Function report |
Source Code:include\linux\capability.h |
Create Date:2022-07-28 05:39:03 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:Check operation authority
Proto:static inline bool capable(int cap)
Type:bool
Parameter:
| Type | Parameter | Name |
|---|---|---|
| int | cap |
| 235 | Return true |
| Name | Describe |
|---|---|
| mtrr_write | seq_file can seek but we ignore it.* Format of control line:* "base=%Lx size=%Lx type=%s" or "disable=%d" |
| mtrr_ioctl | |
| msr_open | |
| do_open | |
| do_vm86_irq_handling | |
| copy_process | Create a new process |
| proc_taint | |
| proc_dointvec_minmax_sysadmin | |
| proc_do_static_key | |
| ptrace_setoptions | |
| do_prlimit | make sure you are allowed to change @tsk limits before calling this |
| prctl_set_mm | |
| proc_cap_handler | |
| can_nice | an_nice - check if a task can reduce its nice value*@p: task*@nice: nice value |
| __sched_setscheduler | |
| proc_sched_autogroup_set_nice | |
| snapshot_ioctl | |
| pm_wake_lock | |
| pm_wake_unlock | |
| check_syslog_permissions | |
| timekeeping_validate_timex | mekeeping_validate_timex - Ensures the timex is ok for use in do_adjtimex |
| may_init_module | |
| SYSCALL_DEFINE1 | sys_acct - enable/disable process accounting*@name: file name for accounting records or NULL to shutdown accounting* Returns 0 for success or negative errno values for failure.* sys_acct() is the only system call needed to implement process* accounting |
| kexec_load_check | Exec Kernel system call: for obvious reasons only root may call it |
| SYSCALL_DEFINE5 | |
| audit_bind | Run custom bind function on netlink socket group connect or bind requests. |
| audit_set_loginuid_perm | |
| write_actions_logged | |
| perf_event_query_prog_array | |
| map_freeze | |
| bpf_prog_load | |
| bpf_prog_attach | |
| bpf_prog_detach | |
| bpf_prog_query | |
| bpf_prog_test_run | |
| bpf_obj_get_next_id | |
| bpf_prog_get_fd_by_id | |
| bpf_map_get_fd_by_id | |
| bpf_prog_get_info_by_fd | |
| bpf_btf_load | |
| bpf_btf_get_fd_by_id | |
| bpf_task_fd_query | |
| bpf_check | |
| htab_map_alloc_check | Called from syscall |
| array_map_alloc | |
| trie_alloc | |
| queue_stack_map_alloc_check | Called from syscall |
| dev_map_alloc | |
| cpu_map_alloc | |
| xsk_map_alloc | |
| bpf_map_offload_map_alloc | |
| stack_map_alloc | Called from syscall |
| cgroup_base_func_proto | |
| reuseport_array_alloc | |
| perf_mmap | |
| hw_breakpoint_parse | |
| account_locked_vm | account_locked_vm - account locked pages to an mm's locked_vm*@mm: mm to account against, may be NULL*@pages: number of pages to account*@inc: %true if @pages should be considered positive, %false if not* Assumes a non-NULL @mm is valid (i |
| can_do_mlock | |
| do_mlock | |
| SYSCALL_DEFINE1 | |
| user_shm_lock | |
| mlock_future_check | |
| acct_stack_growth | Verify that the stack growth is acceptable and* update accounting. This is shared with both the |
| vma_to_resize | |
| madvise_inject_error | Error injection support for memory error handling. |
| SYSCALL_DEFINE1 | |
| SYSCALL_DEFINE2 | |
| do_mbind | |
| kernel_migrate_pages | |
| kernel_move_pages | Move a list of pages in the address space of the currently executing* process. |
| hwpoison_inject | |
| hwpoison_unpoison | |
| msgctl_down | This function handles some msgctl commands which require the rwsem* to be held in write mode.* NOTE: no locks must be held, the rwsem is taken inside this function. |
| mqueue_get_inode | |
| mqueue_create_attr | |
| blkpg_ioctl | |
| blkdev_reread_part | |
| blkdev_pr_register | |
| blkdev_pr_reserve | |
| blkdev_pr_release | |
| blkdev_pr_preempt | |
| blkdev_pr_clear | |
| blkdev_flushbuf | |
| blkdev_roset | |
| blkdev_bszset | set the logical block size |
| blkdev_ioctl | always keep this in sync with compat_blkdev_ioctl() |
| set_task_ioprio | |
| ioprio_check_cap | |
| blk_verify_command | |
| scsi_verify_blk_ioctl | |
| bsg_transport_check_proto | |
| compat_blkdev_ioctl | Most of the generic ioctls are handled in the normal fallback path.This assumes the blkdev's low level compat_ioctl always returnsENOIOCTLCMD for unknown ioctls. |
| blkdev_report_zones_ioctl | BLKREPORTZONE ioctl processing.* Called from blkdev_ioctl. |
| blkdev_zone_mgmt_ioctl | BLKRESETZONE, BLKOPENZONE, BLKCLOSEZONE and BLKFINISHZONE ioctl processing.* Called from blkdev_ioctl. |
| sed_ioctl | |
| keyctl_invalidate_key | Invalidate a key.* The key must be grant the caller Invalidate permission for this to work.* The key and any links to the key will be automatically garbage collected* immediately.* Keys with KEY_FLAG_KEEP set should not be invalidated. |
| keyctl_keyring_clear | Clear the specified keyring, creating an empty process keyring if one of the* special keyring IDs is used.* The keyring must grant the caller Write permission and not have* KEY_FLAG_KEEP set for this to work. If successful, 0 will be returned. |
