Home
last modified time | relevance | path

Searched refs:mnt_userns (Results 1 – 12 of 12) sorted by relevance

/security/integrity/evm/
Devm_main.c455 static int evm_xattr_acl_change(struct user_namespace *mnt_userns, in evm_xattr_acl_change() argument
479 rc = posix_acl_update_mode(mnt_userns, inode, &mode, &acl_res); in evm_xattr_acl_change()
504 static int evm_xattr_change(struct user_namespace *mnt_userns, in evm_xattr_change() argument
512 return evm_xattr_acl_change(mnt_userns, dentry, xattr_name, in evm_xattr_change()
541 static int evm_protect_xattr(struct user_namespace *mnt_userns, in evm_protect_xattr() argument
597 !evm_xattr_change(mnt_userns, dentry, xattr_name, xattr_value, in evm_protect_xattr()
624 int evm_inode_setxattr(struct user_namespace *mnt_userns, struct dentry *dentry, in evm_inode_setxattr() argument
643 return evm_protect_xattr(mnt_userns, dentry, xattr_name, xattr_value, in evm_inode_setxattr()
656 int evm_inode_removexattr(struct user_namespace *mnt_userns, in evm_inode_removexattr() argument
665 return evm_protect_xattr(mnt_userns, dentry, xattr_name, NULL, 0); in evm_inode_removexattr()
/security/
Dcommoncap.c321 int cap_inode_killpriv(struct user_namespace *mnt_userns, struct dentry *dentry) in cap_inode_killpriv() argument
325 error = __vfs_removexattr(mnt_userns, dentry, XATTR_NAME_CAPS); in cap_inode_killpriv()
378 int cap_inode_getsecurity(struct user_namespace *mnt_userns, in cap_inode_getsecurity() argument
400 ret = (int)vfs_getxattr_alloc(mnt_userns, dentry, XATTR_NAME_CAPS, in cap_inode_getsecurity()
424 kroot = mapped_kuid_fs(mnt_userns, fs_ns, kroot); in cap_inode_getsecurity()
504 struct user_namespace *mnt_userns, in rootid_from_xattr() argument
515 return mapped_kuid_user(mnt_userns, fs_userns, rootkid); in rootid_from_xattr()
542 int cap_convert_nscap(struct user_namespace *mnt_userns, struct dentry *dentry, in cap_convert_nscap() argument
559 if (!capable_wrt_inode_uidgid(mnt_userns, inode, CAP_SETFCAP)) in cap_convert_nscap()
561 if (size == XATTR_CAPS_SZ_2 && (mnt_userns == fs_ns)) in cap_convert_nscap()
[all …]
Dsecurity.c1351 int security_inode_setxattr(struct user_namespace *mnt_userns, in security_inode_setxattr() argument
1363 ret = call_int_hook(inode_setxattr, 1, mnt_userns, dentry, name, value, in security_inode_setxattr()
1373 return evm_inode_setxattr(mnt_userns, dentry, name, value, size); in security_inode_setxattr()
1399 int security_inode_removexattr(struct user_namespace *mnt_userns, in security_inode_removexattr() argument
1410 ret = call_int_hook(inode_removexattr, 1, mnt_userns, dentry, name); in security_inode_removexattr()
1412 ret = cap_inode_removexattr(mnt_userns, dentry, name); in security_inode_removexattr()
1418 return evm_inode_removexattr(mnt_userns, dentry, name); in security_inode_removexattr()
1426 int security_inode_killpriv(struct user_namespace *mnt_userns, in security_inode_killpriv() argument
1429 return call_int_hook(inode_killpriv, 0, mnt_userns, dentry); in security_inode_killpriv()
1432 int security_inode_getsecurity(struct user_namespace *mnt_userns, in security_inode_getsecurity() argument
[all …]
/security/integrity/ima/
Dima.h257 int ima_get_action(struct user_namespace *mnt_userns, struct inode *inode,
271 int process_buffer_measurement(struct user_namespace *mnt_userns,
288 int ima_match_policy(struct user_namespace *mnt_userns, struct inode *inode,
321 int ima_must_appraise(struct user_namespace *mnt_userns, struct inode *inode,
349 static inline int ima_must_appraise(struct user_namespace *mnt_userns, in ima_must_appraise() argument
