函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smack_access.c Create Date:2022-07-27 20:55:15
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:smack_privileged - are all privilege requirements met*@cap: The requested capability* Is the task privileged and allowed to be privileged* by the onlycap rule.* Returns true if the task is allowed to be privileged, false if it's not.

函数原型:bool smack_privileged(int cap)

返回类型:bool

参数:

类型参数名称
intcap
674  如果此条件成立可能性小(为编译器优化)(flags & I am a kernel thread )则返回:true
677  返回:smack_privileged_cred - are all privilege requirements met by cred*@cap: The requested capability*@cred: the credential to use* Is the task privileged and allowed to be privileged* by the onlycap rule.
调用者
名称描述
smack_set_mnt_optssmack_set_mnt_opts - set Smack specific mount options*@sb: the file system superblock*@mnt_opts: Smack mount options*@kern_flags: mount option from kernel space or user space*@set_kern_flags: where to store converted mount opts* Returns 0 on success, an
smack_inode_setxattrsmack_inode_setxattr - Smack check for setting xattrs*@dentry: the object*@name: name of the attribute*@value: value of the attribute*@size: size of the value*@flags: unused* This protects the Smack attribute explicitly
smack_inode_removexattrsmack_inode_removexattr - Smack check on removexattr*@dentry: the object*@name: name of the attribute* Removing the Smack attribute requires CAP_MAC_ADMIN* Returns 0 if access is permitted, an error code otherwise
smack_setprocattrsmack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/
smack_unix_stream_connectsmack_unix_stream_connect - Smack access on UDS*@sock: one sock*@other: the other sock*@newsk: unused* Return 0 if a subject with the smack of sock could access* an object with the smack of other, otherwise an error code
smack_unix_may_sendsmack_unix_may_send - Smack access on UDS*@sock: one socket*@other: the other socket* Return 0 if a subject with the smack of sock could access* an object with the smack of other, otherwise an error code
smk_tskaccsmk_tskacc - determine if a task has a specific access to an object*@tsp: a pointer to the subject's task*@obj_known: a pointer to the object's label entry*@mode: the access requested, in "MAY" format*@a : common audit data* This function checks the
smk_write_loadsmk_write_load - write() for /smack/load*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0
smk_set_cipsosmk_set_cipso - do the work for write() for cipso and cipso2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start*@format: /smack/cipso or /smack/cipso2
smk_write_net4addrsmk_write_net4addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net4addr per write call
smk_write_net6addrsmk_write_net6addr - write() for /smack/netlabel*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Accepts only one net6addr per write call
smk_write_doismk_write_doi - write() for /smack/doi*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_directsmk_write_direct - write() for /smack/direct*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_mappedsmk_write_mapped - write() for /smack/mapped*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_ambientsmk_write_ambient - write() for /smack/ambient*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_onlycapsmk_write_onlycap - write() for smackfs/onlycap*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_loggingsmk_write_logging - write() for /smack/logging*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_load2smk_write_load2 - write() for /smack/load2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0
smk_write_revoke_subjsmk_write_revoke_subj - write() for /smack/revoke-subject*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0
smk_write_change_rulesmk_write_change_rule - write() for /smack/change-rule*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0
smk_write_syslogsmk_write_syslog - write() for smackfs/syslog*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start* Returns number of bytes written or error code, as appropriate
smk_write_relabel_selfsmk_write_relabel_self - write() for /smack/relabel-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0
smk_write_ptracesmk_write_ptrace - write() for /smack/ptrace*@file: file pointer*@buf: data from user space*@count: bytes sent*@ppos: where to start - must be 0