Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-28 18:58:04
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Check whether a task has the ioctl permission and cmd* operation to an inode.

Proto:static int ioctl_has_perm(const struct cred *cred, struct file *file, unsigned int requested, u16 cmd)

Type:int

Parameter:

TypeParameterName
const struct cred *cred
struct file *file
unsigned intrequested
u16cmd
3576  fsec = selinux_file(file)
3577  inode = file_inode(file)
3580  ssid = get the security ID of a set of credentials
3582  driver = cmd >> 8
3583  xperm = cmd & 0xff
3585  type = LSM_AUDIT_DATA_IOCTL_OP
3586  op = ioctl
3587  cmd = cmd
3588  path = f_path
3590  If ssid != SID of open file description Then
3591  rc = avc_has_perm - Check permissions and perform any appropriate auditing
3596  If rc Then Go to out
3600  If Value for the false possibility is greater at compile time(IS_PRIVATE(inode)) Then Return 0
3603  isec = Get the security label of an inode.
3604  rc = The avc extended permissions logic adds an additional 256 bits of* permissions to an avc node when extended permissions for that node are* specified in the avtab
3607  out :
3608  Return rc
Caller
NameDescribe
selinux_file_ioctl