| /Linux-v5.10/include/linux/ |
| D | cred.h | 19 struct cred;
66 extern void set_groups(struct cred *, struct group_info *);
111 struct cred { struct
155 extern void __put_cred(struct cred *); argument
158 extern const struct cred *get_task_cred(struct task_struct *);
159 extern struct cred *cred_alloc_blank(void);
160 extern struct cred *prepare_creds(void);
161 extern struct cred *prepare_exec_creds(void);
162 extern int commit_creds(struct cred *);
163 extern void abort_creds(struct cred *);
[all …]
|
| D | security.h | 36 struct cred;
136 extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
142 extern int cap_capset(struct cred *new, const struct cred *old,
157 extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags);
269 int security_capset(struct cred *new, const struct cred *old,
273 int security_capable(const struct cred *cred,
317 const struct cred *old,
318 struct cred *new);
360 int security_inode_copy_up(struct dentry *src, struct cred **new);
382 int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
[all …]
|
| D | lsm_hook_defs.h | 41 LSM_HOOK(int, 0, capset, struct cred *new, const struct cred *old,
44 LSM_HOOK(int, 0, capable, const struct cred *cred, struct user_namespace *ns,
86 struct qstr *name, const struct cred *old, struct cred *new)
152 LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new)
177 LSM_HOOK(int, 0, cred_alloc_blank, struct cred *cred, gfp_t gfp)
178 LSM_HOOK(void, LSM_RET_VOID, cred_free, struct cred *cred)
179 LSM_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old,
181 LSM_HOOK(void, LSM_RET_VOID, cred_transfer, struct cred *new,
182 const struct cred *old)
183 LSM_HOOK(void, LSM_RET_VOID, cred_getsecid, const struct cred *c, u32 *secid)
[all …]
|
| D | nsproxy.h | 57 const struct cred *cred; member
60 static inline struct cred *nsset_cred(struct nsset *set) in nsset_cred()
63 return (struct cred *)set->cred; in nsset_cred()
99 struct cred *, struct fs_struct *);
|
| D | watch_queue.h | 19 struct cred;
63 const struct cred *cred; /* Creds of the owner of the watch */ member
81 const struct cred *,
104 const struct cred *cred, in post_watch_notification() argument
108 __post_watch_notification(wlist, n, cred, id); in post_watch_notification()
|
| /Linux-v5.10/kernel/ |
| D | cred.c | 41 struct cred init_cred = {
65 static inline void set_cred_subscribers(struct cred *cred, int n) in set_cred_subscribers() argument
68 atomic_set(&cred->subscribers, n); in set_cred_subscribers()
72 static inline int read_cred_subscribers(const struct cred *cred) in read_cred_subscribers() argument
75 return atomic_read(&cred->subscribers); in read_cred_subscribers()
81 static inline void alter_cred_subscribers(const struct cred *_cred, int n) in alter_cred_subscribers()
84 struct cred *cred = (struct cred *) _cred; in alter_cred_subscribers() local
86 atomic_add(n, &cred->subscribers); in alter_cred_subscribers()
95 struct cred *cred = container_of(rcu, struct cred, rcu); in put_cred_rcu() local
97 kdebug("put_cred_rcu(%p)", cred); in put_cred_rcu()
[all …]
|
| D | uid16.c | 66 const struct cred *cred = current_cred(); in SYSCALL_DEFINE3() local
70 ruid = high2lowuid(from_kuid_munged(cred->user_ns, cred->uid)); in SYSCALL_DEFINE3()
71 euid = high2lowuid(from_kuid_munged(cred->user_ns, cred->euid)); in SYSCALL_DEFINE3()
72 suid = high2lowuid(from_kuid_munged(cred->user_ns, cred->suid)); in SYSCALL_DEFINE3()
89 const struct cred *cred = current_cred(); in SYSCALL_DEFINE3() local
93 rgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->gid)); in SYSCALL_DEFINE3()
94 egid = high2lowgid(from_kgid_munged(cred->user_ns, cred->egid)); in SYSCALL_DEFINE3()
95 sgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->sgid)); in SYSCALL_DEFINE3()
156 const struct cred *cred = current_cred(); in SYSCALL_DEFINE2() local
162 i = cred->group_info->ngroups; in SYSCALL_DEFINE2()
[all …]
|
