函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:kernel\user_namespace.c Create Date:2022-07-27 12:21:29
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:Create a new user namespace, deriving the creator from the user in the* passed credentials, and replacing that user with the new root user for the* new namespace.* This is called by copy_creds(), which will finish setting the target task's* credentials.

函数原型:int create_user_ns(struct cred *new)

返回类型:int

参数:

类型参数名称
struct cred *new
71  parent_ns等于 user_ns the caps and keyrings are relative to.
72  owner等于有效uid
73  group等于有效gid
77  ret等于负ENOSPC
78  如果level大于32则转到:fail
81  ucounts等于inc_user_namespaces(parent_ns, owner)
82  如果非ucounts则转到:fail
91  ret等于负EPERM
92  如果current_chrooted()则转到:fail_dec
99  ret等于负EPERM
100  如果非kuid_has_mapping(parent_ns, owner)或非kgid_has_mapping(parent_ns, group)则转到:fail_dec
104  ret等于负ENOMEM
105  ns等于Shortcuts
106  如果非ns则转到:fail_dec
109  ret等于ns_alloc_inum( & ns)
110  如果ret则转到:fail_free
112  ops等于userns_operations
114  atomic_set( & count, 1)
116  parent等于parent_ns
117  level等于level加1
118  owner等于owner
119  group等于group
120  INIT_WORK( & work, free_user_ns)
121 i小于UCOUNT_COUNTS循环
122  ucount_max[i]等于INT_MAX
124  ucounts等于ucounts
127  mutex_lock( & userns_state_mutex)
128  flags等于flags
129  mutex_unlock - release the mutex*@lock: the mutex to be released* Unlock a mutex that has been locked by this task previously.* This function must not be used in interrupt context. Unlocking* of a not locked mutex is not allowed.
132  初始化链表头
133  init_rwsem( & keyring_sem)
135  ret等于负ENOMEM
136  如果非setup_userns_sysctls(ns)则转到:fail_keyring
139  set_cred_user_ns(new, ns)
140  返回:0
141  fail_keyring :
143  key_put( Register of per-UID persistent keyrings for this namespace )
145  ns_free_inum( & ns)
146  fail_free :
147  kmem_cache_free(user_ns_cachep, ns)
148  fail_dec :
149  dec_user_namespaces(ucounts)
150  fail :
151  返回:ret
调用者
名称描述
unshare_userns
copy_creds复制信任