Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\commoncap.c Create Date:2022-07-28 18:37:13
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Implement PR_CAPBSET_DROP. Attempt to remove the specified capability from* the current task's bounding set. Returns 0 on success, -ve on error.

Proto:static int cap_prctl_drop(unsigned long cap)

Type:int

Parameter:

TypeParameterName
unsigned longcap
1143  If Not ns_capable(current_user_ns(), Without VFS support for capabilities:* Transfer any capability in your permitted set to any pid,* remove any capability in your permitted set from any pid* With VFS support for capabilities (neither of above, but)* Add any capability from current's ) Then Return -EPERM
1145  If Not cap_valid(cap) Then Return -EINVAL
1148  new = prepare_creds - Prepare a new set of credentials for modification* Prepare a new set of task credentials for modification
1149  If Not new Then Return -ENOMEM
1151  cap_lower( capability bounding set , cap)
1152  Return mmit_creds - Install new credentials upon the current task*@new: The credentials to be assigned* Install a new set of credentials to the current task, using RCU to replace* the old set. Both the objective and the subjective credentials pointers are
Caller
NameDescribe
cap_task_prctlap_task_prctl - Implement process control functions for this security module*@option: The process control function requested*@arg2, @arg3, @arg4, @arg5: The argument data for this function* Allow process control functions (sys_prctl()) to alter