| /Linux-v4.19/kernel/ |
| D | cred.c | 44 struct cred init_cred = {
68 static inline void set_cred_subscribers(struct cred *cred, int n) in set_cred_subscribers() argument
71 atomic_set(&cred->subscribers, n); in set_cred_subscribers()
75 static inline int read_cred_subscribers(const struct cred *cred) in read_cred_subscribers() argument
78 return atomic_read(&cred->subscribers); in read_cred_subscribers()
84 static inline void alter_cred_subscribers(const struct cred *_cred, int n) in alter_cred_subscribers()
87 struct cred *cred = (struct cred *) _cred; in alter_cred_subscribers() local
89 atomic_add(n, &cred->subscribers); in alter_cred_subscribers()
98 struct cred *cred = container_of(rcu, struct cred, rcu); in put_cred_rcu() local
100 kdebug("put_cred_rcu(%p)", cred); in put_cred_rcu()
[all …]
|
| D | uid16.c | 66 const struct cred *cred = current_cred(); in SYSCALL_DEFINE3() local
70 ruid = high2lowuid(from_kuid_munged(cred->user_ns, cred->uid)); in SYSCALL_DEFINE3()
71 euid = high2lowuid(from_kuid_munged(cred->user_ns, cred->euid)); in SYSCALL_DEFINE3()
72 suid = high2lowuid(from_kuid_munged(cred->user_ns, cred->suid)); in SYSCALL_DEFINE3()
89 const struct cred *cred = current_cred(); in SYSCALL_DEFINE3() local
93 rgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->gid)); in SYSCALL_DEFINE3()
94 egid = high2lowgid(from_kgid_munged(cred->user_ns, cred->egid)); in SYSCALL_DEFINE3()
95 sgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->sgid)); in SYSCALL_DEFINE3()
156 const struct cred *cred = current_cred(); in SYSCALL_DEFINE2() local
162 i = cred->group_info->ngroups; in SYSCALL_DEFINE2()
[all …]
|
| D | groups.c | 123 void set_groups(struct cred *new, struct group_info *group_info) in set_groups()
141 struct cred *new; in set_current_groups()
155 const struct cred *cred = current_cred(); in SYSCALL_DEFINE2() local
162 i = cred->group_info->ngroups; in SYSCALL_DEFINE2()
168 if (groups_to_user(grouplist, cred->group_info)) { in SYSCALL_DEFINE2()
221 const struct cred *cred = current_cred(); in in_group_p() local
224 if (!gid_eq(grp, cred->fsgid)) in in_group_p()
225 retval = groups_search(cred->group_info, grp); in in_group_p()
233 const struct cred *cred = current_cred(); in in_egroup_p() local
236 if (!gid_eq(grp, cred->egid)) in in_egroup_p()
[all …]
|
| /Linux-v4.19/include/linux/ |
| D | cred.h | 24 struct cred;
71 extern void set_groups(struct cred *, struct group_info *);
116 struct cred { struct
156 extern void __put_cred(struct cred *); argument
159 extern const struct cred *get_task_cred(struct task_struct *);
160 extern struct cred *cred_alloc_blank(void);
161 extern struct cred *prepare_creds(void);
162 extern struct cred *prepare_exec_creds(void);
163 extern int commit_creds(struct cred *);
164 extern void abort_creds(struct cred *);
[all …]
|
| D | security.h | 36 struct cred;
74 extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
80 extern int cap_capset(struct cred *new, const struct cred *old,
95 extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags);
232 int security_capset(struct cred *new, const struct cred *old,
236 int security_capable(const struct cred *cred, struct user_namespace *ns,
238 int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,
274 const struct cred *old,
275 struct cred *new);
316 int security_inode_copy_up(struct dentry *src, struct cred **new);
[all …]
|
| D | lsm_hooks.h | 1445 int (*capset)(struct cred *new, const struct cred *old,
