函数逻辑报告 |
Source Code:security\smack\smack_access.c |
Create Date:2022-07-27 20:55:15 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| 首页 | 函数Tree |
| 注解内核,赢得工具 | 下载SCCT | English |
函数名称:smack_privileged - are all privilege requirements met*@cap: The requested capability* Is the task privileged and allowed to be privileged* by the onlycap rule.* Returns true if the task is allowed to be privileged, false if it's not.
函数原型:bool smack_privileged(int cap)
返回类型:bool
参数:
| 类型 | 参数 | 名称 |
|---|---|---|
| int | cap |
| 674 | 如果此条件成立可能性小(为编译器优化)(flags & I am a kernel thread )则返回:true |
| 名称 | 描述 |
|---|---|
| smack_set_mnt_opts | smack_set_mnt_opts - set Smack specific mount options*@sb: the file system superblock*@mnt_opts: Smack mount options*@kern_flags: mount option from kernel space or user space*@set_kern_flags: where to store converted mount opts* Returns 0 on success, an |
| smack_inode_setxattr | smack_inode_setxattr - Smack check for setting xattrs*@dentry: the object*@name: name of the attribute*@value: value of the attribute*@size: size of the value*@flags: unused* This protects the Smack attribute explicitly |
| smack_inode_removexattr | smack_inode_removexattr - Smack check on removexattr*@dentry: the object*@name: name of the attribute* Removing the Smack attribute requires CAP_MAC_ADMIN* Returns 0 if access is permitted, an error code otherwise |
| smack_setprocattr | smack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/ |
| smack_unix_stream_connect | smack_unix_stream_connect - Smack access on UDS*@sock: one sock*@other: the other sock*@newsk: unused* Return 0 if a subject with the smack of sock could access* an object with the smack of other, otherwise an error code |
| smack_unix_may_send | smack_unix_may_send - Smack access on UDS*@sock: one socket*@other: the other socket* Return 0 if a subject with the smack of sock could access* an object with the smack of other, otherwise an error code |
| smk_tskacc | smk_tskacc - determine if a task has a specific access to an object*@tsp: a pointer to the subject's task*@obj_known: a pointer to the object's label entry*@mode: the access requested, in "MAY" format*@a : common audit data* This function checks the |
| smk_write_load | smk_write_load - write() for /smack/load*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_set_cipso | smk_set_cipso - do the work for write() for cipso and cipso2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start*@format: /smack/cipso or /smack/cipso2 |
| smk_write_net4addr | smk_write_net4addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net4addr per write call |
| smk_write_net6addr | smk_write_net6addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net6addr per write call |
| smk_write_doi | smk_write_doi - write() for /smack/doi*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_direct | smk_write_direct - write() for /smack/direct*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_mapped | smk_write_mapped - write() for /smack/mapped*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_ambient | smk_write_ambient - write() for /smack/ambient*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_onlycap | smk_write_onlycap - write() for smackfs/onlycap*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_logging | smk_write_logging - write() for /smack/logging*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_load2 | smk_write_load2 - write() for /smack/load2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_revoke_subj | smk_write_revoke_subj - write() for /smack/revoke-subject*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_change_rule | smk_write_change_rule - write() for /smack/change-rule*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_syslog | smk_write_syslog - write() for smackfs/syslog*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate |
| smk_write_relabel_self | smk_write_relabel_self - write() for /smack/relabel-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
| smk_write_ptrace | smk_write_ptrace - write() for /smack/ptrace*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0 |
| 源代码转换工具 开放的插件接口 | X |
|---|---|
| 支持:c/c++/esqlc/java Oracle/Informix/Mysql 插件可实现:逻辑报告 代码生成和批量转换代码 |