函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\smack\smack.h Create Date:2022-07-27 20:48:25
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:smack_cred

函数原型:static inline struct task_smack *smack_cred(const struct cred *cred)

返回类型:struct task_smack

参数:

类型参数名称
const struct cred *cred
351  返回: subjective LSM security lbs_cred
调用者
名称描述
smk_ptrace_rule_checksmk_ptrace_rule_check - helper for ptrace access*@tracer: tracer process*@tracee_known: label entry of the process that's about to be traced*@mode: ptrace attachment mode (PTRACE_MODE_*)*@func: name of the function that called us, used for audit* Returns
smack_ptrace_tracemesmack_ptrace_traceme - Smack approval on PTRACE_TRACEME*@ptp: parent task pointer* Returns 0 if access is OK, an error code otherwise* Do the capability checks, and require PTRACE_MODE_ATTACH.
smack_bprm_set_credssmack_bprm_set_creds - set creds for exec*@bprm: the exec information* Returns 0 if it gets a blob, -EPERM if exec forbidden and -ENOMEM otherwise
smack_mmap_filesmack_mmap_file :* Check permissions for a mmap operation. The @file may be NULL, e.g.* if mapping anonymous memory.*@file contains the file structure for file to map (may be NULL).*@reqprot contains the protection requested by the application.
smack_file_send_sigiotasksmack_file_send_sigiotask - Smack on sigio*@tsk: The target task*@fown: the object the signal come from*@signum: unused* Allow a privileged task to get signals even if it shouldn't* Returns 0 if a subject with the object's smack could
smack_file_receivesmack_file_receive - Smack file receive check*@file: the object* Returns 0 if current has access, error code otherwise
smack_file_opensmack_file_open - Smack dentry open processing*@file: the object* Set the security blob in the file structure.* Allow the open only if the task has read access. There are* many read operations (e.g. fstat) that you can do with an
smack_cred_alloc_blanksmack_cred_alloc_blank - "allocate" blank task-level security credentials*@cred: the new credentials*@gfp: the atomicity of any memory allocations* Prepare a blank set of credentials for modification
smack_cred_freesmack_cred_free - "free" task-level security credentials*@cred: the credentials in question
smack_cred_preparesmack_cred_prepare - prepare new set of credentials for modification*@new: the new credentials*@old: the original credentials*@gfp: the atomicity of any memory allocations* Prepare a new set of credentials for modification.
smack_cred_transfersmack_cred_transfer - Transfer the old credentials to the new credentials*@new: the new credentials*@old: the original credentials* Fill in a set of blank credentials from another set of credentials.
smack_cred_getsecidsmack_cred_getsecid - get the secid corresponding to a creds structure*@cred: the object creds*@secid: where to put the result* Sets the secid to contain a u32 version of the smack label.
smack_kernel_act_assmack_kernel_act_as - Set the subjective context in a set of credentials*@new: points to the set of credentials to be modified.*@secid: specifies the security ID to be set* Set the security data for a kernel service.
smack_kernel_create_files_assmack_kernel_create_files_as - Set the file creation label in a set of creds*@new: points to the set of credentials to be modified*@inode: points to the inode to use as a reference* Set the file creation context in a set of credentials to the same* as the
smack_task_killsmack_task_kill - Smack check on signal delivery*@p: the task object*@info: unused*@sig: unused*@cred: identifies the cred to use in lieu of current's* Return 0 if write access is permitted
smack_setprocattrsmack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/
smack_key_allocsmack_key_alloc - Set the key security blob*@key: object*@cred: the credentials to use*@flags: unused* No allocation required* Returns 0
smack_key_permissionsmack_key_permission - Smack access on a key*@key_ref: gets to the object*@cred: the credentials to use*@perm: requested key permissions* Return 0 if the task has read and write to the object,* an error code otherwise
smack_inode_copy_up
smack_dentry_create_files_as
smack_initsmack_init - initialize the smack system* Returns 0 on success, -ENOMEM is there's no memory
smk_curaccsmk_curacc - determine if current has a specific access to an object*@obj_known: a pointer to the object's Smack label entry*@mode: the access requested, in "MAY" format*@a : common audit data* This function checks the current subject label/object label
smack_privileged_credsmack_privileged_cred - are all privilege requirements met by cred*@cap: The requested capability*@cred: the credential to use* Is the task privileged and allowed to be privileged* by the onlycap rule.
load_self_seq_startSeq_file read operations for /smack/load-self
load_self_seq_next
smk_write_load_selfsmk_write_load_self - write() for /smack/load-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0
load_self2_seq_startSeq_file read operations for /smack/load-self2
load_self2_seq_next
smk_write_load_self2smk_write_load_self2 - write() for /smack/load-self2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0
relabel_self_seq_startSeq_file read operations for /smack/relabel-self
relabel_self_seq_next
smk_write_relabel_selfsmk_write_relabel_self - write() for /smack/relabel-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0
smk_of_task_struct
smk_of_currentPresent a pointer to the smack label in the current task blob.