171 			kdata[i].effective = pE.cap[i];  in SYSCALL_DEFINE2()
172 			kdata[i].permitted = pP.cap[i];  in SYSCALL_DEFINE2()
173 			kdata[i].inheritable = pI.cap[i];  in SYSCALL_DEFINE2()
250 		effective.cap[i] = kdata[i].effective;  in SYSCALL_DEFINE2()
251 		permitted.cap[i] = kdata[i].permitted;  in SYSCALL_DEFINE2()
252 		inheritable.cap[i] = kdata[i].inheritable;  in SYSCALL_DEFINE2()
255 		effective.cap[i] = 0;  in SYSCALL_DEFINE2()
256 		permitted.cap[i] = 0;  in SYSCALL_DEFINE2()
257 		inheritable.cap[i] = 0;  in SYSCALL_DEFINE2()
261 	effective.cap[CAP_LAST_U32] &= CAP_LAST_U32_VALID_MASK;  in SYSCALL_DEFINE2()
262 	permitted.cap[CAP_LAST_U32] &= CAP_LAST_U32_VALID_MASK;  in SYSCALL_DEFINE2()
263 	inheritable.cap[CAP_LAST_U32] &= CAP_LAST_U32_VALID_MASK;  in SYSCALL_DEFINE2()
287  * @cap: The capability to be tested for
295 		       struct user_namespace *ns, int cap)  in has_ns_capability()  argument
300 	ret = security_capable(__task_cred(t), ns, cap, CAP_OPT_NONE);  in has_ns_capability()
309  * @cap: The capability to be tested for
316 bool has_capability(struct task_struct *t, int cap)  in has_capability()  argument
318 	return has_ns_capability(t, &init_user_ns, cap);  in has_capability()
327  * @cap: The capability to be tested for
336 			       struct user_namespace *ns, int cap)  in has_ns_capability_noaudit()  argument
341 	ret = security_capable(__task_cred(t), ns, cap, CAP_OPT_NOAUDIT);  in has_ns_capability_noaudit()
351  * @cap: The capability to be tested for
359 bool has_capability_noaudit(struct task_struct *t, int cap)  in has_capability_noaudit()  argument
361 	return has_ns_capability_noaudit(t, &init_user_ns, cap);  in has_capability_noaudit()
365 			      int cap,  in ns_capable_common()  argument
370 	if (unlikely(!cap_valid(cap))) {  in ns_capable_common()
371 		pr_crit("capable() called with invalid cap=%u\n", cap);  in ns_capable_common()
375 	capable = security_capable(current_cred(), ns, cap, opts);  in ns_capable_common()
386  * @cap: The capability to be tested for
394 bool ns_capable(struct user_namespace *ns, int cap)  in ns_capable()  argument
396 	return ns_capable_common(ns, cap, CAP_OPT_NONE);  in ns_capable()
404  * @cap: The capability to be tested for
412 bool ns_capable_noaudit(struct user_namespace *ns, int cap)  in ns_capable_noaudit()  argument
414 	return ns_capable_common(ns, cap, CAP_OPT_NOAUDIT);  in ns_capable_noaudit()
423  * @cap: The capability to be tested for
431 bool ns_capable_setid(struct user_namespace *ns, int cap)  in ns_capable_setid()  argument
433 	return ns_capable_common(ns, cap, CAP_OPT_INSETID);  in ns_capable_setid()
439  * @cap: The capability to be tested for
447 bool capable(int cap)  in capable()  argument
449 	return ns_capable(&init_user_ns, cap);  in capable()
458  * @cap: The capability to be tested for
467 		     int cap)  in file_ns_capable()  argument
470 	if (WARN_ON_ONCE(!cap_valid(cap)))  in file_ns_capable()
473 	if (security_capable(file->f_cred, ns, cap, CAP_OPT_NONE) == 0)  in file_ns_capable()
496  * @cap: The capability in question
502 bool capable_wrt_inode_uidgid(const struct inode *inode, int cap)  in capable_wrt_inode_uidgid()  argument
506 	return ns_capable(ns, cap) && privileged_wrt_inode_uidgid(ns, inode);  in capable_wrt_inode_uidgid()