Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\selinux\hooks.c Create Date:2022-07-28 19:02:28
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:selinux_setprocattr

Proto:static int selinux_setprocattr(const char *name, void *value, size_t size)

Type:int

Parameter:

TypeParameterName
const char *name
void *value
size_tsize
6336  mysid = get the subjective security ID of the current task , sid = 0
6338  str = value
6343  If Not strcmp(name, "exec") Then error = avc_has_perm - Check permissions and perform any appropriate auditing
6347  Else if Not strcmp(name, "fscreate") Then error = avc_has_perm - Check permissions and perform any appropriate auditing
6351  Else if Not strcmp(name, "keycreate") Then error = avc_has_perm - Check permissions and perform any appropriate auditing
6355  Else if Not strcmp(name, "sockcreate") Then error = avc_has_perm - Check permissions and perform any appropriate auditing
6359  Else if Not strcmp(name, "current") Then error = avc_has_perm - Check permissions and perform any appropriate auditing
6363  Else error = -EINVAL
6365  If error Then Return error
6369  If size && str[0] && str[0] != '\n' Then
6370  If str[size - 1] == '\n' Then
6371  str[size - 1] = 0
6372  size--
6374  error = security_context_to_sid( & selinux_state, value, size, & sid, GFP_KERNEL)
6376  If error == -EINVAL && Not strcmp(name, "fscreate") Then
6377  If Not has_cap_mac_admin(true) Then
6400  If error Then Return error
6404  new = prepare_creds - Prepare a new set of credentials for modification* Prepare a new set of task credentials for modification
6405  If Not new Then Return -ENOMEM
6414  tsec = selinux_cred(new)
6415  If Not strcmp(name, "exec") Then
6416  exec SID = sid
6417  Else if Not strcmp(name, "fscreate") Then
6418  fscreate SID = sid
6419  Else if Not strcmp(name, "keycreate") Then
6420  If sid Then
6423  If error Then Go to abort_change
6426  keycreate SID = sid
6427  Else if Not strcmp(name, "sockcreate") Then
6428  fscreate SID = sid
6429  Else if Not strcmp(name, "current") Then
6430  error = -EINVAL
6431  If sid == 0 Then Go to abort_change
6435  error = -EPERM
6439  If error Then Go to abort_change
6444  error = avc_has_perm - Check permissions and perform any appropriate auditing
6447  If error Then Go to abort_change
6452  ptsid = prm security operations
6453  If ptsid != 0 Then
6457  If error Then Go to abort_change
6461  current SID = sid
6462  Else
6463  error = -EINVAL
6464  Go to abort_change
6467  mmit_creds - Install new credentials upon the current task*@new: The credentials to be assigned* Install a new set of credentials to the current task, using RCU to replace* the old set. Both the objective and the subjective credentials pointers are
6468  Return size
6470  abort_change :
6471  abort_creds - Discard a set of credentials and unlock the current task*@new: The credentials that were going to be applied* Discard a set of credentials that were under construction and unlock the* current task.
6472  Return error