Home
last modified time | relevance | path

Searched refs:user_ns (Results 1 – 25 of 82) sorted by relevance

1234

/net/netfilter/
Dxt_owner.c32 (current_user_ns() != net->user_ns)) in owner_check()
37 kuid_t uid_min = make_kuid(net->user_ns, info->uid_min); in owner_check()
38 kuid_t uid_max = make_kuid(net->user_ns, info->uid_max); in owner_check()
49 kgid_t gid_min = make_kgid(net->user_ns, info->gid_min); in owner_check()
50 kgid_t gid_max = make_kgid(net->user_ns, info->gid_max); in owner_check()
88 kuid_t uid_min = make_kuid(net->user_ns, info->uid_min); in owner_mt()
89 kuid_t uid_max = make_kuid(net->user_ns, info->uid_max); in owner_mt()
100 kgid_t gid_min = make_kgid(net->user_ns, info->gid_min); in owner_mt()
101 kgid_t gid_max = make_kgid(net->user_ns, info->gid_max); in owner_mt()
Dnfnetlink_log.c159 u32 portid, struct user_namespace *user_ns) in instance_create() argument
191 inst->peer_user_ns = user_ns; in instance_create()
607 struct user_namespace *user_ns = inst->peer_user_ns; in __build_packet_message() local
608 __be32 uid = htonl(from_kuid_munged(user_ns, cred->fsuid)); in __build_packet_message()
609 __be32 gid = htonl(from_kgid_munged(user_ns, cred->fsgid)); in __build_packet_message()
1125 root_uid = make_kuid(net->user_ns, 0); in nfnl_log_net_init()
1126 root_gid = make_kgid(net->user_ns, 0); in nfnl_log_net_init()
Dnft_meta.c149 *dest = from_kuid_munged(sock_net(sk)->user_ns, in nft_meta_get_eval_skugid()
153 *dest = from_kgid_munged(sock_net(sk)->user_ns, in nft_meta_get_eval_skugid()
/net/bridge/
Dbr_ioctl.c90 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
199 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
206 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
213 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
220 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
260 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
267 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
276 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
290 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
353 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
[all …]
/net/unix/
Ddiag.c117 struct user_namespace *user_ns) in sk_diag_dump_uid() argument
119 uid_t uid = from_kuid_munged(user_ns, sock_i_uid(sk)); in sk_diag_dump_uid()
124 struct user_namespace *user_ns, in sk_diag_fill() argument
171 sk_diag_dump_uid(sk, skb, user_ns)) in sk_diag_fill()
183 struct user_namespace *user_ns, in sk_diag_dump() argument
195 return sk_diag_fill(sk, skb, req, user_ns, portid, seq, flags, sk_ino); in sk_diag_dump()
Dsysctl_net_unix.c34 if (net->user_ns != &init_user_ns) in unix_sysctl_register()
/net/core/
Dnet_namespace.c309 static __net_init int setup_net(struct net *net, struct user_namespace *user_ns) in setup_net() argument
323 net->user_ns = user_ns; in setup_net()
447 struct user_namespace *user_ns, struct net *old_net) in copy_net_ns() argument
456 ucounts = inc_net_namespaces(user_ns); in copy_net_ns()
467 get_user_ns(user_ns); in copy_net_ns()
473 rv = setup_net(net, user_ns); in copy_net_ns()
482 put_user_ns(user_ns); in copy_net_ns()
503 kuid_t ns_root_uid = make_kuid(net->user_ns, 0); in net_ns_get_ownership()
504 kgid_t ns_root_gid = make_kgid(net->user_ns, 0); in net_ns_get_ownership()
616 put_user_ns(net->user_ns); in cleanup_net()
[all …]
Dscm.c49 kuid_t uid = make_kuid(cred->user_ns, creds->uid); in scm_check_creds()
50 kgid_t gid = make_kgid(cred->user_ns, creds->gid); in scm_check_creds()
56 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && in scm_check_creds()
58 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
60 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
Dsock.c162 struct user_namespace *user_ns, int cap) in sk_ns_capable() argument
164 return file_ns_capable(sk->sk_socket->file, user_ns, cap) && in sk_ns_capable()
165 ns_capable(user_ns, cap); in sk_ns_capable()
195 return sk_ns_capable(sk, sock_net(sk)->user_ns, cap); in sk_net_capable()
596 if (sk->sk_bound_dev_if && !ns_capable(net->user_ns, CAP_NET_RAW)) in sock_bindtoindex_locked()
1083 ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in sock_setsockopt()
1228 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) { in sock_setsockopt()
1351 !ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) { in sock_setsockopt()
1411 struct user_namespace *user_ns = current_user_ns(); in groups_to_user() local
