Function report |
Source Code:security\smack\smack.h |
Create Date:2022-07-28 19:19:11 |
Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
home page | Tree |
Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:smack_cred
Proto:static inline struct task_smack *smack_cred(const struct cred *cred)
Type:struct task_smack
Parameter:
Type | Parameter | Name |
---|---|---|
const struct cred * | cred |
351 | Return subjective LSM security + lbs_cred |
Name | Describe |
---|---|
smk_ptrace_rule_check | smk_ptrace_rule_check - helper for ptrace access*@tracer: tracer process*@tracee_known: label entry of the process that's about to be traced*@mode: ptrace attachment mode (PTRACE_MODE_*)*@func: name of the function that called us, used for audit* Returns |
smack_ptrace_traceme | smack_ptrace_traceme - Smack approval on PTRACE_TRACEME*@ptp: parent task pointer* Returns 0 if access is OK, an error code otherwise* Do the capability checks, and require PTRACE_MODE_ATTACH. |
smack_bprm_set_creds | smack_bprm_set_creds - set creds for exec*@bprm: the exec information* Returns 0 if it gets a blob, -EPERM if exec forbidden and -ENOMEM otherwise |
smack_mmap_file | smack_mmap_file :* Check permissions for a mmap operation. The @file may be NULL, e.g.* if mapping anonymous memory.*@file contains the file structure for file to map (may be NULL).*@reqprot contains the protection requested by the application. |
smack_file_send_sigiotask | smack_file_send_sigiotask - Smack on sigio*@tsk: The target task*@fown: the object the signal come from*@signum: unused* Allow a privileged task to get signals even if it shouldn't* Returns 0 if a subject with the object's smack could |
smack_file_receive | smack_file_receive - Smack file receive check*@file: the object* Returns 0 if current has access, error code otherwise |
smack_file_open | smack_file_open - Smack dentry open processing*@file: the object* Set the security blob in the file structure.* Allow the open only if the task has read access. There are* many read operations (e.g. fstat) that you can do with an |
smack_cred_alloc_blank | smack_cred_alloc_blank - "allocate" blank task-level security credentials*@cred: the new credentials*@gfp: the atomicity of any memory allocations* Prepare a blank set of credentials for modification |
smack_cred_free | smack_cred_free - "free" task-level security credentials*@cred: the credentials in question |
smack_cred_prepare | smack_cred_prepare - prepare new set of credentials for modification*@new: the new credentials*@old: the original credentials*@gfp: the atomicity of any memory allocations* Prepare a new set of credentials for modification. |
smack_cred_transfer | smack_cred_transfer - Transfer the old credentials to the new credentials*@new: the new credentials*@old: the original credentials* Fill in a set of blank credentials from another set of credentials. |
smack_cred_getsecid | smack_cred_getsecid - get the secid corresponding to a creds structure*@cred: the object creds*@secid: where to put the result* Sets the secid to contain a u32 version of the smack label. |
smack_kernel_act_as | smack_kernel_act_as - Set the subjective context in a set of credentials*@new: points to the set of credentials to be modified.*@secid: specifies the security ID to be set* Set the security data for a kernel service. |
smack_kernel_create_files_as | smack_kernel_create_files_as - Set the file creation label in a set of creds*@new: points to the set of credentials to be modified*@inode: points to the inode to use as a reference* Set the file creation context in a set of credentials to the same* as the |
smack_task_kill | smack_task_kill - Smack check on signal delivery*@p: the task object*@info: unused*@sig: unused*@cred: identifies the cred to use in lieu of current's* Return 0 if write access is permitted |
smack_setprocattr | smack_setprocattr - Smack process attribute setting*@name: the name of the attribute in /proc/ |
smack_key_alloc | smack_key_alloc - Set the key security blob*@key: object*@cred: the credentials to use*@flags: unused* No allocation required* Returns 0 |
smack_key_permission | smack_key_permission - Smack access on a key*@key_ref: gets to the object*@cred: the credentials to use*@perm: requested key permissions* Return 0 if the task has read and write to the object,* an error code otherwise |
smack_inode_copy_up | |
smack_dentry_create_files_as | |
smack_init | smack_init - initialize the smack system* Returns 0 on success, -ENOMEM is there's no memory |
smk_curacc | smk_curacc - determine if current has a specific access to an object*@obj_known: a pointer to the object's Smack label entry*@mode: the access requested, in "MAY" format*@a : common audit data* This function checks the current subject label/object label |
smack_privileged_cred | smack_privileged_cred - are all privilege requirements met by cred*@cap: The requested capability*@cred: the credential to use* Is the task privileged and allowed to be privileged* by the onlycap rule. |
load_self_seq_start | Seq_file read operations for /smack/load-self |
load_self_seq_next | |
smk_write_load_self | smk_write_load_self - write() for /smack/load-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
load_self2_seq_start | Seq_file read operations for /smack/load-self2 |
load_self2_seq_next | |
smk_write_load_self2 | smk_write_load_self2 - write() for /smack/load-self2*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
relabel_self_seq_start | Seq_file read operations for /smack/relabel-self |
relabel_self_seq_next | |
smk_write_relabel_self | smk_write_relabel_self - write() for /smack/relabel-self*@file: file pointer, not actually used*@buf: where to get the data from*@count: bytes sent*@ppos: where to start - must be 0 |
Source code conversion tool public plug-in interface | X |
---|---|
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |