| /security/safesetid/ |
| D | lsm.c | 39 hash_for_each_possible(policy->rules, rule, next, __kuid_val(src.uid)) { in _setid_policy_lookup()
40 if (!uid_eq(rule->src_id.uid, src.uid)) in _setid_policy_lookup()
42 if (uid_eq(rule->dst_id.uid, dst.uid)) in _setid_policy_lookup()
119 if (setid_policy_lookup((kid_t){.uid = cred->uid}, INVALID_ID, UID) == SIDPOL_DEFAULT) in safesetid_security_capable()
126 __kuid_val(cred->uid)); in safesetid_security_capable()
141 __kuid_val(cred->uid)); in safesetid_security_capable()
162 if (uid_eq(new_id.uid, old->uid) || uid_eq(new_id.uid, old->euid) || in id_permitted_for_cred()
163 uid_eq(new_id.uid, old->suid)) in id_permitted_for_cred()
177 setid_policy_lookup((kid_t){.uid = old->uid}, new_id, new_type) != SIDPOL_CONSTRAINED; in id_permitted_for_cred()
182 __kuid_val(old->uid), __kuid_val(old->euid), in id_permitted_for_cred()
[all …]
|
| D | securityfs.c | 54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
56 if (!uid_valid(rule->src_id.uid) || !uid_valid(rule->dst_id.uid)) in parse_policy_line()
91 hash_add(pol->rules, &rule->next, __kuid_val(rule->src_id.uid)); in insert_rule()
108 __kuid_val(rule->src_id.uid), in verify_ruleset()
109 __kuid_val(rule->dst_id.uid)); in verify_ruleset()
125 nrule->src_id.uid = rule->dst_id.uid; in verify_ruleset()
126 nrule->dst_id.uid = rule->dst_id.uid; in verify_ruleset()
|
| D | lsm.h | 31 kuid_t uid; member
56 #define INVALID_ID (kid_t){.uid = INVALID_UID}
|
| /security/keys/ |
| D | persistent.c | 40 static key_ref_t key_create_persistent(struct user_namespace *ns, kuid_t uid, in key_create_persistent() argument
58 uid, INVALID_GID, current_cred(), in key_create_persistent()
73 static long key_get_persistent(struct user_namespace *ns, kuid_t uid, in key_get_persistent() argument
86 index_key.desc_len = sprintf(buf, "_persistent.%u", from_kuid(ns, uid)); in key_get_persistent()
103 persistent_ref = key_create_persistent(ns, uid, &index_key); in key_get_persistent()
133 kuid_t uid; in keyctl_get_persistent() local
138 uid = current_uid(); in keyctl_get_persistent()
140 uid = make_kuid(ns, _uid); in keyctl_get_persistent()
141 if (!uid_valid(uid)) in keyctl_get_persistent()
147 if (!uid_eq(uid, current_uid()) && in keyctl_get_persistent()
[all …]
|
| D | process_keys.c | 32 .uid = GLOBAL_ROOT_UID,
82 uid_t uid = from_kuid(user_ns, cred->user->uid); in look_up_user_keyrings() local
88 kenter("%u", uid); in look_up_user_keyrings()
101 snprintf(buf, sizeof(buf), "_uid.%u", uid); in look_up_user_keyrings()
106 uid_keyring = keyring_alloc(buf, cred->user->uid, INVALID_GID, in look_up_user_keyrings()
123 snprintf(buf, sizeof(buf), "_uid_ses.%u", uid); in look_up_user_keyrings()
128 session_keyring = keyring_alloc(buf, cred->user->uid, INVALID_GID, in look_up_user_keyrings()
206 cred->user->uid)); in get_user_session_keyring_rcu()
228 keyring = keyring_alloc("_tid", new->uid, new->gid, new, in install_thread_keyring_to_cred()
275 keyring = keyring_alloc("_pid", new->uid, new->gid, new, in install_process_keyring_to_cred()
[all …]
|
| D | proc.c | 71 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
103 if (kuid_has_mapping(user_ns, minkey->user->uid)) in find_ge_key()
238 from_kuid_munged(seq_user_ns(m), key->uid), in proc_keys_show()
256 if (kuid_has_mapping(user_ns, user->uid)) in __key_user_next()
307 unsigned maxkeys = uid_eq(user->uid, GLOBAL_ROOT_UID) ? in proc_key_users_show()
309 unsigned maxbytes = uid_eq(user->uid, GLOBAL_ROOT_UID) ? in proc_key_users_show()
313 from_kuid_munged(seq_user_ns(m), user->uid), in proc_key_users_show()
|
| D | key.c | 51 struct key_user *key_user_lookup(kuid_t uid) in key_user_lookup() argument
66 if (uid_lt(uid, user->uid)) in key_user_lookup()
68 else if (uid_gt(uid, user->uid)) in key_user_lookup()
96 candidate->uid = uid; in key_user_lookup()
226 kuid_t uid, kgid_t gid, const struct cred *cred, in key_alloc() argument
251 user = key_user_lookup(uid); in key_alloc()
258 unsigned maxkeys = uid_eq(uid, GLOBAL_ROOT_UID) ? in key_alloc()
260 unsigned maxbytes = uid_eq(uid, GLOBAL_ROOT_UID) ? in key_alloc()
294 key->uid = uid; in key_alloc()
382 unsigned maxbytes = uid_eq(key->user->uid, GLOBAL_ROOT_UID) ? in key_payload_reserve()
|
| D | keyctl.c | 683 from_kuid_munged(current_user_ns(), key->uid), in keyctl_describe_key()
