295 		       struct user_namespace *ns, int cap)  in has_ns_capability()  argument
300 	ret = security_capable(__task_cred(t), ns, cap, CAP_OPT_NONE);  in has_ns_capability()
336 			       struct user_namespace *ns, int cap)  in has_ns_capability_noaudit()  argument
341 	ret = security_capable(__task_cred(t), ns, cap, CAP_OPT_NOAUDIT);  in has_ns_capability_noaudit()
365 static bool ns_capable_common(struct user_namespace *ns,  in ns_capable_common()  argument
376 	capable = security_capable(current_cred(), ns, cap, opts);  in ns_capable_common()
395 bool ns_capable(struct user_namespace *ns, int cap)  in ns_capable()  argument
397 	return ns_capable_common(ns, cap, CAP_OPT_NONE);  in ns_capable()
413 bool ns_capable_noaudit(struct user_namespace *ns, int cap)  in ns_capable_noaudit()  argument
415 	return ns_capable_common(ns, cap, CAP_OPT_NOAUDIT);  in ns_capable_noaudit()
432 bool ns_capable_setid(struct user_namespace *ns, int cap)  in ns_capable_setid()  argument
434 	return ns_capable_common(ns, cap, CAP_OPT_INSETID);  in ns_capable_setid()
467 bool file_ns_capable(const struct file *file, struct user_namespace *ns,  in file_ns_capable()  argument
474 	if (security_capable(file->f_cred, ns, cap, CAP_OPT_NONE) == 0)  in file_ns_capable()
488 bool privileged_wrt_inode_uidgid(struct user_namespace *ns,  in privileged_wrt_inode_uidgid()  argument
492 	return kuid_has_mapping(ns, i_uid_into_mnt(mnt_userns, inode)) &&  in privileged_wrt_inode_uidgid()
493 	       kgid_has_mapping(ns, i_gid_into_mnt(mnt_userns, inode));  in privileged_wrt_inode_uidgid()
508 	struct user_namespace *ns = current_user_ns();  in capable_wrt_inode_uidgid()  local
510 	return ns_capable(ns, cap) &&  in capable_wrt_inode_uidgid()
511 	       privileged_wrt_inode_uidgid(ns, mnt_userns, inode);  in capable_wrt_inode_uidgid()
523 bool ptracer_capable(struct task_struct *tsk, struct user_namespace *ns)  in ptracer_capable()  argument
531 		ret = security_capable(cred, ns, CAP_SYS_PTRACE,  in ptracer_capable()