Home
last modified time | relevance | path

Searched refs:user_ns (Results 1 – 25 of 158) sorted by relevance

1234567

/Linux-v4.19/kernel/
Dnsproxy.c65 struct task_struct *tsk, struct user_namespace *user_ns, in create_new_namespaces() argument
75 new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, user_ns, new_fs); in create_new_namespaces()
81 new_nsp->uts_ns = copy_utsname(flags, user_ns, tsk->nsproxy->uts_ns); in create_new_namespaces()
87 new_nsp->ipc_ns = copy_ipcs(flags, user_ns, tsk->nsproxy->ipc_ns); in create_new_namespaces()
94 copy_pid_ns(flags, user_ns, tsk->nsproxy->pid_ns_for_children); in create_new_namespaces()
100 new_nsp->cgroup_ns = copy_cgroup_ns(flags, user_ns, in create_new_namespaces()
107 new_nsp->net_ns = copy_net_ns(flags, user_ns, tsk->nsproxy->net_ns); in create_new_namespaces()
141 struct user_namespace *user_ns = task_cred_xxx(tsk, user_ns); in copy_namespaces() local
151 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_namespaces()
165 new_ns = create_new_namespaces(flags, tsk, user_ns, tsk->fs); in copy_namespaces()
[all …]
Dutsname.c49 static struct uts_namespace *clone_uts_ns(struct user_namespace *user_ns, in clone_uts_ns() argument
57 ucounts = inc_uts_namespaces(user_ns); in clone_uts_ns()
75 ns->user_ns = get_user_ns(user_ns); in clone_uts_ns()
94 struct user_namespace *user_ns, struct uts_namespace *old_ns) in copy_utsname() argument
104 new_ns = clone_uts_ns(user_ns, old_ns); in copy_utsname()
116 put_user_ns(ns->user_ns); in free_uts_ns()
151 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in utsns_install()
163 return to_uts_ns(ns)->user_ns; in utsns_owner()
Duid16.c70 ruid = high2lowuid(from_kuid_munged(cred->user_ns, cred->uid)); in SYSCALL_DEFINE3()
71 euid = high2lowuid(from_kuid_munged(cred->user_ns, cred->euid)); in SYSCALL_DEFINE3()
72 suid = high2lowuid(from_kuid_munged(cred->user_ns, cred->suid)); in SYSCALL_DEFINE3()
93 rgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->gid)); in SYSCALL_DEFINE3()
94 egid = high2lowgid(from_kgid_munged(cred->user_ns, cred->egid)); in SYSCALL_DEFINE3()
95 sgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->sgid)); in SYSCALL_DEFINE3()
117 struct user_namespace *user_ns = current_user_ns(); in groups16_to_user() local
124 group = high2lowgid(from_kgid_munged(user_ns, kgid)); in groups16_to_user()
135 struct user_namespace *user_ns = current_user_ns(); in groups16_from_user() local
144 kgid = make_kgid(user_ns, low2highgid(group)); in groups16_from_user()
Dpid_namespace.c77 static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns, in create_pid_namespace() argument
86 if (!in_userns(parent_pid_ns->user_ns, user_ns)) in create_pid_namespace()
92 ucounts = inc_pid_namespaces(user_ns); in create_pid_namespace()
115 ns->user_ns = get_user_ns(user_ns); in create_pid_namespace()
136 put_user_ns(ns->user_ns); in delayed_free_pidns()
150 struct user_namespace *user_ns, struct pid_namespace *old_ns) in copy_pid_ns() argument
156 return create_pid_namespace(user_ns, old_ns); in copy_pid_ns()
273 if (write && !ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN)) in pid_ns_ctl_handler()
388 if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || in pidns_install()
434 return to_pid_ns(ns)->user_ns; in pidns_owner()
Dgroups.c45 struct user_namespace *user_ns = current_user_ns(); in groups_to_user() local
51 gid = from_kgid_munged(user_ns, group_info->gid[i]); in groups_to_user()
62 struct user_namespace *user_ns = current_user_ns(); in groups_from_user() local
72 kgid = make_kgid(user_ns, gid); in groups_from_user()
179 struct user_namespace *user_ns = current_user_ns(); in may_setgroups() local
181 return ns_capable(user_ns, CAP_SETGID) && in may_setgroups()
182 userns_may_setgroups(user_ns); in may_setgroups()
Duser_namespace.c47 static void set_cred_user_ns(struct cred *cred, struct user_namespace *user_ns) in set_cred_user_ns() argument
63 cred->user_ns = user_ns; in set_cred_user_ns()
76 struct user_namespace *ns, *parent_ns = new->user_ns; in create_user_ns()
1244 struct user_namespace *user_ns; in userns_get() local
1247 user_ns = get_user_ns(__task_cred(task)->user_ns); in userns_get()
1250 return user_ns ? &user_ns->ns : NULL; in userns_get()
1260 struct user_namespace *user_ns = to_user_ns(ns); in userns_install() local
1266 if (user_ns == current_user_ns()) in userns_install()
1276 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in userns_install()
1283 put_user_ns(cred->user_ns); in userns_install()
[all …]
Dsys.c160 if (ns_capable(pcred->user_ns, CAP_SYS_NICE)) in set_one_prio_perm()
233 uid = make_kuid(cred->user_ns, who); in SYSCALL_DEFINE3()
301 uid = make_kuid(cred->user_ns, who); in SYSCALL_DEFINE2()
372 ns_capable(old->user_ns, CAP_SETGID)) in __sys_setregid()
381 ns_capable(old->user_ns, CAP_SETGID)) in __sys_setregid()
427 if (ns_capable(old->user_ns, CAP_SETGID)) in __sys_setgid()
516 !ns_capable(old->user_ns, CAP_SETUID)) in __sys_setreuid()
525 !ns_capable(old->user_ns, CAP_SETUID)) in __sys_setreuid()
584 if (ns_capable(old->user_ns, CAP_SETUID)) { in __sys_setuid()
646 if (!ns_capable(old->user_ns, CAP_SETUID)) { in __sys_setresuid()
[all …]
/Linux-v4.19/net/netfilter/
Dxt_owner.c32 (current_user_ns() != net->user_ns)) in owner_check()
37 kuid_t uid_min = make_kuid(net->user_ns, info->uid_min); in owner_check()
38 kuid_t uid_max = make_kuid(net->user_ns, info->uid_max); in owner_check()
49 kgid_t gid_min = make_kgid(net->user_ns, info->gid_min); in owner_check()
50 kgid_t gid_max = make_kgid(net->user_ns, info->gid_max); in owner_check()
85 kuid_t uid_min = make_kuid(net->user_ns, info->uid_min); in owner_mt()
86 kuid_t uid_max = make_kuid(net->user_ns, info->uid_max); in owner_mt()
94 kgid_t gid_min = make_kgid(net->user_ns, info->gid_min); in owner_mt()
95 kgid_t gid_max = make_kgid(net->user_ns, info->gid_max); in owner_mt()
/Linux-v4.19/ipc/
Dnamespace.c32 static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns, in create_ipc_ns() argument
40 ucounts = inc_ipc_namespaces(user_ns); in create_ipc_ns()
55 ns->user_ns = get_user_ns(user_ns); in create_ipc_ns()
69 put_user_ns(ns->user_ns); in create_ipc_ns()
80 struct user_namespace *user_ns, struct ipc_namespace *ns) in copy_ipcs() argument
84 return create_ipc_ns(user_ns, ns); in copy_ipcs()
125 put_user_ns(ns->user_ns); in free_ipc_ns()
183 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in ipcns_install()
196 return to_ipc_ns(ns)->user_ns; in ipcns_owner()
/Linux-v4.19/kernel/cgroup/
Dnamespace.c44 put_user_ns(ns->user_ns); in free_cgroup_ns()
51 struct user_namespace *user_ns, in copy_cgroup_ns() argument
66 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_cgroup_ns()
69 ucounts = inc_cgroup_namespaces(user_ns); in copy_cgroup_ns()
86 new_ns->user_ns = get_user_ns(user_ns); in copy_cgroup_ns()
103 !ns_capable(cgroup_ns->user_ns, CAP_SYS_ADMIN)) in cgroupns_install()
140 return to_cg_ns(ns)->user_ns; in cgroupns_owner()
/Linux-v4.19/net/bridge/
Dbr_ioctl.c93 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
185 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
192 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
199 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
206 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
246 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