955 kuid_t uid; in keyctl_chown_key() local
958 uid = make_kuid(current_user_ns(), user); in keyctl_chown_key()
961 if ((user != (uid_t) -1) && !uid_valid(uid)) in keyctl_chown_key()
987 if (user != (uid_t) -1 && !uid_eq(key->uid, uid)) in keyctl_chown_key()
1000 if (user != (uid_t) -1 && !uid_eq(uid, key->uid)) { in keyctl_chown_key()
1002 newowner = key_user_lookup(uid); in keyctl_chown_key()
1008 unsigned maxkeys = uid_eq(uid, GLOBAL_ROOT_UID) ? in keyctl_chown_key()
1010 unsigned maxbytes = uid_eq(uid, GLOBAL_ROOT_UID) ? in keyctl_chown_key()
1040 key->uid = uid; in keyctl_chown_key()
[all …]
|
| D | internal.h | 61 kuid_t uid; member
70 extern struct key_user *key_user_lookup(kuid_t uid);
281 static inline long keyctl_get_persistent(uid_t uid, key_serial_t destring) in keyctl_get_persistent() argument
|
| D | permission.c | 54 if (uid_eq(key->uid, cred->fsuid)) { in key_task_permission()
|
| D | keyring.c | 517 struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, in keyring_alloc() argument
527 uid, gid, cred, perm, flags, restrict_link); in keyring_alloc()
1155 if (!kuid_has_mapping(ns, keyring->user->uid)) in find_keyring_by_name()
|
| /security/ |
| D | commoncap.c | 716 static inline bool __is_real(kuid_t uid, struct cred *cred) in __is_real() argument
717 { return uid_eq(cred->uid, uid); } in __is_real()
719 static inline bool __is_eff(kuid_t uid, struct cred *cred) in __is_eff() argument
720 { return uid_eq(cred->euid, uid); } in __is_eff()
722 static inline bool __is_suid(kuid_t uid, struct cred *cred) in __is_suid() argument
723 { return !__is_real(uid, cred) && __is_eff(uid, cred); } in __is_suid()
779 { return !uid_eq(new->euid, old->uid); } in __is_setuid()
869 new->euid = new->uid; in cap_bprm_creds_from_file()
1026 if ((uid_eq(old->uid, root_uid) || in cap_emulate_setxuid()
1029 (!uid_eq(new->uid, root_uid) && in cap_emulate_setxuid()
|
| D | security.c | 1143 int security_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in security_path_chown() argument
1147 return call_int_hook(path_chown, 0, path, uid, gid); in security_path_chown()
|
| /security/integrity/ima/ |
| D | ima_policy.c | 76 kuid_t uid; member
126 .uid = GLOBAL_ROOT_UID, .uid_op = &uid_eq,
138 .uid = GLOBAL_ROOT_UID, .uid_op = &uid_eq,
141 .uid = GLOBAL_ROOT_UID, .uid_op = &uid_eq,
465 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_keyring()
528 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules()
532 if (!rule->uid_op(cred->euid, rule->uid) in ima_match_rules()
533 && !rule->uid_op(cred->suid, rule->uid) in ima_match_rules()
534 && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules()
536 } else if (!rule->uid_op(cred->euid, rule->uid)) in ima_match_rules()
[all …]
|
| /security/apparmor/ |
| D | file.c | 168 NULL, NULL, cond->uid, info, error)); in path_name()
223 if (uid_eq(current_fsuid(), cond->uid)) { in aa_compute_fperms()
278 cond->uid, NULL, e); in __aa_path_perm()
434 NULL, cond->uid, info, error); in profile_path_link()
512 .uid = file_inode(file)->i_uid, in __file_path_perm()
|
| D | domain.c | 711 cond->uid, info, error); in profile_transition()
787 NULL, onexec, cond->uid, info, error); in profile_onexec()
|
| D | lsm.c | 274 cond.uid = inode->i_uid; in common_perm_rm()
392 static int apparmor_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in apparmor_path_chown() argument
|
| /security/tomoyo/ |
| D | tomoyo.c | 355 static int tomoyo_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in tomoyo_path_chown() argument
359 if (uid_valid(uid)) in tomoyo_path_chown()
361 from_kuid(&init_user_ns, uid)); in tomoyo_path_chown()
|
| D | audit.c | 200 from_kuid(&init_user_ns, stat->uid), in tomoyo_print_header()
209 from_kuid(&init_user_ns, stat->uid), in tomoyo_print_header()
|
| D | condition.c | 742 stat->uid = inode->i_uid; in tomoyo_get_attributes()
999 value = from_kuid(&init_user_ns, stat->uid); in tomoyo_condition()
|
| D | common.h | 568 kuid_t uid; member
|
| D | common.c | 948 (!uid_eq(task->cred->uid, GLOBAL_ROOT_UID) || in tomoyo_manager()
|
| /security/integrity/evm/ |
| D | evm_crypto.c | 146 uid_t uid; in hmac_add_misc() member
167 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid); in hmac_add_misc()
|
| /security/apparmor/include/ |
| D | file.h | 105 kuid_t uid; member
|