Dima_main.c637 void ima_post_create_tmpfile(struct user_namespace *mnt_userns, in ima_post_create_tmpfile() argument
646 must_appraise = ima_must_appraise(mnt_userns, inode, MAY_ACCESS, in ima_post_create_tmpfile()
669 void ima_post_path_mknod(struct user_namespace *mnt_userns, in ima_post_path_mknod() argument
679 must_appraise = ima_must_appraise(mnt_userns, inode, MAY_ACCESS, in ima_post_path_mknod()
879 int process_buffer_measurement(struct user_namespace *mnt_userns, in process_buffer_measurement() argument
926 action = ima_get_action(mnt_userns, inode, current_cred(), in process_buffer_measurement()
Dima_appraise.c71 int ima_must_appraise(struct user_namespace *mnt_userns, struct inode *inode, in ima_must_appraise() argument
80 return ima_match_policy(mnt_userns, inode, current_cred(), secid, in ima_must_appraise()
527 void ima_inode_post_setattr(struct user_namespace *mnt_userns, in ima_inode_post_setattr() argument
538 action = ima_must_appraise(mnt_userns, inode, MAY_ACCESS, POST_SETATTR); in ima_inode_post_setattr()
Dima_api.c188 int ima_get_action(struct user_namespace *mnt_userns, struct inode *inode, in ima_get_action() argument
198 return ima_match_policy(mnt_userns, inode, cred, secid, func, mask, in ima_get_action()
Dima_policy.c535 struct user_namespace *mnt_userns, in ima_match_rules() argument
586 !rule->fowner_op(i_uid_into_mnt(mnt_userns, inode), rule->fowner)) in ima_match_rules()
690 int ima_match_policy(struct user_namespace *mnt_userns, struct inode *inode, in ima_match_policy() argument
710 if (!ima_match_rules(entry, mnt_userns, inode, cred, secid, in ima_match_policy()
/security/apparmor/
Dlsm.c227 struct user_namespace *mnt_userns = mnt_user_ns(path->mnt); in common_perm_cond() local
229 i_uid_into_mnt(mnt_userns, d_backing_inode(path->dentry)), in common_perm_cond()
271 struct user_namespace *mnt_userns = mnt_user_ns(dir->mnt); in common_perm_rm() local
277 cond.uid = i_uid_into_mnt(mnt_userns, inode); in common_perm_rm()
367 struct user_namespace *mnt_userns = mnt_user_ns(old_dir->mnt); in apparmor_path_rename() local
373 i_uid_into_mnt(mnt_userns, d_backing_inode(old_dentry)), in apparmor_path_rename()
428 struct user_namespace *mnt_userns = file_mnt_user_ns(file); in apparmor_file_open() local
431 i_uid_into_mnt(mnt_userns, inode), in apparmor_file_open()
Dapparmorfs.c1778 static int ns_mkdir_op(struct user_namespace *mnt_userns, struct inode *dir, in ns_mkdir_op() argument
/security/smack/
Dsmack_lsm.c1241 static int smack_inode_setxattr(struct user_namespace *mnt_userns, in smack_inode_setxattr() argument
1364 static int smack_inode_removexattr(struct user_namespace *mnt_userns, in smack_inode_removexattr() argument
1380 rc = cap_inode_removexattr(mnt_userns, dentry, name); in smack_inode_removexattr()
1423 static int smack_inode_getsecurity(struct user_namespace *mnt_userns, in smack_inode_getsecurity() argument
/security/selinux/
Dhooks.c3265 static int selinux_inode_setxattr(struct user_namespace *mnt_userns, in selinux_inode_setxattr() argument
3287 return (inode_owner_or_capable(mnt_userns, inode) ? 0 : -EPERM); in selinux_inode_setxattr()
3293 if (!inode_owner_or_capable(mnt_userns, inode)) in selinux_inode_setxattr()
3416 static int selinux_inode_removexattr(struct user_namespace *mnt_userns, in selinux_inode_removexattr() argument
3420 int rc = cap_inode_removexattr(mnt_userns, dentry, name); in selinux_inode_removexattr()
3486 static int selinux_inode_getsecurity(struct user_namespace *mnt_userns, in selinux_inode_getsecurity() argument