1415 if (put_user(from_kgid_munged(user_ns, src->gid[i]), dst + i)) in groups_to_user()
[all …]
Ddev_ioctl.c538 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
580 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
/net/
Dsysctl_net.c48 if (ns_capable_noaudit(net->user_ns, CAP_NET_ADMIN)) { in net_ctl_permissions()
64 ns_root_uid = make_kuid(net->user_ns, 0); in net_ctl_set_ownership()
68 ns_root_gid = make_kgid(net->user_ns, 0); in net_ctl_set_ownership()
/net/smc/
Dsmc_diag.c61 struct user_namespace *user_ns) in smc_diag_msg_attrs_fill() argument
66 r->diag_uid = from_kuid_munged(user_ns, sock_i_uid(sk)); in smc_diag_msg_attrs_fill()
78 struct user_namespace *user_ns; in __smc_diag_dump() local
96 user_ns = sk_user_ns(NETLINK_CB(cb->skb).sk); in __smc_diag_dump()
97 if (smc_diag_msg_attrs_fill(sk, skb, r, user_ns)) in __smc_diag_dump()
/net/8021q/
Dvlan.c577 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
587 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
596 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
605 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
620 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
627 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
/net/xdp/
Dxsk_diag.c94 struct user_namespace *user_ns, in xsk_diag_fill() argument
122 from_kuid_munged(user_ns, sock_i_uid(sk)))) in xsk_diag_fill()
/net/sunrpc/
Dsvcauth_unix.c560 struct user_namespace *user_ns = m->file->f_cred->user_ns; in unix_gid_show() local
576 seq_printf(m, "%u %d:", from_kuid_munged(user_ns, ug->uid), glen); in unix_gid_show()
578 seq_printf(m, " %d", from_kgid_munged(user_ns, ug->gi->gid[i])); in unix_gid_show()
828 rqstp->rq_xprt->xpt_cred->user_ns : &init_user_ns; in svcauth_unix_accept()
Dauth_unix.c111 clnt->cl_cred->user_ns : &init_user_ns; in unx_marshal()
/net/packet/
Ddiag.c132 struct user_namespace *user_ns, in sk_diag_fill() argument
156 from_kuid_munged(user_ns, sock_i_uid(sk)))) in sk_diag_fill()
/net/ipv4/
Dip_options.c409 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
444 if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) { in __ip_options_compile()
457 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
Dsysctl_net_ipv4.c175 struct user_namespace *user_ns = current_user_ns(); in ipv4_ping_group_range() local
188 urange[0] = from_kgid_munged(user_ns, low); in ipv4_ping_group_range()
189 urange[1] = from_kgid_munged(user_ns, high); in ipv4_ping_group_range()
193 low = make_kgid(user_ns, urange[0]); in ipv4_ping_group_range()
194 high = make_kgid(user_ns, urange[1]); in ipv4_ping_group_range()
/net/xfrm/
Dxfrm_sysctl.c59 if (net->user_ns != &init_user_ns) in xfrm_sysctl_init()
/net/netlink/
Daf_netlink.c871 struct user_namespace *user_ns, int cap) in __netlink_ns_capable() argument
874 file_ns_capable(nsp->sk->sk_socket->file, user_ns, cap)) && in __netlink_ns_capable()
875 ns_capable(user_ns, cap); in __netlink_ns_capable()
890 struct user_namespace *user_ns, int cap) in netlink_ns_capable() argument
892 return __netlink_ns_capable(&NETLINK_CB(skb), user_ns, cap); in netlink_ns_capable()
923 return netlink_ns_capable(skb, sock_net(skb->sk)->user_ns, cap); in netlink_net_capable()
930 ns_capable(sock_net(sock->sk)->user_ns, CAP_NET_ADMIN); in netlink_allowed()
1450 if (!file_ns_capable(sk->sk_socket->file, p->net->user_ns, in do_one_broadcast()
1715 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_BROADCAST)) in netlink_setsockopt()
/net/ieee802154/
Dsocket.c907 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
908 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
931 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
932 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
/net/ipv6/
Dipv6_sockglue.c328 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) in ipv6_set_opt_hdr()
628 if (valbool && !ns_capable(net->user_ns, CAP_NET_RAW) && in do_ipv6_setsockopt()
629 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { in do_ipv6_setsockopt()
940 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in do_ipv6_setsockopt()
Ddatagram.c870 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
890 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
915 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
/net/sctp/
Ddiag.c122 struct user_namespace *user_ns, in inet_sctp_diag_fill() argument
153 if (inet_diag_msg_attrs_fill(sk, skb, r, ext, user_ns, net_admin)) in inet_sctp_diag_fill()

1234