linux内核capable源代码分析

linux内核里对于进程的权限管理有一个很重要的函数capable，以前看了好多遍，今天下决心搞定他，也在此立下一个碑，以后有谁想搞明白他的话，我还可以提供一些帮助。
capable函数定义在kernel/capability.c，作用是检验当前进程有没有相应的权限，定义如下

int capable(int cap)
{
    return __capable(current, cap);
}

继续看__capable函数，这个函数也定义在kernel/capability.c，定义如下

int __capable(struct task_struct *t, int cap)
{
    /*首先执行security_capable函数检查，如果成功就给进程的flags置位，标志获得超级权限，PF_SUPERPRIV定义如下
    #define PF_SUPERPRIV    0x00000100    /* used super-user privileges */就是超级用户的意思
    */
    if (security_capable(t, cap) == 0) {
        t->flags |= PF_SUPERPRIV;
        return 1;
    }
    return 0;
}

我们继续看security_capable函数，定义在linux/security.h

static inline int security_capable(struct task_struct *tsk, int cap)
{
    return cap_capable(tsk, cap);
}

继续看cap_capable函数，定义在security/commonncap.c

int cap_capable (struct task_struct *tsk, int cap)
{
    /* 权限检查的主要工作函数 */
    if (cap_raised(tsk->cap_effective, cap))
        return 0;
    return -EPERM;
}

我们继续看cap_raised，这是一个宏，定义如下
#define CAP_TO_MASK(x) (1 << (x))
#define cap_raise(c, flag) (cap_t(c) |= CAP_TO_MASK(flag))
#define cap_lower(c, flag) (cap_t(c) &= ~CAP_TO_MASK(flag))
#define cap_raised(c, flag) (cap_t(c) & CAP_TO_MASK(flag))
所以可以看出cap_capable函数就是查看task_struct的cap_effective变量，然后与(1<<cap)执行按位与操作。
cap_effective变量就是进程结构体里的一个32位的int变量，每一个位代表一个权限，定义如下

