173  * Determine whether the nominated task is permitted to trace the current
200  * @permitted: The place to record the permitted set
206 	       kernel_cap_t *inheritable, kernel_cap_t *permitted)  in cap_capget()  argument
215 	*permitted   = cred->cap_permitted;  in cap_capget()
222  * permitted set.  Returns 1 if they are limited, 0 if they are not.
241  * @permitted: A pointer to the proposed new permitted capabilities set
251 	       const kernel_cap_t *permitted)  in cap_capset()  argument
266 	/* verify restrictions on target's new Permitted set */  in cap_capset()
267 	if (!cap_issubset(*permitted, old->cap_permitted))  in cap_capset()
271 	if (!cap_issubset(*effective, *permitted))  in cap_capset()
276 	new->cap_permitted   = *permitted;  in cap_capset()
279 	 * Mask off ambient bits that are no longer both permitted and  in cap_capset()
283 					 cap_intersect(*permitted,  in cap_capset()
550 		__u32 permitted = caps->permitted.cap[i];  in bprm_caps_from_vfs_caps()  local
558 			(new->cap_bset.cap[i] & permitted) |  in bprm_caps_from_vfs_caps()
561 		if (permitted & ~new->cap_permitted.cap[i])  in bprm_caps_from_vfs_caps()
569 	 * missing some "forced" (aka file-permitted) capabilities.  in bprm_caps_from_vfs_caps()
639 		cpu_caps->permitted.cap[i] = le32_to_cpu(caps->data[i].permitted);  in get_vfs_caps_from_disk()
643 	cpu_caps->permitted.cap[CAP_LAST_U32] &= CAP_LAST_U32_VALID_MASK;  in get_vfs_caps_from_disk()
798 	       __cap_gained(permitted, new, old)) ||  in nonroot_raised_pE()
835 	if (__cap_gained(permitted, new, old))  in cap_bprm_set_creds()
845 	if ((is_setid || __cap_gained(permitted, new, old)) &&  in cap_bprm_set_creds()
899 	      __cap_grew(permitted, ambient, new))))  in cap_bprm_set_creds()
977  * cap_emulate_setxuid() fixes the effective / permitted capabilities of
981  *  {r,e,s}uid != 0, the permitted and effective capabilities are
988  *  capabilities are set to the permitted capabilities.
997  * calls setuid() and switches away from uid==0. Both permitted and
1106  * cap_task_setscheduler - Detemine if scheduler policy change is permitted
1109  * Detemine if the requested scheduler policy change is permitted for the
1118  * cap_task_ioprio - Detemine if I/O priority change is permitted
1122  * Detemine if the requested I/O priority change is permitted for the specified
1131  * cap_task_ioprio - Detemine if task priority change is permitted
1135  * Detemine if the requested task priority change is permitted for the
1301  * cap_vm_enough_memory - Determine whether a new virtual mapping is permitted
1306  * task is permitted, returning 1 if permission is granted, 0 if not.