| keyctl_chown_key | Change the ownership of a key* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. For the UID to be changed, or* for the GID to be changed to a group the caller is not a member of, the |
| keyctl_setperm_key | Change the permission mask on a key.* The key must grant the caller Setattr permission for this to work, though* the key need not be fully instantiated yet. If the caller does not have |
| pcrlock | Lock a trusted key, by extending a selected PCR.* Prevents a trusted key that is sealed to PCRs from being accessed.* This uses the tpm driver's extend function. |
| cap_settime | ap_settime - Determine whether the current process may set the system clock*@ts: The time to set*@tz: The timezone to set* Determine whether the current process may set the system clock and timezone |
| mmap_min_addr_handler | sysctl handler which just sets dac_mmap_min_addr = the new value and then* calls update_mmap_min_addr() so non MAP_FIXED hints get rounded properly |
| yama_dointvec_minmax | |
| devcgroup_update_access | Modify the exception list using allow/deny rules |
| ima_protect_xattr | ma_protect_xattr - protect 'security.ima'* Ensure that not just anyone can modify or remove 'security.ima'. |
| evm_protect_xattr | vm_protect_xattr - protect the EVM extended attribute* Prevent security.evm from being modified or removed without the* necessary permissions or when the existing value is invalid.* The posix xattr acls are 'system' prefixed, which normally would not |
| evm_write_key | vm_write_key - write() for |
| sys_vhangup | |
| allow_file_dedupe | Check whether we are allowed to dedupe the destination file |
| alloc_empty_file | Find an unused file structure and return a pointer to it |
| mount_capable | |
| is_unprivileged_user | |
| alloc_pipe_info | |
| pipe_set_size | Allocate a new array of pipe buffers and copy the info over. Returns the* pipe size if successful, or return -ERROR on error. |
| vfs_mknod | |
| do_linkat | Hardlinks are often used in delicate situations. We avoid* security-related surprises by not following symlinks on the* newname. --KAB* We don't follow them on the oldname either to be compatible* with linux 2.0, and to avoid hard-linking to directories |
| do_renameat2 | |
| ioctl_fibmap | |
| should_remove_suid | The logic we want is* if suid or (sgid and xgrp)* remove privs |
| vfs_ioc_setflags_prepare | Generic function to check FS_IOC_SETFLAGS values and reject any invalid* configurations.* Note: the caller should be holding i_mutex, or else be sure that they have* exclusive access to the inode structure. |
| vfs_ioc_fssetxattr_check | Generic function to check FS_IOC_FSSETXATTR values and reject any invalid* configurations.* Note: the caller should be holding i_mutex, or else be sure that they have* exclusive access to the inode structure. |
| ksys_umount | Now umount can handle mount points as well as block devices.* This is important for filesystems which use unnamed block devices.* We now support a flag for forced unmount like the other 'big iron'* unixes |
| xattr_permission | Check permissions for extended attribute access. This is a bit complicated* because different namespaces have very different rules. |
| simple_xattr_list | xattr LIST operation for in-memory/pseudo filesystems |
| SYSCALL_DEFINE2 | There are no bdflush tunables left. But distributions are* still running obsolete flush daemons, so we terminate them here.* Use of bdflush() is deprecated and will be removed in a future kernel. |
| SYSCALL_DEFINE2 | anotify syscalls |
| SYSCALL_DEFINE2 | |
| do_timerfd_settime | |
| userfaultfd_api | serland asks for a certain API version and we return which bits* and ioctl commands are implemented in this kernel for such API* version or -EINVAL if unknown. |
| SYSCALL_DEFINE1 | |
| io_sq_offload_start | |
| io_uring_create | |
| io_wq_can_queue | |
| fscrypt_ioctl_add_key | Add a master encryption key to the filesystem, causing all files which were* encrypted with it to appear "unlocked" (decrypted) when accessed.* When adding a key for use by v1 encryption policies, this ioctl is |
| fscrypt_verify_key_added | Verify that the current user has added a master key with the given identifier* (returns -ENOKEY if not) |
| do_remove_key | Try to remove an fscrypt master encryption key |
| fscrypt_ioctl_remove_key_all_users | |
| generic_setlease | generic_setlease - sets a lease on an open file*@filp: file pointer*@arg: type of lease to obtain*@flp: input - file_lock to use, output - file_lock inserted*@priv: private data for lm_setup (may be NULL if lm_setup* doesn't require it)* The (input) |
| handle_to_path | |
| ignore_hardlimit | |
| check_quotactl_permission | |
| do_lookup_dcookie | And here is where the userspace process can look up the cookie value* to retrieve the path. |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |