Function report |
Source Code:security\commoncap.c |
Create Date:2022-07-28 18:37:24 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
home page | Tree |
Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:ap_task_prctl - Implement process control functions for this security module*@option: The process control function requested*@arg2, @arg3, @arg4, @arg5: The argument data for this function* Allow process control functions (sys_prctl()) to alter
Proto:int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5)
Type:int
Parameter:
Type | Parameter | Name |
---|---|---|
int | option | |
unsigned long | arg2 | |
unsigned long | arg3 | |
unsigned long | arg4 | |
unsigned long | arg5 |
1170 | old = current_cred - Access the current task's subjective credentials* Access the subjective credentials of the current task. RCU-safe,* since nobody else can modify it.() |
1177 | Return Not Not cap_raised( capability bounding set , arg2) |
1179 | Case option == PR_CAPBSET_DROP |
1201 | Case option == PR_SET_SECUREBITS |
1227 | Case option == Get/set securebits (as per security/commoncap.c) |
1228 | Return SUID-less security management |
1233 | Case option == PR_SET_KEEPCAPS |
1236 | If issecure(make bit-4 immutable ) Then Return -EPERM |
1239 | new = prepare_creds - Prepare a new set of credentials for modification* Prepare a new set of task credentials for modification |
1248 | Case option == Control the ambient capability set |
1249 | If arg2 == PR_CAP_AMBIENT_CLEAR_ALL Then |
1253 | new = prepare_creds - Prepare a new set of credentials for modification* Prepare a new set of task credentials for modification |
1256 | cap_clear( Ambient capability set ) |
1263 | If arg2 == PR_CAP_AMBIENT_IS_SET Then |
1264 | Return Not Not cap_raised(cap_ambient, arg3) |
1265 | Else if arg2 != PR_CAP_AMBIENT_RAISE && arg2 != PR_CAP_AMBIENT_LOWER Then |
1267 | Return -EINVAL |
1268 | Else |
1269 | If arg2 == PR_CAP_AMBIENT_RAISE && ( Not cap_raised(cap_permitted, arg3) || Not cap_raised(cap_inheritable, arg3) || issecure(When set, a process cannot add new capabilities to its ambient set. )) Then Return -EPERM |
1276 | new = prepare_creds - Prepare a new set of credentials for modification* Prepare a new set of task credentials for modification |
1279 | If arg2 == PR_CAP_AMBIENT_RAISE Then cap_raise( Ambient capability set , arg3) |
1281 | Else cap_lower( Ambient capability set , arg3) |
1286 | Default |
1288 | Return -ENOSYS |
Source code conversion tool public plug-in interface | X |
---|---|
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |