对chmod chown chgrp几个命令的实现注解

搜索 @note_pic 可以查看全部字符图
搜索 @note_why 是注者尚未看明白的地方，如果您看明白了，请告诉注者完善
搜索 @note_thinking 是注者的思考和吐槽的地方

fs/include/vfs_config.h

@@ -111,7 +111,7 @@ extern "C" {
 
 /* directory configure */
 
-#define VFS_USING_WORKDIR               // enable current working directory
+#define VFS_USING_WORKDIR               // enable current working directory 使能当前工作区
 
 #ifdef __cplusplus
 #if __cplusplus

fs/vfs/operation/fs_other.c

@@ -82,7 +82,7 @@ int lstat(const char *path, struct stat *buffer)
 {
     return stat(path, buffer);
 }
-
+//虚拟文件系统权限检查
 int VfsPermissionCheck(uint fuid, uint fgid, mode_t fileMode, int accMode)
 {
     uint uid = OsCurrUserGet()->effUserID;
@@ -216,7 +216,7 @@ int chdir(const char *path)
  *
  * @return the returned current directory.
  */
-
+//此函数是一个与POSIX兼容的版本，它将返回当前工作目录。
 char *getcwd(char *buf, size_t n)
 {
 #ifdef VFS_USING_WORKDIR

fs/vfs/vfs_cmd/vfs_shellcmd.c

@@ -1430,13 +1430,13 @@ int osShellCmdRm(int argc, const char **argv)
       ret = vfs_normalize_path(shell_working_directory, filename, &fullpath);
       ERROR_OUT_IF(ret < 0, set_err(-ret, "rm error"), return -1);
 
-      if (os_is_containers_wildcard(fullpath))
+      if (os_is_containers_wildcard(fullpath))//是否包含通配符
         {
-          ret = os_wildcard_extract_directory(fullpath, NULL, RM_FILE);
+          ret = os_wildcard_extract_directory(fullpath, NULL, RM_FILE);//对通配符文件的处理
         }
       else
         {
-          ret = unlink(fullpath);
+          ret = unlink(fullpath);//删除由装入点管理的文件,本质是释放一个inode
         }
     }
   if (ret == -1)
@@ -1446,7 +1446,24 @@ int osShellCmdRm(int argc, const char **argv)
   free(fullpath);
   return 0;
 }
+/*******************************************************
+命令功能
+rmdir命令用来删除一个目录。
+
+命令格式
+rmdir [dir]
+
+参数说明
+参数		参数说明		取值范围
+dir		需要删除目录的名称，删除目录必须为空，支持输入路径。N/A
 
+使用指南
+rmdir命令只能用来删除目录。
+rmdir一次只能删除一个目录。
+rmdir只能删除空目录。
+使用实例
+举例：输入rmdir dir
+*******************************************************/
 int osShellCmdRmdir(int argc, const char **argv)
 {
   int  ret;
@@ -1466,11 +1483,11 @@ int osShellCmdRmdir(int argc, const char **argv)
 
   if (os_is_containers_wildcard(fullpath))
     {
-      ret = os_wildcard_extract_directory(fullpath, NULL, RM_DIR);
+      ret = os_wildcard_extract_directory(fullpath, NULL, RM_DIR);//;//对通配符目录的处理
     }
   else
     {
-      ret = rmdir(fullpath);
+      ret = rmdir(fullpath);// 删除由装入点管理的文件,本质是删除一个目录inode
     }
   free(fullpath);
 
@@ -1562,10 +1579,9 @@ int osShellCmdSu(int argc, const char **argv)
   unsigned int su_uid;
   unsigned int su_gid;
 
-  if (argc == 0)
+  if (argc == 0)//无参时切换到root用户
     {
       /* for su root */
-
       su_uid = 0;
       su_gid = 0;
     }
@@ -1575,10 +1591,10 @@ int osShellCmdSu(int argc, const char **argv)
       ERROR_OUT_IF((checkNum(argv[0]) != 0) || (checkNum(argv[1]) != 0), /* check argv is digit */
       PRINTK("check uid_num and gid_num is digit\n"), return -1);
 
-      su_uid = atoi(argv[0]);
+      su_uid = atoi(argv[0]);//标准musl C库函数 字符串转数字
       su_gid = atoi(argv[1]);
-
-      ERROR_OUT_IF((su_uid < 0) || (su_uid > 60000) || (su_gid < 0) ||
+	  
+      ERROR_OUT_IF((su_uid < 0) || (su_uid > 60000) || (su_gid < 0) || //uid 和 gid 的范围限制
          (su_gid > 60000), PRINTK("uid_num or gid_num out of range!they should be [0~60000]\n"), return -1);
     }
 
@@ -1590,7 +1606,7 @@ int osShellCmdSu(int argc, const char **argv)
 shell chmod 用于修改文件操作权限。chmod [mode] [pathname]
 mode 文件或文件夹权限，用8进制表示对应User、Group、及Other（拥有者、群组、其他组）的权限。[0,777]
 pathname 文件路径。已存在的文件。
-chmod 777 weharmony.txt
+chmod 777 weharmony.txt 暂不支持 chmod ugo+r file1.txt这种写法
 ****************************************************************/
 int osShellCmdChmod(int argc, const char **argv)
 {
@@ -1599,7 +1615,7 @@ int osShellCmdChmod(int argc, const char **argv)
   int ret;
   char *fullpath = NULL;
   const char *filename = NULL;
-  struct IATTR attr = {0};
+  struct IATTR attr = {0};//IATTR是用来inode的属性 见于 ..\third_party\NuttX\include\nuttx\fs\fs.h
   char *shell_working_directory = NULL;
   const char *p = NULL;
 #define MODE_BIT 3 /* 3 bits express 1 mode */
@@ -1630,9 +1646,9 @@ int osShellCmdChmod(int argc, const char **argv)
   ret = vfs_normalize_path(shell_working_directory, filename, &fullpath);//获取全路径
   ERROR_OUT_IF(ret < 0, set_err(-ret, "chmod error\n"), return -1);
 
-  attr.attr_chg_mode = mode;
-  attr.attr_chg_valid = CHG_MODE; /* change mode */
-  ret = chattr(fullpath, &attr);
+  attr.attr_chg_mode = mode;// 7(rwx)代表(可读,可写,可执行)
+  attr.attr_chg_valid = CHG_MODE; /* change mode */ 
+  ret = chattr(fullpath, &attr);//改变文件属性
   if (ret < 0)
     {
       free(fullpath);
@@ -1664,30 +1680,30 @@ int osShellCmdChown(int argc, const char **argv)
   attr.attr_chg_valid = 0;
 
   ERROR_OUT_IF(((argc != 2) && (argc != 3)), PRINTK("Usage: chown [OWNER] [GROUP] FILE\n"), return -1);
-  if (argc == 2)
+  if (argc == 2)//只有二个参数解析 chown 100 weharmony.txt
     {
       ERROR_OUT_IF((checkNum(argv[0]) != 0), PRINTK("check OWNER is digit\n"), return -1);
       owner = atoi(argv[0]);
       filename = argv[1];
     }
-  if (argc == 3)
+  if (argc == 3)//有三个参数解析 chown 100 200 weharmony.txt
     {
       ERROR_OUT_IF((checkNum(argv[0]) != 0), PRINTK("check OWNER is digit\n"), return -1);
       ERROR_OUT_IF((checkNum(argv[1]) != 0), PRINTK("check GROUP is digit\n"), return -1);
-      owner = atoi(argv[0]);
-      group = atoi(argv[1]);
+      owner = atoi(argv[0]);//第一个参数用于修改拥有者指定用户
+      group = atoi(argv[1]);//第二个参数用于修改拥有者指定组
       filename = argv[2];
     }
 
-  if (group != -1)
+  if (group != -1)//-1代表不需要处理
     {
       attr.attr_chg_gid = group;
-      attr.attr_chg_valid |= CHG_GID;
+      attr.attr_chg_valid |= CHG_GID;//贴上拥有组被修改过的标签
     }
-  if (owner != -1)
+  if (owner != -1)//-1代表不需要处理
     {
       attr.attr_chg_uid = owner;
-      attr.attr_chg_valid |= CHG_UID;
+      attr.attr_chg_valid |= CHG_UID;//贴上拥有者被修改过的标签
     }
 
   char *shell_working_directory = OsShellGetWorkingDirtectory();
@@ -1698,7 +1714,7 @@ int osShellCmdChown(int argc, const char **argv)
   ret = vfs_normalize_path(shell_working_directory, filename, &fullpath);
   ERROR_OUT_IF(ret < 0, set_err(-ret, "chown error\n"), return -1);
 
-  ret = chattr(fullpath, &attr);
+  ret = chattr(fullpath, &attr);//修改属性,在chattr中,参数attr将会和fullpath原有attr->attr_chg_valid 按|运算
   if (ret < 0)
     {
       free(fullpath);
@@ -1729,8 +1745,8 @@ int osShellCmdChgrp(int argc, const char **argv)
   group = atoi(argv[0]);
   filename = argv[1];
 
-  if (group != -1) {
-    attr.attr_chg_gid = group;
+  if (group != -1) {//可以看出 chgrp 是 chown 命令的裁剪版
+    attr.attr_chg_gid = group; 
     attr.attr_chg_valid |= CHG_GID;
   }
 
@@ -1741,7 +1757,7 @@ int osShellCmdChgrp(int argc, const char **argv)
   ret = vfs_normalize_path(shell_working_directory, filename, &fullpath);
   ERROR_OUT_IF(ret < 0, set_err(-ret, "chmod error"), return -1);
 
-  ret = chattr(fullpath, &attr);
+  ret = chattr(fullpath, &attr);//修改属性
   if (ret < 0) {
     free(fullpath);
     PRINTK("chgrp error! %s\n", strerror(errno));

kernel/base/core/los_process.c

@@ -191,7 +191,7 @@ STATIC VOID OsExitProcessGroup(LosProcessCB *processCB, ProcessGroup **group)//P
 
     processCB->group = NULL;
 }
-//通过组ID找个进程组
+//通过组ID找到进程组
 STATIC ProcessGroup *OsFindProcessGroup(UINT32 gid)
 {
     ProcessGroup *group = NULL;
@@ -764,8 +764,8 @@ STATIC UINT32 OsInitPCB(LosProcessCB *processCB, UINT32 mode, UINT16 priority, U
 }
 //创建用户
 #ifdef LOSCFG_SECURITY_CAPABILITY
-STATIC User *OsCreateUser(UINT32 userID, UINT32 gid, UINT32 size)
-{
+STATIC User *OsCreateUser(UINT32 userID, UINT32 gid, UINT32 size)//参数size 表示组数量
+{	//(size - 1) * sizeof(UINT32) 用于 user->groups[..],这种设计节约了内存,不造成不需要的浪费
     User *user = LOS_MemAlloc(m_aucSysMem1, sizeof(User) + (size - 1) * sizeof(UINT32));
     if (user == NULL) {
         return NULL;
@@ -775,11 +775,11 @@ STATIC User *OsCreateUser(UINT32 userID, UINT32 gid, UINT32 size)
     user->effUserID = userID;
     user->gid = gid;
     user->effGid = gid;
-    user->groupNumber = size;
-    user->groups[0] = gid;
+    user->groupNumber = size;//用户组数量
+    user->groups[0] = gid;	 //用户组列表,一个用户可以属于多个用户组
     return user;
 }
-
+//检查参数群组ID是否在当前用户所属群组中
 LITE_OS_SEC_TEXT BOOL LOS_CheckInGroups(UINT32 gid)
 {
     UINT32 intSave;
@@ -787,8 +787,8 @@ LITE_OS_SEC_TEXT BOOL LOS_CheckInGroups(UINT32 gid)
     User *user = NULL;
 
     SCHEDULER_LOCK(intSave);
-    user = OsCurrUserGet();
-    for (count = 0; count < user->groupNumber; count++) {
+    user = OsCurrUserGet();//当前进程所属用户
+    for (count = 0; count < user->groupNumber; count++) {//循环对比
         if (user->groups[count] == gid) {
             SCHEDULER_UNLOCK(intSave);
             return TRUE;
@@ -872,14 +872,14 @@ STATIC UINT32 OsProcessCreateInit(LosProcessCB *processCB, UINT32 flags, const C
     }
 #endif
 
-#ifdef LOSCFG_KERNEL_CPUP
+#ifdef LOSCFG_KERNEL_CPUP //CPU性能统计开关
     OsCpupSet(processCB->processID);
 #endif
 
     return LOS_OK;
 
 EXIT:
-    OsDeInitPCB(processCB);//删除进程控制块
+    OsDeInitPCB(processCB);//删除进程控制块,归还内存
     return ret;
 }
 

kernel/base/include/los_process_pri.h

@@ -59,13 +59,13 @@ extern "C" {
 #ifdef LOSCFG_SECURITY_CAPABILITY
 #define OS_GROUPS_NUMBER_MAX 256
 
-typedef struct {
-    UINT32  userID;
+typedef struct { //用户描述体
+    UINT32  userID;	//用户ID [0,60000],0为root用户
     UINT32  effUserID;
-    UINT32  gid;
+    UINT32  gid;	//用户组ID [0,60000],0为root用户组
     UINT32  effGid;
-    UINT32  groupNumber;
-    UINT32  groups[1];
+    UINT32  groupNumber;//用户组数量 
+    UINT32  groups[1];	//所属用户组列表,一个用户可属多个用户组
 } User;
 #endif
 
@@ -117,9 +117,9 @@ typedef struct ProcessCB {
 #endif
     timer_t             timerID;       /**< iTimer */
 
-#ifdef LOSCFG_SECURITY_CAPABILITY
-    User                *user;
-    UINT32              capability;
+#ifdef LOSCFG_SECURITY_CAPABILITY	//安全能力
+    User                *user;		//进程的拥有者
+    UINT32              capability;	//安全能力范围 对应 CAP_SETGID
 #endif
 #ifdef LOSCFG_SECURITY_VID
     TimerIdMap          timerIdMap;
@@ -410,7 +410,7 @@ STATIC INLINE UINT32 OsCpuProcessIDGet(UINT16 cpuID)
 }
 
 #ifdef LOSCFG_SECURITY_CAPABILITY
-STATIC INLINE User *OsCurrUserGet(VOID)
+STATIC INLINE User *OsCurrUserGet(VOID)//获取当前进程的所属用户
 {
     User *user = NULL;
     UINT32 intSave;

security/cap/capability.c

@@ -35,10 +35,10 @@
 #include "user_copy.h"
 #include "los_printf.h"
 
-#define CAPABILITY_INIT_STAT            0xffffffff
+#define CAPABILITY_INIT_STAT            0xffffffff //能力范围的初始化值,用于划定进程的能力边界
 #define CAPABILITY_GET_CAP_MASK(x)      (1 << ((x) & 31))
 #define CAPABILITY_MAX                  31
-
+//进程是否拥有 参数 能力
 BOOL IsCapPermit(UINT32 capIndex)
 {
     UINT32 capability = OsCurrProcessGet()->capability;
@@ -49,12 +49,12 @@ BOOL IsCapPermit(UINT32 capIndex)
 
     return (capability & (CAPABILITY_GET_CAP_MASK(capIndex)));
 }
-
+//初始化进程的能力
 VOID OsInitCapability(LosProcessCB *processCB)
 {
     processCB->capability = CAPABILITY_INIT_STAT;
 }
-
+//进程能力拷贝
 VOID OsCopyCapability(LosProcessCB *from, LosProcessCB *to)
 {
     UINT32 intSave;
@@ -63,21 +63,21 @@ VOID OsCopyCapability(LosProcessCB *from, LosProcessCB *to)
     to->capability = from->capability;
     SCHEDULER_UNLOCK(intSave);
 }
-
+//设置进程能力
 UINT32 SysCapSet(UINT32 caps)
 {
     UINT32 intSave;
 
-    if (!IsCapPermit(CAP_CAPSET)) {
+    if (!IsCapPermit(CAP_CAPSET)) {//是否有设置进程能力的能力
         return -EPERM;
     }
 
-    SCHEDULER_LOCK(intSave);
+    SCHEDULER_LOCK(intSave);//这种耗时很短的临界区用自旋锁
     OsCurrProcessGet()->capability = caps;
     SCHEDULER_UNLOCK(intSave);
     return LOS_OK;
 }
-
+//获取进程能力
 UINT32 SysCapGet(UINT32 *caps)
 {
     UINT32 intSave;
@@ -87,7 +87,7 @@ UINT32 SysCapGet(UINT32 *caps)
     kCaps = OsCurrProcessGet()->capability;
     SCHEDULER_UNLOCK(intSave);
 
-    if (LOS_ArchCopyToUser(caps, &kCaps, sizeof(UINT32)) != LOS_OK) {
+    if (LOS_ArchCopyToUser(caps, &kCaps, sizeof(UINT32)) != LOS_OK) {//完成从内核空间到用户空间的拷贝
         return -EFAULT;
     }
 

security/cap/capability_type.h

@@ -32,9 +32,9 @@
 #ifndef CAPABILITY_TYPE_H
 #define CAPABILITY_TYPE_H
 	
-// posix capabilities	//posix 接口能力
-#define CAP_CHOWN                       0
-#define CAP_DAC_EXECUTE                 1
+// posix capabilities	//posix 接口能力范围
+#define CAP_CHOWN                       0	//修改拥有者
+#define CAP_DAC_EXECUTE                 1	//
 #define CAP_DAC_WRITE                   2
 #define CAP_DAC_READ_SEARCH             3
 #define CAP_FOWNER                      4
@@ -43,27 +43,27 @@
 #define CAP_SETUID                      7	//设置用户ID
 
 // socket capabilities	//网络能力
-#define CAP_NET_BIND_SERVICE            8
-#define CAP_NET_BROADCAST               9
-#define CAP_NET_ADMIN                   10
-#define CAP_NET_RAW                     11
+#define CAP_NET_BIND_SERVICE            8	//绑定端口
+#define CAP_NET_BROADCAST               9	//网络广播
+#define CAP_NET_ADMIN                   10	//网络管理
+#define CAP_NET_RAW                     11	//网络读写访问
 
 // fs capabilities	//文件系统能力
-#define CAP_FS_MOUNT                    12
-#define CAP_FS_FORMAT                   13
+#define CAP_FS_MOUNT                    12	//挂载
+#define CAP_FS_FORMAT                   13	//格式化
 
-// process capabilities	//进程调度能力，设置调度优先级
-#define CAP_SCHED_SETPRIORITY           14
+// process capabilities	//进程调度能力，
+#define CAP_SCHED_SETPRIORITY           14 //设置调度优先级
 
 // time capabilities	//时间能力
-#define CAP_SET_TIMEOFDAY               15
-#define CAP_CLOCK_SETTIME               16
+#define CAP_SET_TIMEOFDAY               15	//重置系统时间
+#define CAP_CLOCK_SETTIME               16	//设置时钟
 
 // process capabilities	//进程能力
-#define CAP_CAPSET                      17
+#define CAP_CAPSET                      17	//设置进程能力的能力
 
 // reboot capability	//重新启动功能
-#define CAP_REBOOT                      18
+#define CAP_REBOOT                      18	//重启系统
 // self deined privileged syscalls	//自定义特权系统调用
-#define CAP_SHELL_EXEC                  19
+#define CAP_SHELL_EXEC                  19	//自定义 shell 命令 
 #endif
\ No newline at end of file

syscall/process_syscall.c

@@ -437,7 +437,7 @@ int SysGetRealEffSaveUserID(int *ruid, int *euid, int *suid)
 
     return 0;
 }
-
+//设置用户ID
 int SysSetUserID(int uid)
 {
 #ifdef LOSCFG_SECURITY_CAPABILITY //安全能力宏
@@ -537,7 +537,7 @@ int SysSetRealEffUserID(int ruid, int euid)
     return 0;
 #endif
 }
-
+//设置用户群组ID
 int SysSetGroupID(int gid)
 {
 #ifdef LOSCFG_SECURITY_CAPABILITY

zzz/git/push.sh

 git add -A
-git commit -m  'shell 实现代码的注释 
+git commit -m  '对chmod chown chgrp几个命令的实现注解 
 搜索 @note_pic 可以查看全部字符图
 搜索 @note_why 是注者尚未看明白的地方，如果您看明白了，请告诉注者完善
 搜索 @note_thinking 是注者的思考和吐槽的地方