Home
last modified time | relevance | path

Searched refs:user_ns (Results 1 – 6 of 6) sorted by relevance

/security/keys/
Dproc.c66 struct user_namespace *user_ns = seq_user_ns(p); in key_serial_next() local
71 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
80 struct user_namespace *user_ns = seq_user_ns(p); in find_ge_key() local
103 if (kuid_has_mapping(user_ns, minkey->user->uid)) in find_ge_key()
252 static struct rb_node *__key_user_next(struct user_namespace *user_ns, struct rb_node *n) in __key_user_next() argument
256 if (kuid_has_mapping(user_ns, user->uid)) in __key_user_next()
263 static struct rb_node *key_user_next(struct user_namespace *user_ns, struct rb_node *n) in key_user_next() argument
265 return __key_user_next(user_ns, rb_next(n)); in key_user_next()
268 static struct rb_node *key_user_first(struct user_namespace *user_ns, struct rb_root *r) in key_user_first() argument
271 return __key_user_next(user_ns, n); in key_user_first()
Dprocess_keys.c38 static struct key *get_user_register(struct user_namespace *user_ns) in get_user_register() argument
40 struct key *reg_keyring = READ_ONCE(user_ns->user_keyring_register); in get_user_register()
45 down_write(&user_ns->keyring_sem); in get_user_register()
50 reg_keyring = user_ns->user_keyring_register; in get_user_register()
53 user_ns->owner, INVALID_GID, in get_user_register()
60 smp_store_release(&user_ns->user_keyring_register, in get_user_register()
64 up_write(&user_ns->keyring_sem); in get_user_register()
78 struct user_namespace *user_ns = current_user_ns(); in look_up_user_keyrings() local
82 uid_t uid = from_kuid(user_ns, cred->user->uid); in look_up_user_keyrings()
90 reg_keyring = get_user_register(user_ns); in look_up_user_keyrings()
[all …]
/security/
Dcommoncap.c77 if (ns == cred->user_ns) in cap_capable()
84 if (ns->level <= cred->user_ns->level) in cap_capable()
91 if ((ns->parent == cred->user_ns) && uid_eq(ns->owner, cred->euid)) in cap_capable()
147 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_access_check()
150 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
179 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_traceme()
182 if (has_ns_capability(parent, child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_traceme()
224 if (cap_capable(current_cred(), current_cred()->user_ns, in cap_inh_is_capped()
909 root_uid = make_kuid(new->user_ns, 0); in cap_bprm_creds_from_file()
926 !ptracer_capable(current, new->user_ns))) { in cap_bprm_creds_from_file()
[all …]
/security/safesetid/
Dsecurityfs.c54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
/security/apparmor/
Dpolicy.c645 struct user_namespace *user_ns = current_user_ns(); in policy_view_capable() local
647 bool root_in_user_ns = uid_eq(current_euid(), make_kuid(user_ns, 0)) || in policy_view_capable()
648 in_egroup_p(make_kgid(user_ns, 0)); in policy_view_capable()
654 (user_ns == &init_user_ns || in policy_view_capable()
656 user_ns->level == view_ns->level))) in policy_view_capable()
665 struct user_namespace *user_ns = current_user_ns(); in policy_admin_capable() local
666 bool capable = ns_capable(user_ns, CAP_MAC_ADMIN); in policy_admin_capable()
/security/yama/
Dyama_lsm.c371 !ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
377 if (!ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()