254 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
263 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
277 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
340 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
[all …]
/Linux-v4.19/security/keys/
Dproc.c71 struct user_namespace *user_ns = seq_user_ns(p); in key_serial_next() local
76 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
85 struct user_namespace *user_ns = seq_user_ns(p); in find_ge_key() local
108 if (kuid_has_mapping(user_ns, minkey->user->uid)) in find_ge_key()
253 static struct rb_node *__key_user_next(struct user_namespace *user_ns, struct rb_node *n) in __key_user_next() argument
257 if (kuid_has_mapping(user_ns, user->uid)) in __key_user_next()
264 static struct rb_node *key_user_next(struct user_namespace *user_ns, struct rb_node *n) in key_user_next() argument
266 return __key_user_next(user_ns, rb_next(n)); in key_user_next()
269 static struct rb_node *key_user_first(struct user_namespace *user_ns, struct rb_root *r) in key_user_first() argument
272 return __key_user_next(user_ns, n); in key_user_first()
/Linux-v4.19/security/
Dcommoncap.c82 if (ns == cred->user_ns) in cap_capable()
89 if (ns->level <= cred->user_ns->level) in cap_capable()
96 if ((ns->parent == cred->user_ns) && uid_eq(ns->owner, cred->euid)) in cap_capable()
152 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_access_check()
155 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
184 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_traceme()
187 if (has_ns_capability(parent, child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_traceme()
230 if (cap_capable(current_cred(), current_cred()->user_ns, in cap_inh_is_capped()
830 root_uid = make_kuid(new->user_ns, 0); in cap_bprm_set_creds()
847 !ptracer_capable(current, new->user_ns))) { in cap_bprm_set_creds()
[all …]
/Linux-v4.19/include/linux/
Dutsname.h27 struct user_namespace *user_ns; member
40 struct user_namespace *user_ns, struct uts_namespace *old_ns);
59 struct user_namespace *user_ns, struct uts_namespace *old_ns) in copy_utsname() argument
Dpid_namespace.h41 struct user_namespace *user_ns; member
63 struct user_namespace *user_ns, struct pid_namespace *ns);
77 struct user_namespace *user_ns, struct pid_namespace *ns) in copy_pid_ns() argument
Dipc_namespace.h67 struct user_namespace *user_ns; member
123 struct user_namespace *user_ns, struct ipc_namespace *ns);
135 struct user_namespace *user_ns, struct ipc_namespace *ns) in copy_ipcs() argument
Dtsacct_kern.h14 extern void bacct_add_tsk(struct user_namespace *user_ns,
18 static inline void bacct_add_tsk(struct user_namespace *user_ns, in bacct_add_tsk() argument
Dposix_acl_xattr.h47 struct posix_acl *posix_acl_from_xattr(struct user_namespace *user_ns,
49 int posix_acl_to_xattr(struct user_namespace *user_ns,
/Linux-v4.19/fs/
Dposix_acl.c209 posix_acl_valid(struct user_namespace *user_ns, const struct posix_acl *acl) in posix_acl_valid() argument
229 if (!kuid_has_mapping(user_ns, pa->e_uid)) in posix_acl_valid()
244 if (!kgid_has_mapping(user_ns, pa->e_gid)) in posix_acl_valid()
706 struct user_namespace *user_ns = current_user_ns(); in posix_acl_fix_xattr_from_user() local
707 if (user_ns == &init_user_ns) in posix_acl_fix_xattr_from_user()
709 posix_acl_fix_xattr_userns(&init_user_ns, user_ns, value, size); in posix_acl_fix_xattr_from_user()
714 struct user_namespace *user_ns = current_user_ns(); in posix_acl_fix_xattr_to_user() local
715 if (user_ns == &init_user_ns) in posix_acl_fix_xattr_to_user()
717 posix_acl_fix_xattr_userns(user_ns, &init_user_ns, value, size); in posix_acl_fix_xattr_to_user()
724 posix_acl_from_xattr(struct user_namespace *user_ns, in posix_acl_from_xattr() argument
[all …]
/Linux-v4.19/arch/s390/kernel/
Dcompat_linux.c139 ruid = high2lowuid(from_kuid_munged(cred->user_ns, cred->uid)); in COMPAT_SYSCALL_DEFINE3()
140 euid = high2lowuid(from_kuid_munged(cred->user_ns, cred->euid)); in COMPAT_SYSCALL_DEFINE3()
141 suid = high2lowuid(from_kuid_munged(cred->user_ns, cred->suid)); in COMPAT_SYSCALL_DEFINE3()
163 rgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->gid)); in COMPAT_SYSCALL_DEFINE3()
164 egid = high2lowgid(from_kgid_munged(cred->user_ns, cred->egid)); in COMPAT_SYSCALL_DEFINE3()
165 sgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->sgid)); in COMPAT_SYSCALL_DEFINE3()
186 struct user_namespace *user_ns = current_user_ns(); in groups16_to_user() local
193 group = (u16)from_kgid_munged(user_ns, kgid); in groups16_to_user()
203 struct user_namespace *user_ns = current_user_ns(); in groups16_from_user() local
212 kgid = make_kgid(user_ns, (gid_t)group); in groups16_from_user()
/Linux-v4.19/net/
Dsysctl_net.c47 if (ns_capable_noaudit(net->user_ns, CAP_NET_ADMIN)) { in net_ctl_permissions()
63 ns_root_uid = make_kuid(net->user_ns, 0); in net_ctl_set_ownership()
67 ns_root_gid = make_kgid(net->user_ns, 0); in net_ctl_set_ownership()
/Linux-v4.19/net/core/
Dnet_namespace.c298 static __net_init int setup_net(struct net *net, struct user_namespace *user_ns) in setup_net() argument
308 net->user_ns = user_ns; in setup_net()
411 struct user_namespace *user_ns, struct net *old_net) in copy_net_ns() argument
420 ucounts = inc_net_namespaces(user_ns); in copy_net_ns()
431 get_user_ns(user_ns); in copy_net_ns()
437 rv = setup_net(net, user_ns); in copy_net_ns()
443 put_user_ns(user_ns); in copy_net_ns()
464 kuid_t ns_root_uid = make_kuid(net->user_ns, 0); in net_ns_get_ownership()
465 kgid_t ns_root_gid = make_kgid(net->user_ns, 0); in net_ns_get_ownership()
568 put_user_ns(net->user_ns); in cleanup_net()
[all …]
Dscm.c51 kuid_t uid = make_kuid(cred->user_ns, creds->uid); in scm_check_creds()
52 kgid_t gid = make_kgid(cred->user_ns, creds->gid); in scm_check_creds()
58 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && in scm_check_creds()
60 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
62 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
/Linux-v4.19/fs/proc/
Darray.c155 struct user_namespace *user_ns = seq_user_ns(m); in task_state() local
193 seq_put_decimal_ull(m, "\nUid:\t", from_kuid_munged(user_ns, cred->uid)); in task_state()
194 seq_put_decimal_ull(m, "\t", from_kuid_munged(user_ns, cred->euid)); in task_state()
195 seq_put_decimal_ull(m, "\t", from_kuid_munged(user_ns, cred->suid)); in task_state()
196 seq_put_decimal_ull(m, "\t", from_kuid_munged(user_ns, cred->fsuid)); in task_state()
197 seq_put_decimal_ull(m, "\nGid:\t", from_kgid_munged(user_ns, cred->gid)); in task_state()
198 seq_put_decimal_ull(m, "\t", from_kgid_munged(user_ns, cred->egid)); in task_state()
199 seq_put_decimal_ull(m, "\t", from_kgid_munged(user_ns, cred->sgid)); in task_state()
200 seq_put_decimal_ull(m, "\t", from_kgid_munged(user_ns, cred->fsgid)); in task_state()
207 from_kgid_munged(user_ns, group_info->gid[g])); in task_state()
/Linux-v4.19/net/smc/
Dsmc_diag.c66 struct user_namespace *user_ns) in smc_diag_msg_attrs_fill() argument
71 r->diag_uid = from_kuid_munged(user_ns, sock_i_uid(sk)); in smc_diag_msg_attrs_fill()
83 struct user_namespace *user_ns; in __smc_diag_dump() local
101 user_ns = sk_user_ns(NETLINK_CB(cb->skb).sk); in __smc_diag_dump()
102 if (smc_diag_msg_attrs_fill(sk, skb, r, user_ns)) in __smc_diag_dump()

1234567