Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-28 18:55:09
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Check whether a task can use an open file descriptor toaccess an inode in a given way. Check access to thedescriptor itself, and then use dentry_has_perm tocheck a particular permission to the file.Access to the descriptor is implicitly granted if it

Proto:static int file_has_perm(const struct cred *cred, struct file *file, unsigned int av)

Type:int

Parameter:

TypeParameterName
const struct cred *cred
struct file *file
unsigned intav
1748  fsec = selinux_file(file)
1749  inode = file_inode(file)
1751  sid = get the security ID of a set of credentials
1754  type = LSM_AUDIT_DATA_FILE
1755  file = file
1757  If sid != SID of open file description Then
1758  rc = avc_has_perm - Check permissions and perform any appropriate auditing
1763  If rc Then Go to out
1774  rc = 0
1775  If av Then rc = Check whether a task has a particular permission to an inode.The 'adp' parameter is optional and allows other auditdata to be passed (e.g. the dentry).
1778  out :
1779  Return rc
Caller
NameDescribe
match_file
selinux_revalidate_file_permissionle security operations
selinux_file_ioctl
file_map_prot_check
selinux_file_mprotect
selinux_file_lock
selinux_file_fcntl
selinux_file_receive