1449 int (*capable)(const struct cred *cred, struct user_namespace *ns,
1487 const struct cred *old,
1488 struct cred *new);
1556 int (*inode_copy_up)(struct dentry *src, struct cred **new);
1580 int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp);
1581 void (*cred_free)(struct cred *cred);
1582 int (*cred_prepare)(struct cred *new, const struct cred *old,
1584 void (*cred_transfer)(struct cred *new, const struct cred *old);
1585 void (*cred_getsecid)(const struct cred *c, u32 *secid);
[all …]
|
| /Linux-v4.19/net/sunrpc/ |
| D | auth.c | 299 rpcauth_unhash_cred_locked(struct rpc_cred *cred) in rpcauth_unhash_cred_locked() argument
301 hlist_del_rcu(&cred->cr_hash); in rpcauth_unhash_cred_locked()
303 clear_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags); in rpcauth_unhash_cred_locked()
307 rpcauth_unhash_cred(struct rpc_cred *cred) in rpcauth_unhash_cred() argument
312 cache_lock = &cred->cr_auth->au_credcache->lock; in rpcauth_unhash_cred()
314 ret = atomic_read(&cred->cr_count) == 0; in rpcauth_unhash_cred()
316 rpcauth_unhash_cred_locked(cred); in rpcauth_unhash_cred()
352 rpcauth_key_timeout_notify(struct rpc_auth *auth, struct rpc_cred *cred) in rpcauth_key_timeout_notify() argument
354 if (!cred->cr_auth->au_ops->key_timeout) in rpcauth_key_timeout_notify()
356 return cred->cr_auth->au_ops->key_timeout(auth, cred); in rpcauth_key_timeout_notify()
[all …]
|
| D | auth_unix.c | 68 struct unx_cred *cred; in unx_create_cred() local
76 if (!(cred = kmalloc(sizeof(*cred), gfp))) in unx_create_cred()
79 rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops); in unx_create_cred()
80 cred->uc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE; in unx_create_cred()
87 cred->uc_gid = acred->gid; in unx_create_cred()
89 cred->uc_gids[i] = acred->group_info->gid[i]; in unx_create_cred()
91 cred->uc_gids[i] = INVALID_GID; in unx_create_cred()
93 return &cred->uc_base; in unx_create_cred()
111 unx_destroy_cred(struct rpc_cred *cred) in unx_destroy_cred() argument
113 call_rcu(&cred->cr_rcu, unx_free_cred_callback); in unx_destroy_cred()
[all …]
|
| D | auth_generic.c | 73 struct rpc_cred *cred, int lookupflags) in generic_bind_cred() argument
76 struct auth_cred *acred = &container_of(cred, struct generic_cred, gc_base)->acred; in generic_bind_cred()
128 generic_free_cred(struct rpc_cred *cred) in generic_free_cred() argument
130 struct generic_cred *gcred = container_of(cred, struct generic_cred, gc_base); in generic_free_cred()
141 struct rpc_cred *cred = container_of(head, struct rpc_cred, cr_rcu); in generic_free_cred_callback() local
142 generic_free_cred(cred); in generic_free_cred_callback()
146 generic_destroy_cred(struct rpc_cred *cred) in generic_destroy_cred() argument
148 call_rcu(&cred->cr_rcu, generic_free_cred_callback); in generic_destroy_cred()
166 generic_match(struct auth_cred *acred, struct rpc_cred *cred, int flags) in generic_match() argument
168 struct generic_cred *gcred = container_of(cred, struct generic_cred, gc_base); in generic_match()
[all …]
|
| /Linux-v4.19/security/keys/ |
| D | process_keys.c | 47 const struct cred *cred; in install_user_keyrings() local
55 cred = current_cred(); in install_user_keyrings()
56 user = cred->user; in install_user_keyrings()
57 uid = from_kuid(cred->user_ns, user->uid); in install_user_keyrings()
79 cred, user_keyring_perm, in install_user_keyrings()
97 cred, user_keyring_perm, in install_user_keyrings()
138 int install_thread_keyring_to_cred(struct cred *new) in install_thread_keyring_to_cred()
163 struct cred *new; in install_thread_keyring()
185 int install_process_keyring_to_cred(struct cred *new) in install_process_keyring_to_cred()
210 struct cred *new; in install_process_keyring()
[all …]
|
| D | request_key_auth.c | 117 if (rka->cred) { in request_key_auth_revoke()
118 put_cred(rka->cred); in request_key_auth_revoke()
119 rka->cred = NULL; in request_key_auth_revoke()
129 if (rka->cred) in free_request_key_auth()
130 put_cred(rka->cred); in free_request_key_auth()
155 const struct cred *cred = current->cred; in request_key_auth_new() local
173 if (cred->request_key_auth) { in request_key_auth_new()
175 down_read(&cred->request_key_auth->sem); in request_key_auth_new()
180 &cred->request_key_auth->flags)) { in request_key_auth_new()
181 up_read(&cred->request_key_auth->sem); in request_key_auth_new()
[all …]
|
| D | request_key.c | 56 static int umh_keys_init(struct subprocess_info *info, struct cred *cred) in umh_keys_init() argument
60 return install_session_keyring_to_cred(cred, keyring); in umh_keys_init()
99 const struct cred *cred = current_cred(); in call_sbin_request_key() local
117 cred = get_current_cred(); in call_sbin_request_key()
118 keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred, in call_sbin_request_key()
121 put_cred(cred); in call_sbin_request_key()
133 sprintf(uid_str, "%d", from_kuid(&init_user_ns, cred->fsuid)); in call_sbin_request_key()
134 sprintf(gid_str, "%d", from_kgid(&init_user_ns, cred->fsgid)); in call_sbin_request_key()
141 cred->thread_keyring ? cred->thread_keyring->serial : 0); in call_sbin_request_key()
144 if (cred->process_keyring) in call_sbin_request_key()
[all …]
|
| D | permission.c | 30 int key_task_permission(const key_ref_t key_ref, const struct cred *cred, in key_task_permission() argument
40 if (uid_eq(key->uid, cred->fsuid)) { in key_task_permission()
48 if (gid_eq(key->gid, cred->fsgid)) { in key_task_permission()
53 ret = groups_search(cred->group_info, key->gid); in key_task_permission()
77 return security_key_permission(key_ref, cred, perm); in key_task_permission()
|
| /Linux-v4.19/include/linux/sunrpc/ |
| D | svcauth.h | 38 static inline void init_svc_cred(struct svc_cred *cred) in init_svc_cred() argument
40 cred->cr_group_info = NULL; in init_svc_cred()
41 cred->cr_raw_principal = NULL; in init_svc_cred()
42 cred->cr_principal = NULL; in init_svc_cred()
43 cred->cr_targ_princ = NULL; in init_svc_cred()
44 cred->cr_gss_mech = NULL; in init_svc_cred()
47 static inline void free_svc_cred(struct svc_cred *cred) in free_svc_cred() argument
49 if (cred->cr_group_info) in free_svc_cred()
50 put_group_info(cred->cr_group_info); in free_svc_cred()
51 kfree(cred->cr_raw_principal); in free_svc_cred()
[all …]
|
| /Linux-v4.19/security/ |
| D | commoncap.c | 71 int cap_capable(const struct cred *cred, struct user_namespace *targ_ns, in cap_capable() argument
82 if (ns == cred->user_ns) in cap_capable()
83 return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM; in cap_capable()
89 if (ns->level <= cred->user_ns->level) in cap_capable()
96 if ((ns->parent == cred->user_ns) && uid_eq(ns->owner, cred->euid)) in cap_capable()
142 const struct cred *cred, *child_cred; in cap_ptrace_access_check() local
146 cred = current_cred(); in cap_ptrace_access_check()
149 caller_caps = &cred->cap_effective; in cap_ptrace_access_check()
151 caller_caps = &cred->cap_permitted; in cap_ptrace_access_check()
152 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_access_check()
