new_idmap_permitted

函数名称：new_idmap_permitted

函数原型：static bool new_idmap_permitted(const struct file *file, struct user_namespace *ns, int cap_setid, struct uid_gid_map *new_map)

返回类型：bool

参数：

类型	参数	名称
const struct file *	file
struct user_namespace *	ns
int	cap_setid
struct uid_gid_map *	new_map

1088

cred等于f_cred

1092

如果 64 bytes -- 1 cache line 恒等于1且count恒等于1且uid_eq(owner, 有效uid)则

1094

id等于lower_first

1095

如果cap_setid恒等于Allows forged pids on socket credentials passing. 则

1096

uid等于make_kuid - Map a user-namespace uid pair into a kuid

1097

如果uid_eq(uid, 有效uid)则返回:true

1099

否则如果cap_setid恒等于Allows forged gids on socket credentials passing. 则

1100

gid等于make_kgid - Map a user-namespace gid pair into a kgid

1101

如果非flags按位与USERNS_SETGROUPS_ALLOWED的值且gid_eq(gid, 有效gid)则返回:true

1108

如果非cap_valid(cap_setid)则返回:true

1115

如果ns_capable(parent, cap_setid)且le_ns_capable - Determine if the file's opener had a capability in effect*@file: The file we want to check*@ns: The usernamespace we want the capability in*@cap: The capability to be tested for* Return true if task that opened the file had a capability in 则返回:true

1119

返回:false

**调用者**
名称	描述
map_write

源代码转换工具开放的插件接口	X
支持：c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现：逻辑报告代码生成和批量转换代码