capability.c File Reference

Go to the source code of this file.

Functions

static DEFINE_SPINLOCK (task_capability_lock)
 EXPORT_SYMBOL (__cap_empty_set)
 EXPORT_SYMBOL (__cap_full_set)
 EXPORT_SYMBOL (__cap_init_eff_set)
static void warn_legacy_capability_use (void)
static void warn_deprecated_v2 (void)
static int cap_validate_magic (cap_user_header_t header, unsigned *tocopy)
static int cap_get_target_pid (pid_t pid, kernel_cap_t *pEp, kernel_cap_t *pIp, kernel_cap_t *pPp)
 SYSCALL_DEFINE2 (capget, cap_user_header_t, header, cap_user_data_t, dataptr)
 sys_capget - get the capabilities of a given process.
 SYSCALL_DEFINE2 (capset, cap_user_header_t, header, const cap_user_data_t, data)
 sys_capset - set capabilities for a process or (*) a group of processes : pointer to struct that contains capability version and target pid data : pointer to struct that contains the effective, permitted, and inheritable capabilities
int capable (int cap)
 capable - Determine if the current task has a superior capability in effect : The capability to be tested for
 EXPORT_SYMBOL (capable)

Variables

const kernel_cap_t __cap_empty_set = CAP_EMPTY_SET
const kernel_cap_t __cap_full_set = CAP_FULL_SET
const kernel_cap_t __cap_init_eff_set = CAP_INIT_EFF_SET

Function Documentation

static int cap_get_target_pid ( pid_t  pid,
kernel_cap_t *  pEp,
kernel_cap_t *  pIp,
kernel_cap_t *  pPp 
) [inline, static]

Definition at line 139 of file capability.c.

static int cap_validate_magic ( cap_user_header_t  header,
unsigned *  tocopy 
) [static]

Definition at line 103 of file capability.c.

int capable ( int  cap  ) 

capable - Determine if the current task has a superior capability in effect : The capability to be tested for

Return true if the current task has the given superior capability currently available for use, false if not.

This sets PF_SUPERPRIV on the task if the capability is available on the assumption that it's about to be used.

Definition at line 310 of file capability.c.

static DEFINE_SPINLOCK ( task_capability_lock   )  [static]

EXPORT_SYMBOL ( capable   ) 

EXPORT_SYMBOL ( __cap_init_eff_set   ) 

EXPORT_SYMBOL ( __cap_full_set   ) 

EXPORT_SYMBOL ( __cap_empty_set   ) 

SYSCALL_DEFINE2 ( capset  ,
cap_user_header_t  ,
header  ,
const   cap_user_data_t,
data   
)

sys_capset - set capabilities for a process or (*) a group of processes : pointer to struct that contains capability version and target pid data : pointer to struct that contains the effective, permitted, and inheritable capabilities

Set capabilities for the current process only. The ability to any other process(es) has been deprecated and removed.

The restrictions on setting capabilities are specified as:

I: any raised capabilities must be a subset of the old permitted P: any raised capabilities must be a subset of the old permitted E: must be set to a subset of new permitted

Returns 0 on success and < 0 on error.

Definition at line 245 of file capability.c.

SYSCALL_DEFINE2 ( capget  ,
cap_user_header_t  ,
header  ,
cap_user_data_t  ,
dataptr   
)

sys_capget - get the capabilities of a given process.

: pointer to struct that contains capability version and target pid data : pointer to struct that contains the effective, permitted, and inheritable capabilities that are returned

Returns 0 on success and < 0 on error.

Definition at line 171 of file capability.c.

static void warn_deprecated_v2 ( void   )  [static]

Definition at line 85 of file capability.c.

static void warn_legacy_capability_use ( void   )  [static]

Definition at line 56 of file capability.c.

Variable Documentation

const kernel_cap_t __cap_empty_set = CAP_EMPTY_SET

Definition at line 31 of file capability.c.

const kernel_cap_t __cap_full_set = CAP_FULL_SET

Definition at line 32 of file capability.c.

const kernel_cap_t __cap_init_eff_set = CAP_INIT_EFF_SET

Definition at line 33 of file capability.c.

Generated on Wed Apr 11 06:39:15 2012 for DDE - The L4 Device Driver Environment by  doxygen 1.5.6