[all …]
|
| /Linux-v4.19/net/sunrpc/auth_gss/ |
| D | auth_gss.c | 137 gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx) in gss_cred_set_ctx() argument
139 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base); in gss_cred_set_ctx()
141 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags)) in gss_cred_set_ctx()
145 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); in gss_cred_set_ctx()
147 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags); in gss_cred_set_ctx()
180 gss_cred_get_ctx(struct rpc_cred *cred) in gss_cred_get_ctx() argument
182 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base); in gss_cred_get_ctx()
563 gss_setup_upcall(struct gss_auth *gss_auth, struct rpc_cred *cred) in gss_setup_upcall() argument
565 struct gss_cred *gss_cred = container_of(cred, in gss_setup_upcall()
568 kuid_t uid = cred->cr_uid; in gss_setup_upcall()
[all …]
|
| /Linux-v4.19/fs/cifs/ |
| D | cifs_spnego.c | 33 static const struct cred *spnego_cred;
108 const struct cred *saved_cred; in cifs_get_spnego_key()
190 struct cred *cred; in init_cifs_spnego() local
202 cred = prepare_kernel_cred(NULL); in init_cifs_spnego()
203 if (!cred) in init_cifs_spnego()
207 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, in init_cifs_spnego()
225 cred->thread_keyring = keyring; in init_cifs_spnego()
226 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; in init_cifs_spnego()
227 spnego_cred = cred; in init_cifs_spnego()
235 put_cred(cred); in init_cifs_spnego()
|
| /Linux-v4.19/fs/nfs/ |
| D | nfs4state.c | 90 int nfs4_init_clientid(struct nfs_client *clp, struct rpc_cred *cred) in nfs4_init_clientid() argument
106 status = nfs4_proc_setclientid(clp, NFS4_CALLBACK, port, cred, &clid); in nfs4_init_clientid()
113 status = nfs4_proc_setclientid_confirm(clp, &clid, cred); in nfs4_init_clientid()
137 struct rpc_cred *cred) in nfs40_discover_server_trunking() argument
151 status = nfs4_proc_setclientid(clp, NFS4_CALLBACK, port, cred, &clid); in nfs40_discover_server_trunking()
157 status = nfs40_walk_client_list(clp, result, cred); in nfs40_discover_server_trunking()
169 struct rpc_cred *cred = NULL; in nfs4_get_machine_cred_locked() local
172 cred = get_rpccred(clp->cl_machine_cred); in nfs4_get_machine_cred_locked()
173 return cred; in nfs4_get_machine_cred_locked()
178 struct rpc_cred *cred, *new; in nfs4_root_machine_cred() local
[all …]
|
| /Linux-v4.19/security/tomoyo/ |
| D | tomoyo.c | 19 static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp) in tomoyo_cred_alloc_blank()
34 static int tomoyo_cred_prepare(struct cred *new, const struct cred *old, in tomoyo_cred_prepare()
50 static void tomoyo_cred_transfer(struct cred *new, const struct cred *old) in tomoyo_cred_transfer()
60 static void tomoyo_cred_free(struct cred *cred) in tomoyo_cred_free() argument
62 struct tomoyo_domain_info *domain = cred->security; in tomoyo_cred_free()
97 bprm->cred->security)->users); in tomoyo_bprm_set_creds()
102 bprm->cred->security = NULL; in tomoyo_bprm_set_creds()
115 struct tomoyo_domain_info *domain = bprm->cred->security; in tomoyo_bprm_check_security()
541 struct cred *cred = (struct cred *) current_cred(); in tomoyo_init() local
548 cred->security = &tomoyo_kernel_domain; in tomoyo_init()
|
| /Linux-v4.19/security/apparmor/include/ |
| D | cred.h | 37 static inline struct aa_label *aa_cred_raw_label(const struct cred *cred) in aa_cred_raw_label() argument
39 struct aa_label *label = cred_label(cred); in aa_cred_raw_label()