/**
 ** POSIX-标准定义的权限能力
 **/
#define CAP_CHOWN            0
/* Override all DAC access, including ACL execute access if
   [_POSIX_ACL] is defined. Excluding DAC access covered by
   CAP_LINUX_IMMUTABLE. */
#define CAP_DAC_OVERRIDE     1
/* Overrides all DAC restrictions regarding read and search on files
   and directories, including ACL restrictions if [_POSIX_ACL] is
   defined. Excluding DAC access covered by CAP_LINUX_IMMUTABLE. */
#define CAP_DAC_READ_SEARCH  2
/* Overrides all restrictions about allowed operations on files, where
   file owner ID must be equal to the user ID, except where CAP_FSETID
   is applicable. It doesn't override MAC and DAC restrictions. */
#define CAP_FOWNER           3
/* Overrides the following restrictions that the effective user ID
   shall match the file owner ID when setting the S_ISUID and S_ISGID
   bits on that file; that the effective group ID (or one of the
   supplementary group IDs) shall match the file owner ID when setting
   the S_ISGID bit on that file; that the S_ISUID and S_ISGID bits are
   cleared on successful return from chown(2) (not implemented). */
#define CAP_FSETID           4
/* Used to decide between falling back on the old suser() or fsuser(). */
#define CAP_FS_MASK          0x1f
/* Overrides the restriction that the real or effective user ID of a
   process sending a signal must match the real or effective user ID
   of the process receiving the signal. */
#define CAP_KILL             5
/* Allows setgid(2) manipulation */
/* Allows setgroups(2) */
/* Allows forged gids on socket credentials passing. */
#define CAP_SETGID           6
/* Allows set*uid(2) manipulation (including fsuid). */
/* Allows forged pids on socket credentials passing. */
#define CAP_SETUID           7
/**
 ** Linux-specific capabilities
 **/
/* Transfer any capability in your permitted set to any pid,
   remove any capability in your permitted set from any pid */
#define CAP_SETPCAP          8
/* Allow modification of S_IMMUTABLE and S_APPEND file attributes */
#define CAP_LINUX_IMMUTABLE  9
/* Allows binding to TCP/UDP sockets below 1024 */
/* Allows binding to ATM VCIs below 32 */
#define CAP_NET_BIND_SERVICE 10
/* Allow broadcasting, listen to multicast */
#define CAP_NET_BROADCAST    11
/* Allow interface configuration */
/* Allow administration of IP firewall, masquerading and accounting */
/* Allow setting debug option on sockets */
/* Allow modification of routing tables */
/* Allow setting arbitrary process / process group ownership on
   sockets */
/* Allow binding to any address for transparent proxying */
/* Allow setting TOS (type of service) */
/* Allow setting promiscuous mode */
/* Allow clearing driver statistics */
/* Allow multicasting */
/* Allow read/write of device-specific registers */
/* Allow activation of ATM control sockets */
#define CAP_NET_ADMIN        12
/* Allow use of RAW sockets */
/* Allow use of PACKET sockets */
#define CAP_NET_RAW          13
/* Allow locking of shared memory segments */
/* Allow mlock and mlockall (which doesn't really have anything to do
   with IPC) */
#define CAP_IPC_LOCK         14
/* Override IPC ownership checks */
#define CAP_IPC_OWNER        15
/* Insert and remove kernel modules - modify kernel without limit */
/* Modify cap_bset */
#define CAP_SYS_MODULE       16
/* Allow ioperm/iopl access */
/* Allow sending USB messages to any device via /proc/bus/usb */
#define CAP_SYS_RAWIO        17
/* Allow use of chroot() */
#define CAP_SYS_CHROOT       18
/* Allow ptrace() of any process */
#define CAP_SYS_PTRACE       19
/* Allow configuration of process accounting */
#define CAP_SYS_PACCT        20
/* Allow configuration of the secure attention key */
/* Allow administration of the random device */
/* Allow examination and configuration of disk quotas */
/* Allow configuring the kernel's syslog (printk behaviour) */
/* Allow setting the domainname */
/* Allow setting the hostname */
/* Allow calling bdflush() */
/* Allow mount() and umount(), setting up new smb connection */
/* Allow some autofs root ioctls */
/* Allow nfsservctl */
/* Allow VM86_REQUEST_IRQ */
/* Allow to read/write pci config on alpha */
/* Allow irix_prctl on mips (setstacksize) */
/* Allow flushing all cache on m68k (sys_cacheflush) */
/* Allow removing semaphores */
/* Used instead of CAP_CHOWN to "chown" IPC message queues, semaphores
   and shared memory */
/* Allow locking/unlocking of shared memory segment */
/* Allow turning swap on/off */
/* Allow forged pids on socket credentials passing */
/* Allow setting readahead and flushing buffers on block devices */
/* Allow setting geometry in floppy driver */
/* Allow turning DMA on/off in xd driver */
/* Allow administration of md devices (mostly the above, but some
   extra ioctls) */
/* Allow tuning the ide driver */
/* Allow access to the nvram device */
/* Allow administration of apm_bios, serial and bttv (TV) device */
/* Allow manufacturer commands in isdn CAPI support driver */
/* Allow reading non-standardized portions of pci configuration space */
/* Allow DDI debug ioctl on sbpcd driver */
/* Allow setting up serial ports */
/* Allow sending raw qic-117 commands */
/* Allow enabling/disabling tagged queuing on SCSI controllers and sending
   arbitrary SCSI commands */
/* Allow setting encryption key on loopback filesystem */
/* Allow setting zone reclaim policy */
#define CAP_SYS_ADMIN        21
/* Allow use of reboot() */
#define CAP_SYS_BOOT         22
/* Allow raising priority and setting priority on other (different
   UID) processes */
/* Allow use of FIFO and round-robin (realtime) scheduling on own
   processes and setting the scheduling algorithm used by another
   process. */
/* Allow setting cpu affinity on other processes */
#define CAP_SYS_NICE         23
/* Override resource limits. Set resource limits. */
/* Override quota limits. */
/* Override reserved space on ext2 filesystem */
/* Modify data journaling mode on ext3 filesystem (uses journaling
   resources) */
/* NOTE: ext2 honors fsuid when checking for resource overrides, so 
   you can override using fsuid too */
/* Override size restrictions on IPC message queues */
/* Allow more than 64hz interrupts from the real-time clock */
/* Override max number of consoles on console allocation */
/* Override max number of keymaps */
#define CAP_SYS_RESOURCE     24
/* Allow manipulation of system clock */
/* Allow irix_stime on mips */
/* Allow setting the real-time clock */
#define CAP_SYS_TIME         25
/* Allow configuration of tty devices */
/* Allow vhangup() of tty */
#define CAP_SYS_TTY_CONFIG   26
/* Allow the privileged aspects of mknod() */
#define CAP_MKNOD            27
/* Allow taking of leases on files */
#define CAP_LEASE            28
#define CAP_AUDIT_WRITE      29
#define CAP_AUDIT_CONTROL    30

检验权限的时候，就检查进程结构体task_struct对应的位是不是1就ok了。