Home
last modified time | relevance | path

Searched refs:user_ns (Results 1 – 25 of 72) sorted by relevance

123

/net/bridge/
Dbr_ioctl.c93 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
183 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
189 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
195 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
201 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
240 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
247 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
258 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
275 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
332 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
[all …]
Dbr_sysfs_br.c40 if (!ns_capable(dev_net(br->dev)->user_ns, CAP_NET_ADMIN)) in store_bridge_parm()
140 if (!ns_capable(dev_net(br->dev)->user_ns, CAP_NET_ADMIN)) in stp_state_store()
174 if (!ns_capable(dev_net(br->dev)->user_ns, CAP_NET_ADMIN)) in group_fwd_mask_store()
306 if (!ns_capable(dev_net(br->dev)->user_ns, CAP_NET_ADMIN)) in group_addr_store()
346 if (!ns_capable(dev_net(br->dev)->user_ns, CAP_NET_ADMIN)) in flush_store()
/net/
Dsysctl_net.c45 kuid_t root_uid = make_kuid(net->user_ns, 0); in net_ctl_permissions()
46 kgid_t root_gid = make_kgid(net->user_ns, 0); in net_ctl_permissions()
49 if (ns_capable_noaudit(net->user_ns, CAP_NET_ADMIN) || in net_ctl_permissions()
/net/core/
Dscm.c50 kuid_t uid = make_kuid(cred->user_ns, creds->uid); in scm_check_creds()
51 kgid_t gid = make_kgid(cred->user_ns, creds->gid); in scm_check_creds()
57 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && in scm_check_creds()
59 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
61 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
Dnet_namespace.c276 static __net_init int setup_net(struct net *net, struct user_namespace *user_ns) in setup_net() argument
287 net->user_ns = user_ns; in setup_net()
376 struct user_namespace *user_ns, struct net *old_net) in copy_net_ns() argument
388 get_user_ns(user_ns); in copy_net_ns()
391 rv = setup_net(net, user_ns); in copy_net_ns()
399 put_user_ns(user_ns); in copy_net_ns()
471 put_user_ns(net->user_ns); in cleanup_net()
1015 if (!ns_capable(net->user_ns, CAP_SYS_ADMIN) || in netns_install()
Ddev_ioctl.c478 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
526 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
Dsock.c160 struct user_namespace *user_ns, int cap) in sk_ns_capable() argument
162 return file_ns_capable(sk->sk_socket->file, user_ns, cap) && in sk_ns_capable()
163 ns_capable(user_ns, cap); in sk_ns_capable()
193 return sk_ns_capable(sk, sock_net(sk)->user_ns, cap); in sk_net_capable()
570 if (!ns_capable(net->user_ns, CAP_NET_RAW)) in sock_setbindtodevice()
815 ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in sock_setsockopt()
955 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in sock_setsockopt()
1926 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in sock_cmsg_send()
2432 sk->sk_uid = make_kuid(sock_net(sk)->user_ns, 0); in sock_init_data()
Dsock_diag.c305 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in sock_diag_destroy()
/net/8021q/
Dvlan.c540 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
550 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
559 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
568 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
584 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
591 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
/net/ipv4/
Dsysctl_net_ipv4.c127 struct user_namespace *user_ns = current_user_ns(); in ipv4_ping_group_range() local
140 urange[0] = from_kgid_munged(user_ns, low); in ipv4_ping_group_range()
141 urange[1] = from_kgid_munged(user_ns, high); in ipv4_ping_group_range()
145 low = make_kgid(user_ns, urange[0]); in ipv4_ping_group_range()
146 high = make_kgid(user_ns, urange[1]); in ipv4_ping_group_range()
