitmask of options defined in include/linux/security
640  If rc Then Return false
643  _read_lock() - mark the beginning of an RCU read-side critical section* When synchronize_rcu() is invoked on one CPU while other CPUs* are within RCU read-side critical sections, then the* synchronize_rcu() is guaranteed to block until after all the other
644  If list_empty - tests whether a list is empty*@head: the list to test. Then
645  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
646  Return true
650  If smk_label == skp Then
651  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
652  Return true
655  _read_unlock() - marks the end of an RCU read-side critical section.* In most situations, rcu_read_unlock() is immune from deadlock.* However, in kernels built with CONFIG_RCU_BOOST, rcu_read_unlock()
657  Return false
Caller
NameDescribe
smack_file_send_sigiotasksmack_file_send_sigiotask - Smack on sigio*@tsk: The target task*@fown: the object the signal come from*@signum: unused* Allow a privileged task to get signals even if it shouldn't* Returns 0 if a subject with the object's smack could
smack_key_permissionsmack_key_permission - Smack access on a key*@key_ref: gets to the object*@cred: the credentials to use*@perm: requested key permissions* Return 0 if the task has read and write to the object,* an error code otherwise
smack_privilegedsmack_privileged - are all privilege requirements met*@cap: The requested capability* Is the task privileged and allowed to be privileged* by the onlycap rule.* Returns true if the task is allowed to be privileged, false if it's not.
smk_ptrace_rule_checksmk_ptrace_rule_check - helper for ptrace access*@tracer: tracer process*@tracee_known: label entry of the process that's about to be traced*@mode: ptrace attachment mode (PTRACE_MODE_*)*@func: name of the function that called us, used for audit* Returns