security/security.c
Source file repositories/reference/linux-study-clean/security/security.c
File Facts
- System
- Linux kernel
- Corpus path
security/security.c- Extension
.c- Size
- 170646 bytes
- Lines
- 5719
- Domain
- Core OS
- Bucket
- Security And Isolation
- Inferred role
- Core OS: exported/initcall integration point
- Status
- integration implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Exports symbols or registers init work; inspect boot/module ordering and who consumes the exported contract.
- Touches user memory; correctness depends on fault-safe copying and privilege boundary handling.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/bpf.hlinux/capability.hlinux/dcache.hlinux/export.hlinux/init.hlinux/kernel.hlinux/kernel_read_file.hlinux/lsm_hooks.hlinux/mman.hlinux/mount.hlinux/personality.hlinux/backing-dev.hlinux/string.hlinux/xattr.hlinux/msg.hlinux/overflow.hlinux/perf_event.hlinux/fs.hnet/flow.hnet/sock.hlsm.hlinux/lsm_hook_defs.h
Detected Declarations
function keyfunction lsm_file_allocfunction lsm_backing_file_allocfunction lsm_blob_allocfunction lsm_cred_allocfunction lsm_inode_allocfunction lsm_task_allocfunction lsm_ipc_allocfunction lsm_key_allocfunction lsm_msg_msg_allocfunction lsm_bdev_allocfunction lsm_bpf_map_allocfunction lsm_bpf_prog_allocfunction lsm_bpf_token_allocfunction lsm_superblock_allocfunction lsm_fill_user_ctxfunction security_binder_transactionfunction security_binder_transfer_binderfunction security_binder_transfer_filefunction security_ptrace_access_checkfunction security_ptrace_tracemefunction security_capgetfunction security_capsetfunction security_capablefunction security_quotactlfunction security_quota_onfunction security_syslogfunction security_settime64function security_vm_enough_memory_mmfunction __vm_enough_memoryfunction security_bprm_creds_for_execfunction security_bprm_creds_from_filefunction security_bprm_checkfunction security_bprm_committing_credsfunction security_bprm_committed_credsfunction security_fs_context_submountfunction security_fs_context_dupfunction security_fs_context_parse_paramfunction lsm_for_each_hookfunction security_sb_allocfunction security_sb_deletefunction security_sb_freefunction security_free_mnt_optsfunction security_sb_eat_lsm_optsfunction security_sb_mnt_opts_compatfunction security_sb_remountfunction security_sb_kern_mountfunction security_sb_show_options
Annotated Snippet
if (rc < 0) {
cap_sys_admin = 0;
break;
}
}
return __vm_enough_memory(mm, pages, cap_sys_admin);
}
/**
* security_bprm_creds_for_exec() - Prepare the credentials for exec()
* @bprm: binary program information
*
* If the setup in prepare_exec_creds did not setup @bprm->cred->security
* properly for executing @bprm->file, update the LSM's portion of
* @bprm->cred->security to be what commit_creds needs to install for the new
* program. This hook may also optionally check permissions (e.g. for
* transitions between security domains). The hook must set @bprm->secureexec
* to 1 if AT_SECURE should be set to request libc enable secure mode. @bprm
* contains the linux_binprm structure.
*
* If execveat(2) is called with the AT_EXECVE_CHECK flag, bprm->is_check is
* set. The result must be the same as without this flag even if the execution
* will never really happen and @bprm will always be dropped.
*
* This hook must not change current->cred, only @bprm->cred.
*
* Return: Returns 0 if the hook is successful and permission is granted.
*/
int security_bprm_creds_for_exec(struct linux_binprm *bprm)
{
return call_int_hook(bprm_creds_for_exec, bprm);
}
/**
* security_bprm_creds_from_file() - Update linux_binprm creds based on file
* @bprm: binary program information
* @file: associated file
*
* If @file is setpcap, suid, sgid or otherwise marked to change privilege upon
* exec, update @bprm->cred to reflect that change. This is called after
* finding the binary that will be executed without an interpreter. This
* ensures that the credentials will not be derived from a script that the
* binary will need to reopen, which when reopend may end up being a completely
* different file. This hook may also optionally check permissions (e.g. for
* transitions between security domains). The hook must set @bprm->secureexec
* to 1 if AT_SECURE should be set to request libc enable secure mode. The
* hook must add to @bprm->per_clear any personality flags that should be
* cleared from current->personality. @bprm contains the linux_binprm
* structure.
*
* Return: Returns 0 if the hook is successful and permission is granted.
*/
int security_bprm_creds_from_file(struct linux_binprm *bprm, const struct file *file)
{
return call_int_hook(bprm_creds_from_file, bprm, file);
}
/**
* security_bprm_check() - Mediate binary handler search
* @bprm: binary program information
*
* This hook mediates the point when a search for a binary handler will begin.
* It allows a check against the @bprm->cred->security value which was set in
* the preceding creds_for_exec call. The argv list and envp list are reliably
* available in @bprm. This hook may be called multiple times during a single
* execve. @bprm contains the linux_binprm structure.
*
* Return: Returns 0 if the hook is successful and permission is granted.
*/
int security_bprm_check(struct linux_binprm *bprm)
{
return call_int_hook(bprm_check_security, bprm);
}
/**
* security_bprm_committing_creds() - Install creds for a process during exec()
* @bprm: binary program information
*
* Prepare to install the new security attributes of a process being
* transformed by an execve operation, based on the old credentials pointed to
* by @current->cred and the information set in @bprm->cred by the
* bprm_creds_for_exec hook. @bprm points to the linux_binprm structure. This
* hook is a good place to perform state changes on the process such as closing
* open file descriptors to which access will no longer be granted when the
* attributes are changed. This is called immediately before commit_creds().
*/
void security_bprm_committing_creds(const struct linux_binprm *bprm)
{
call_void_hook(bprm_committing_creds, bprm);
}
Annotation
- Immediate include surface: `linux/bpf.h`, `linux/capability.h`, `linux/dcache.h`, `linux/export.h`, `linux/init.h`, `linux/kernel.h`, `linux/kernel_read_file.h`, `linux/lsm_hooks.h`.
- Detected declarations: `function key`, `function lsm_file_alloc`, `function lsm_backing_file_alloc`, `function lsm_blob_alloc`, `function lsm_cred_alloc`, `function lsm_inode_alloc`, `function lsm_task_alloc`, `function lsm_ipc_alloc`, `function lsm_key_alloc`, `function lsm_msg_msg_alloc`.
- Atlas domain: Core OS / Security And Isolation.
- Implementation status: integration implementation candidate.
- This snippet crosses the user/kernel memory boundary; validate fault handling and access checks before translating the pattern.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.