当前位置：首页 > news >正文

Linux内核进程管理子系统有什么第三十九回 —— 进程主结构详解（35）

news 2025/9/2 11:02:16

接前一篇文章：Linux内核进程管理子系统有什么第三十八回 —— 进程主结构详解（34）

本文内容参考：

Linux内核进程管理专题报告_linux rseq-CSDN博客

《趣谈Linux操作系统核心原理篇：第三部分进程管理》—— 刘超

《图解Linux内核基于6.x》 —— 姜亚华机械工业出版社

特此致谢！

进程管理核心结构 —— task_struct

8. 进程权限相关成员

进程权限相关成员包括以下几个：

	/* Process credentials: *//* Tracer's credentials at attach: */const struct cred __rcu		*ptracer_cred;/* Objective and real subjective task credentials (COW): */const struct cred __rcu		*real_cred;/* Effective (overridable) subjective task credentials (COW): */const struct cred __rcu		*cred;

这几个字段的描述如下：

上一回对于进程权限相关的字段进行了解析，本回对于这3个字段的共同类型struct cred进行详细解析。

struct cred的定义在include/linux/cred.h中，如下：

/** The security context of a task** The parts of the context break down into two categories:**  (1) The objective context of a task.  These parts are used when some other*	task is attempting to affect this one.**  (2) The subjective context.  These details are used when the task is acting*	upon another object, be that a file, a task, a key or whatever.** Note that some members of this structure belong to both categories - the* LSM security pointer for instance.** A task has two security pointers.  task->real_cred points to the objective* context that defines that task's actual details.  The objective part of this* context is used whenever that task is acted upon.** task->cred points to the subjective context that defines the details of how* that task is going to act upon another object.  This may be overridden* temporarily to point to another security context, but normally points to the* same context as task->real_cred.*/
struct cred {atomic_t	usage;
#ifdef CONFIG_DEBUG_CREDENTIALSatomic_t	subscribers;	/* number of processes subscribed */void		*put_addr;unsigned	magic;
#define CRED_MAGIC	0x43736564
#define CRED_MAGIC_DEAD	0x44656144
#endifkuid_t		uid;		/* real UID of the task */kgid_t		gid;		/* real GID of the task */kuid_t		suid;		/* saved UID of the task */kgid_t		sgid;		/* saved GID of the task */kuid_t		euid;		/* effective UID of the task */kgid_t		egid;		/* effective GID of the task */kuid_t		fsuid;		/* UID for VFS ops */kgid_t		fsgid;		/* GID for VFS ops */unsigned	securebits;	/* SUID-less security management */kernel_cap_t	cap_inheritable; /* caps our children can inherit */kernel_cap_t	cap_permitted;	/* caps we're permitted */kernel_cap_t	cap_effective;	/* caps we can actually use */kernel_cap_t	cap_bset;	/* capability bounding set */kernel_cap_t	cap_ambient;	/* Ambient capability set */
#ifdef CONFIG_KEYSunsigned char	jit_keyring;	/* default keyring to attach requested* keys to */struct key	*session_keyring; /* keyring inherited over fork */struct key	*process_keyring; /* keyring private to this process */struct key	*thread_keyring; /* keyring private to this thread */struct key	*request_key_auth; /* assumed request_key authority */
#endif
#ifdef CONFIG_SECURITYvoid		*security;	/* LSM security */
#endifstruct user_struct *user;	/* real user ID subscription */struct user_namespace *user_ns; /* user_ns the caps and keyrings are relative to. */struct ucounts *ucounts;struct group_info *group_info;	/* supplementary groups for euid/fsgid *//* RCU deletion */union {int non_rcu;			/* Can we skip RCU deletion? */struct rcu_head	rcu;		/* RCU deletion hook */};
} __randomize_layout;

先来仔细研读一下Linux内核对于struct cred的注释：

struct cred —— （一个）任务的安全上下文

上下文的各个部分分为两类：

（1）任务的客体上下文

当其它任务试图影响此任务时，会使用这些部分。

（2）主体上下文

当任务作用于另一个对象时，无论是文件、任务、密钥还是其它任何对象，都会使用这些详部分。

注意：struct cred的一些成员属于这两个类别，例如LSM安全指针。

一个任务有两个安全指针：task->real_cred和task->cred。

task->real_cred指向定义该任务实际细节的客体上下文。每当执行该任务时，都会使用此上下文的客体部分。
task->cred指向主体上下文，该上下文定义了任务将如何作用于另一个对象的细节。这可能会被临时覆盖以指向另一个安全上下文，但通常会指向与task->real_cred相同的上下文。