调用者| 名称 | 描述 |
|---|
| prepare_exec_creds | Prepare credentials for current to perform an execve()* - The caller must hold ->cred_guard_mutex |
| copy_creds | 复制信任 |
| set_current_groups | set_current_groups - Change current's group subscription*@group_info: The group list to impose* Validate a group subscription and, if valid, impose it upon current's task* security record. |
| unshare_userns | |
| userns_install | |
| keyctl_set_reqkey_keyring | Read or set the default keyring in which request_key() will cache keys and* return the old setting.* If a thread or process keyring is specified then it will be created if it* doesn't yet exist. The old setting will be returned if successful. |
| install_thread_keyring | Install a thread keyring to the current task if it didn't have one already.* Return: 0 if a thread keyring is now present; -errno on failure. |
| install_process_keyring | Install a process keyring to the current task if it didn't have one already.* Return: 0 if a process keyring is now present; -errno on failure. |
| install_session_keyring | Install the given keyring as the session keyring of the current task,* replacing the existing one if any. If the given keyring is NULL, then* install a new anonymous session keyring.* Return: 0 on success; -errno on failure. |
| join_session_keyring | Join the named keyring as the session keyring if possible else attempt to* create a new one of that name and join that |
| cap_prctl_drop | Implement PR_CAPBSET_DROP. Attempt to remove the specified capability from* the current task's bounding set. Returns 0 on success, -ve on error. |
| cap_task_prctl | ap_task_prctl - Implement process control functions for this security module*@option: The process control function requested*@arg2, @arg3, @arg4, @arg5: The argument data for this function* Allow process control functions (sys_prctl()) to alter |
| selinux_inode_copy_up | |
| selinux_setprocattr | |
| smack_setprocattr | smack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/ |
| smack_inode_copy_up | |
| aa_replace_current_label | aa_replace_current_label - replace the current tasks label*@label: new label (NOT NULL)* Returns: 0 or error on failure |
| aa_set_current_hat | aa_set_current_hat - set the current tasks hat*@label: label to set as the current hat (NOT NULL)*@token: token value that must be specified to change from the hat* Do switch of tasks hat |
| aa_restore_previous_label | aa_restore_previous_label - exit from hat context restoring previous label*@token: the token that must be matched to exit hat context* Attempt to return out of a hat to the previous label |
| do_coredump | |
| keyctl_change_reqkey_auth | Change the request_key authorisation key on the current process. |
| do_faccessat | access() needs to use the real uid/gid, not the effective uid/gid.* We do this by temporarily clearing all FS-related capabilities and* switching the fsuid/fsgid around to the real ones. |