Function report |
Source Code:security\smack\smack_access.c |
Create Date:2022-07-28 19:25:56 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:smack_privileged - are all privilege requirements met*@cap: The requested capability* Is the task privileged and allowed to be privileged* by the onlycap rule.* Returns true if the task is allowed to be privileged, false if it's not.
Proto:bool smack_privileged(int cap)
Type:bool
Parameter:
| Type | Parameter | Name |
|---|---|---|
| int | cap |
| 674 | If Value for the false possibility is greater at compile time(flags & I am a kernel thread ) Then Return true |
| Name | Describe |
|---|---|
| smack_set_mnt_opts | smack_set_mnt_opts - set Smack specific mount options*@sb: the file system superblock*@mnt_opts: Smack mount options*@kern_flags: mount option from kernel space or user space*@set_kern_flags: where to store converted mount opts* Returns 0 on success, an |
| smack_inode_setxattr | smack_inode_setxattr - Smack check for setting xattrs*@dentry: the object*@name: name of the attribute*@value: value of the attribute*@size: size of the value*@flags: unused* This protects the Smack attribute explicitly |
| smack_inode_removexattr | smack_inode_removexattr - Smack check on removexattr*@dentry: the object*@name: name of the attribute* Removing the Smack attribute requires CAP_MAC_ADMIN* Returns 0 if access is permitted, an error code otherwise |
| smack_setprocattr | smack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/ |
| smack_unix_stream_connect | smack_unix_stream_connect - Smack access on UDS*@sock: one sock*@other: the other sock*@newsk: unused* Return 0 if a subject with the smack of sock could access* an object with the smack of other, otherwise an error code |
| smack_unix_may_send | smack_unix_may_send - Smack access on UDS*@sock: one socket*@other: the other socket* Return 0 if a subject with the smack of sock could access* an object with the smack of other, otherwise an error code |
| smk_tskacc | smk_tskacc - determine if a task has a specific access to an object*@tsp: a pointer to the subject's task*@obj_known: a pointer to the object's label entry*@mode: the access requested, in "MAY" format*@a : common audit data* This function checks the |
| smk_write_load | smk_write_load - write() for /smack/load*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_set_cipso | smk_set_cipso - do the work for write() for cipso and cipso2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start*@format: /smack/cipso or /smack/cipso2 |
| smk_write_net4addr | smk_write_net4addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net4addr per write call |
| smk_write_net6addr | smk_write_net6addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net6addr per write call |
| smk_write_doi | smk_write_doi - write() for /smack/doi*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_direct | smk_write_direct - write() for /smack/direct*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_mapped | smk_write_mapped - write() for /smack/mapped*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_ambient | smk_write_ambient - write() for /smack/ambient*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_onlycap | smk_write_onlycap - write() for smackfs/onlycap*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_logging | smk_write_logging - write() for /smack/logging*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_load2 | smk_write_load2 - write() for /smack/load2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_revoke_subj | smk_write_revoke_subj - write() for /smack/revoke-subject*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_change_rule | smk_write_change_rule - write() for /smack/change-rule*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_syslog | smk_write_syslog - write() for smackfs/syslog*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_relabel_self | smk_write_relabel_self - write() for /smack/relabel-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_ptrace | smk_write_ptrace - write() for /smack/ptrace*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0 |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |