cap_capable

函数名称：ap_capable - Determine whether a task has a particular effective capability*@cred: The credentials to use*@ns: The user namespace in which we need the capability*@cap: The capability to check for*@opts: Bitmask of options defined in include/linux/security

函数原型：int cap_capable(const struct cred *cred, struct user_namespace *targ_ns, int cap, unsigned int opts)

返回类型：int

参数：

类型	参数	名称
const struct cred *	cred
struct user_namespace *	targ_ns
int	cap
unsigned int	opts

**调用者**
名称	描述
cap_inh_is_capped	Determine whether the inheritable capabilities are limited to the old* permitted set. Returns 1 if they are limited, 0 if they are not.
cap_task_prctl	ap_task_prctl - Implement process control functions for this security module@option: The process control function requested@arg2, @arg3, @arg4, @arg5: The argument data for this function* Allow process control functions (sys_prctl()) to alter
cap_vm_enough_memory	ap_vm_enough_memory - Determine whether a new virtual mapping is permitted@mm: The VM space in which the new mapping is to be made@pages: The size of the mapping* Determine whether the allocation of a new virtual mapping by the current
cap_mmap_addr	ap_mmap_addr - check if able to map given addr@addr: address attempting to be mapped If the process is attempting to map memory below dac_mmap_min_addr they need* CAP_SYS_RAWIO. The other parameters to this function are unused by the
has_cap_mac_admin
smack_privileged_cred	smack_privileged_cred - are all privilege requirements met by cred@cap: The requested capability@cred: the credential to use* Is the task privileged and allowed to be privileged* by the onlycap rule.

函数逻辑报告