243 	       const struct cred *old,  in cap_capset()  argument
250 			  cap_combine(old->cap_inheritable,  in cap_capset()
251 				      old->cap_permitted)))  in cap_capset()
256 			  cap_combine(old->cap_inheritable,  in cap_capset()
257 				      old->cap_bset)))  in cap_capset()
262 	if (!cap_issubset(*permitted, old->cap_permitted))  in cap_capset()
799 	const struct cred *old = current_cred();  in handle_privileged_root()  local
820 		new->cap_permitted = cap_combine(old->cap_bset,  in handle_privileged_root()
821 						 old->cap_inheritable);  in handle_privileged_root()
837 static inline bool __is_setuid(struct cred *new, const struct cred *old)  in __is_setuid()  argument
838 { return !uid_eq(new->euid, old->uid); }  in __is_setuid()
840 static inline bool __is_setgid(struct cred *new, const struct cred *old)  in __is_setgid()  argument
841 { return !gid_eq(new->egid, old->gid); }  in __is_setgid()
860 static inline bool nonroot_raised_pE(struct cred *new, const struct cred *old,  in nonroot_raised_pE()  argument
872 	    (!__is_setuid(new, old) &&  in nonroot_raised_pE()
874 	       __cap_gained(permitted, new, old)) ||  in nonroot_raised_pE()
875 	      __cap_gained(ambient, new, old))))  in nonroot_raised_pE()
896 	const struct cred *old = current_cred();  in cap_bprm_creds_from_file()  local
902 	if (WARN_ON(!cap_ambient_invariant_ok(old)))  in cap_bprm_creds_from_file()
914 	if (__cap_gained(permitted, new, old))  in cap_bprm_creds_from_file()
922 	is_setid = __is_setuid(new, old) || __is_setgid(new, old);  in cap_bprm_creds_from_file()
924 	if ((is_setid || __cap_gained(permitted, new, old)) &&  in cap_bprm_creds_from_file()
934 						   old->cap_permitted);  in cap_bprm_creds_from_file()
962 	if (nonroot_raised_pE(new, old, root_uid, has_fcap)) {  in cap_bprm_creds_from_file()
963 		ret = audit_log_bprm_fcaps(bprm, new, old);  in cap_bprm_creds_from_file()
1092 static inline void cap_emulate_setxuid(struct cred *new, const struct cred *old)  in cap_emulate_setxuid()  argument
1094 	kuid_t root_uid = make_kuid(old->user_ns, 0);  in cap_emulate_setxuid()
1096 	if ((uid_eq(old->uid, root_uid) ||  in cap_emulate_setxuid()
1097 	     uid_eq(old->euid, root_uid) ||  in cap_emulate_setxuid()
1098 	     uid_eq(old->suid, root_uid)) &&  in cap_emulate_setxuid()
1114 	if (uid_eq(old->euid, root_uid) && !uid_eq(new->euid, root_uid))  in cap_emulate_setxuid()
1116 	if (!uid_eq(old->euid, root_uid) && uid_eq(new->euid, root_uid))  in cap_emulate_setxuid()
1131 int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags)  in cap_task_fix_setuid()  argument
1140 			cap_emulate_setxuid(new, old);  in cap_task_fix_setuid()
1151 			kuid_t root_uid = make_kuid(old->user_ns, 0);  in cap_task_fix_setuid()
1152 			if (uid_eq(old->fsuid, root_uid) && !uid_eq(new->fsuid, root_uid))  in cap_task_fix_setuid()
1156 			if (!uid_eq(old->fsuid, root_uid) && uid_eq(new->fsuid, root_uid))  in cap_task_fix_setuid()
1276 	const struct cred *old = current_cred();  in cap_task_prctl()  local
1283 		return !!cap_raised(old->cap_bset, arg2);  in cap_task_prctl()
1308 		if ((((old->securebits & SECURE_ALL_LOCKS) >> 1)  in cap_task_prctl()
1309 		     & (old->securebits ^ arg2))			/*[1]*/  in cap_task_prctl()
1310 		    || ((old->securebits & SECURE_ALL_LOCKS & ~arg2))	/*[2]*/  in cap_task_prctl()
1334 		return old->securebits;  in cap_task_prctl()