接前一篇文章:Linux内核进程管理子系统有什么第四十一回 —— 进程主结构详解(37)
本文内容参考:
Linux内核进程管理专题报告_linux rseq-CSDN博客
《趣谈Linux操作系统 核心原理篇:第三部分 进程管理》—— 刘超
《图解Linux内核 基于6.x》 —— 姜亚华 机械工业出版社
setuid系统调用及示例-CSDN博客
setuid函数解析 - HelloMarsMan - 博客园
特此致谢!
进程管理核心结构 —— task_struct
8. 进程权限相关成员
进程权限相关成员包括以下几个:
/* Process credentials: *//* Tracer's credentials at attach: */const struct cred __rcu *ptracer_cred;/* Objective and real subjective task credentials (COW): */const struct cred __rcu *real_cred;/* Effective (overridable) subjective task credentials (COW): */const struct cred __rcu *cred;这几个字段的描述如下:
上一回继续对于struct cred进行解析,本回仍然继续。为了便于理解和回顾,再次贴出struct cred的定义,在include/linux/cred.h中,如下:
/** The security context of a task** The parts of the context break down into two categories:** (1) The objective context of a task. These parts are used when some other* task is attempting to affect this one.** (2) The subjective context. These details are used when the task is acting* upon another object, be that a file, a task, a key or whatever.** Note that some members of this structure belong to both categories - the* LSM security pointer for instance.** A task has two security pointers. task->real_cred points to the objective* context that defines that task's actual details. The objective part of this* context is used whenever that task is acted upon.** task->cred points to the subjective context that defines the details of how* that task is going to act upon another object. This may be overridden* temporarily to point to another security context, but normally points to the* same context as task->real_cred.*/
struct cred {atomic_t usage;
#ifdef CONFIG_DEBUG_CREDENTIALSatomic_t subscribers; /* number of processes subscribed */void *put_addr;unsigned magic;
#define CRED_MAGIC 0x43736564
#define CRED_MAGIC_DEAD 0x44656144
#endifkuid_t uid; /* real UID of the task */kgid_t gid; /* real GID of the task */kuid_t suid; /* saved UID of the task */kgid_t sgid; /* saved GID of the task */kuid_t euid; /* effective UID of the task */kgid_t egid; /* effective GID of the task */kuid_t fsuid; /* UID for VFS ops */kgid_t fsgid; /* GID for VFS ops */unsigned securebits; /* SUID-less security management */kernel_cap_t cap_inheritable; /* caps our children can inherit */kernel_cap_t cap_permitted; /* caps we're permitted */kernel_cap_t cap_effective; /* caps we can actually use */kernel_cap_t cap_bset; /* capability bounding set */kernel_cap_t cap_ambient; /* Ambient capability set */
#ifdef CONFIG_KEYSunsigned char jit_keyring; /* default keyring to attach requested* keys to */struct key *session_keyring; /* keyring inherited over fork */struct key *process_keyring; /* keyring private to this process */struct key *thread_keyring; /* keyring private to this thread */struct key *request_key_auth; /* assumed request_key authority */
#endif
#ifdef CONFIG_SECURITYvoid *security; /* LSM security */
#endifstruct user_struct *user; /* real user ID subscription */struct user_namespace *user_ns; /* user_ns the caps and keyrings are relative to. */struct ucounts *ucounts;struct group_info *group_info; /* supplementary groups for euid/fsgid *//* RCU deletion */union {int non_rcu; /* Can we skip RCU deletion? */struct rcu_head rcu; /* RCU deletion hook */};
} __randomize_layout;
上一回在讲 struct cred中的第4组字段kuid_t suid和kgid sgid时,
对于setuid系统调用进行知识补强。没有讲完,本回把这一知识点讲完、讲透彻。
知识补强 —— setuid系统调用
函数功能
设置调用进程的有效用户ID(Effective UID)。
根据调用者的权限(是否为root)和目标uid,行为会有所不同:
- 如果进程拥有超级用户特权,则setuid系统调用将实际用户ID(real UID)、有效用户ID(effective UID)以及保存的设置用户ID(saved UID)设置为uid;
- 如果进程没有超级用户特权、但uid等于实际用户ID(real UID)或保存的设置用户ID(saved UID),则setuid只将有效用户ID(effective UID)设置为uid。并不改变实际用户ID和保存的设置用户ID。
- 如果上两个条件都不满足(即进程也没有超级用户特权、uid也不等于实际用户ID和保存的设置用户ID),则将errno设置为EPERM,并返回错误。
从另外一种说法来理解一下:
函数原型
#include <unistd.h> // 包含系统调用声明
#include <sys/types.h> // 包含 uid_t 类型定义int setuid(uid_t uid);
参数
- uid_t uid:指定要设置的新的有效用户ID。
返回值
成功返回0;失败返回-1,并将errno设置为合适的值,以指示具体的错误原因。
错误码(errno)
- EINVAL:参数无效(虽然在 Linux 中通常不会返回此错误)。
- EPERM:调用者没有权限执行此操作。对于普通用户,这意味着uid既不是ruid、也不是suid(就是上边两个条件都不满足的那种情况)。
下一回继续对于setuid系统调用进行深入讲解,务必使读者能够理解清楚这一段比较复杂和费解的内容。
)
)