Dinet_diag.c112 struct user_namespace *user_ns, in inet_sk_diag_fill() argument
168 r->idiag_uid = from_kuid_munged(user_ns, sock_i_uid(sk)); in inet_sk_diag_fill()
264 struct user_namespace *user_ns, in inet_csk_diag_fill() argument
269 return inet_sk_diag_fill(sk, inet_csk(sk), skb, req, user_ns, in inet_csk_diag_fill()
350 struct user_namespace *user_ns, in sk_diag_fill() argument
362 return inet_csk_diag_fill(sk, skb, r, user_ns, portid, seq, in sk_diag_fill()
Dip_options.c412 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
448 if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) { in __ip_options_compile()
461 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
/net/unix/
Dsysctl_net_unix.c38 if (net->user_ns != &init_user_ns) in unix_sysctl_register()
/net/netfilter/
Dnfnetlink_log.c156 u32 portid, struct user_namespace *user_ns) in instance_create() argument
188 inst->peer_user_ns = user_ns; in instance_create()
559 struct user_namespace *user_ns = inst->peer_user_ns; in __build_packet_message() local
560 __be32 uid = htonl(from_kuid_munged(user_ns, cred->fsuid)); in __build_packet_message()
561 __be32 gid = htonl(from_kgid_munged(user_ns, cred->fsgid)); in __build_packet_message()
Dnf_conntrack_timestamp.c55 if (net->user_ns != &init_user_ns) in nf_conntrack_tstamp_init_sysctl()
Dnf_conntrack_acct.c77 if (net->user_ns != &init_user_ns) in nf_conntrack_acct_init_sysctl()
Dnf_conntrack_ecache.c279 if (net->user_ns != &init_user_ns) in nf_conntrack_event_init_sysctl()
/net/packet/
Ddiag.c132 struct user_namespace *user_ns, in sk_diag_fill() argument
156 from_kuid_munged(user_ns, sock_i_uid(sk)))) in sk_diag_fill()
/net/xfrm/
Dxfrm_sysctl.c58 if (net->user_ns != &init_user_ns) in xfrm_sysctl_init()
/net/netlink/
Daf_netlink.c847 struct user_namespace *user_ns, int cap) in __netlink_ns_capable() argument
850 file_ns_capable(nsp->sk->sk_socket->file, user_ns, cap)) && in __netlink_ns_capable()
851 ns_capable(user_ns, cap); in __netlink_ns_capable()
866 struct user_namespace *user_ns, int cap) in netlink_ns_capable() argument
868 return __netlink_ns_capable(&NETLINK_CB(skb), user_ns, cap); in netlink_ns_capable()
899 return netlink_ns_capable(skb, sock_net(skb->sk)->user_ns, cap); in netlink_net_capable()
906 ns_capable(sock_net(sock->sk)->user_ns, CAP_NET_ADMIN); in netlink_allowed()
1405 if (!file_ns_capable(sk->sk_socket->file, p->net->user_ns, in do_one_broadcast()
1668 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_BROADCAST)) in netlink_setsockopt()
/net/ieee802154/
Dsocket.c894 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
895 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
918 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
919 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
/net/ipv6/
Dipv6_sockglue.c376 if (valbool && !ns_capable(net->user_ns, CAP_NET_ADMIN) && in do_ipv6_setsockopt()
377 !ns_capable(net->user_ns, CAP_NET_RAW)) { in do_ipv6_setsockopt()
415 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) in do_ipv6_setsockopt()
802 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in do_ipv6_setsockopt()
Ddatagram.c799 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
819 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
844 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
/net/sunrpc/
Dsvcauth_unix.c550 struct user_namespace *user_ns = &init_user_ns; in unix_gid_show() local
566 seq_printf(m, "%u %d:", from_kuid_munged(user_ns, ug->uid), glen); in unix_gid_show()
568 seq_printf(m, " %d", from_kgid_munged(user_ns, GROUP_AT(ug->gi, i))); in unix_gid_show()
/net/ipv4/netfilter/
Darp_tables.c1461 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in compat_do_arpt_set_ctl()
1603 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in compat_do_arpt_get_ctl()
1624 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in do_arpt_set_ctl()
1648 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in do_arpt_get_ctl()

123