51 static inline struct aa_label *aa_get_newest_cred_label(const struct cred *cred) in aa_get_newest_cred_label() argument
53 return aa_get_newest_label(aa_cred_raw_label(cred)); in aa_get_newest_cred_label()
|
| /Linux-v4.19/arch/s390/kernel/ |
| D | compat_linux.c | 135 const struct cred *cred = current_cred(); in COMPAT_SYSCALL_DEFINE3() local
139 ruid = high2lowuid(from_kuid_munged(cred->user_ns, cred->uid)); in COMPAT_SYSCALL_DEFINE3()
140 euid = high2lowuid(from_kuid_munged(cred->user_ns, cred->euid)); in COMPAT_SYSCALL_DEFINE3()
141 suid = high2lowuid(from_kuid_munged(cred->user_ns, cred->suid)); in COMPAT_SYSCALL_DEFINE3()
159 const struct cred *cred = current_cred(); in COMPAT_SYSCALL_DEFINE3() local
163 rgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->gid)); in COMPAT_SYSCALL_DEFINE3()
164 egid = high2lowgid(from_kgid_munged(cred->user_ns, cred->egid)); in COMPAT_SYSCALL_DEFINE3()
165 sgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->sgid)); in COMPAT_SYSCALL_DEFINE3()
224 const struct cred *cred = current_cred(); in COMPAT_SYSCALL_DEFINE2() local
230 get_group_info(cred->group_info); in COMPAT_SYSCALL_DEFINE2()
[all …]
|
| /Linux-v4.19/net/dns_resolver/ |
| D | dns_key.c | 44 const struct cred *dns_resolver_cache;
268 struct cred *cred; in init_dns_resolver() local
278 cred = prepare_kernel_cred(NULL); in init_dns_resolver()
279 if (!cred) in init_dns_resolver()
283 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, in init_dns_resolver()
299 cred->thread_keyring = keyring; in init_dns_resolver()
300 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; in init_dns_resolver()
301 dns_resolver_cache = cred; in init_dns_resolver()
309 put_cred(cred); in init_dns_resolver()
|
| /Linux-v4.19/arch/alpha/kernel/ |
| D | asm-offsets.c | 23 DEFINE(TASK_CRED, offsetof(struct task_struct, cred)); in foo()
29 DEFINE(CRED_UID, offsetof(struct cred, uid)); in foo()
30 DEFINE(CRED_EUID, offsetof(struct cred, euid)); in foo()
31 DEFINE(CRED_GID, offsetof(struct cred, gid)); in foo()
32 DEFINE(CRED_EGID, offsetof(struct cred, egid)); in foo()
|
| /Linux-v4.19/security/selinux/ |
| D | hooks.c | 213 struct cred *cred = (struct cred *) current->real_cred; in cred_init_security() local
221 cred->security = tsec; in cred_init_security()
227 static inline u32 cred_sid(const struct cred *cred) in cred_sid() argument
231 tsec = cred->security; in cred_sid()
465 const struct cred *cred) in may_context_mount_sb_relabel() argument
467 const struct task_security_struct *tsec = cred->security; in may_context_mount_sb_relabel()
484 const struct cred *cred) in may_context_mount_inode_relabel() argument
486 const struct task_security_struct *tsec = cred->security; in may_context_mount_inode_relabel()
723 const struct cred *cred = current_cred(); in selinux_set_mnt_opts() local
898 rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred); in selinux_set_mnt_opts()
[all …]
|
| /Linux-v4.19/net/core/ |
| D | scm.c | 50 const struct cred *cred = current_cred(); in scm_check_creds() local
51 kuid_t uid = make_kuid(cred->user_ns, creds->uid); in scm_check_creds()
52 kgid_t gid = make_kgid(cred->user_ns, creds->gid); in scm_check_creds()
59 ((uid_eq(uid, cred->uid) || uid_eq(uid, cred->euid) || in scm_check_creds()
60 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
61 ((gid_eq(gid, cred->gid) || gid_eq(gid, cred->egid) || in scm_check_creds()
62 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
|