| D | groups.c | 123 void set_groups(struct cred *new, struct group_info *group_info) in set_groups()
141 struct cred *new; in set_current_groups()
155 const struct cred *cred = current_cred(); in SYSCALL_DEFINE2() local
162 i = cred->group_info->ngroups; in SYSCALL_DEFINE2()
168 if (groups_to_user(grouplist, cred->group_info)) { in SYSCALL_DEFINE2()
221 const struct cred *cred = current_cred(); in in_group_p() local
224 if (!gid_eq(grp, cred->fsgid)) in in_group_p()
225 retval = groups_search(cred->group_info, grp); in in_group_p()
233 const struct cred *cred = current_cred(); in in_egroup_p() local
236 if (!gid_eq(grp, cred->egid)) in in_egroup_p()
[all …]
|
| /Linux-v5.10/net/sunrpc/ |
| D | auth.c | 41 static struct cred machine_cred = {
52 const struct cred *rpc_machine_cred(void) in rpc_machine_cred()
264 rpcauth_unhash_cred_locked(struct rpc_cred *cred) in rpcauth_unhash_cred_locked() argument
266 if (!test_and_clear_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags)) in rpcauth_unhash_cred_locked()
268 hlist_del_rcu(&cred->cr_hash); in rpcauth_unhash_cred_locked()
273 rpcauth_unhash_cred(struct rpc_cred *cred) in rpcauth_unhash_cred() argument
278 if (!test_bit(RPCAUTH_CRED_HASHED, &cred->cr_flags)) in rpcauth_unhash_cred()
280 cache_lock = &cred->cr_auth->au_credcache->lock; in rpcauth_unhash_cred()
282 ret = rpcauth_unhash_cred_locked(cred); in rpcauth_unhash_cred()
315 rpcauth_stringify_acceptor(struct rpc_cred *cred) in rpcauth_stringify_acceptor() argument
[all …]
|
| D | auth_unix.c | 63 unx_destroy_cred(struct rpc_cred *cred) in unx_destroy_cred() argument
65 call_rcu(&cred->cr_rcu, unx_free_cred_callback); in unx_destroy_cred()
72 unx_match(struct auth_cred *acred, struct rpc_cred *cred, int flags) in unx_match() argument
77 if (cred->cr_cred == acred->cred) in unx_match()
80 …if (!uid_eq(cred->cr_cred->fsuid, acred->cred->fsuid) || !gid_eq(cred->cr_cred->fsgid, acred->cred… in unx_match()
83 if (acred->cred->group_info != NULL) in unx_match()
84 groups = acred->cred->group_info->ngroups; in unx_match()
87 if (cred->cr_cred->group_info == NULL) in unx_match()
89 if (groups != cred->cr_cred->group_info->ngroups) in unx_match()
93 if (!gid_eq(cred->cr_cred->group_info->gid[i], acred->cred->group_info->gid[i])) in unx_match()
[all …]
|
| /Linux-v5.10/security/keys/ |
| D | process_keys.c | 77 const struct cred *cred = current_cred(); in look_up_user_keyrings() local
82 uid_t uid = from_kuid(user_ns, cred->user->uid); in look_up_user_keyrings()
106 uid_keyring = keyring_alloc(buf, cred->user->uid, INVALID_GID, in look_up_user_keyrings()
107 cred, user_keyring_perm, in look_up_user_keyrings()
128 session_keyring = keyring_alloc(buf, cred->user->uid, INVALID_GID, in look_up_user_keyrings()
129 cred, user_keyring_perm, in look_up_user_keyrings()
185 struct key *get_user_session_keyring_rcu(const struct cred *cred) in get_user_session_keyring_rcu() argument
187 struct key *reg_keyring = READ_ONCE(cred->user_ns->user_keyring_register); in get_user_session_keyring_rcu()
194 .cred = cred, in get_user_session_keyring_rcu()
205 from_kuid(cred->user_ns, in get_user_session_keyring_rcu()
[all …]
|
| D | request_key_auth.c | 112 if (rka->cred) in free_request_key_auth()
113 put_cred(rka->cred); in free_request_key_auth()
166 const struct cred *cred = current_cred(); in request_key_auth_new() local
185 if (cred->request_key_auth) { in request_key_auth_new()
187 down_read(&cred->request_key_auth->sem); in request_key_auth_new()
192 &cred->request_key_auth->flags)) { in request_key_auth_new()
193 up_read(&cred->request_key_auth->sem); in request_key_auth_new()
198 irka = cred->request_key_auth->payload.data[0]; in request_key_auth_new()
199 rka->cred = get_cred(irka->cred); in request_key_auth_new()
202 up_read(&cred->request_key_auth->sem); in request_key_auth_new()
[all …]
|
| D | request_key.c | 77 static int umh_keys_init(struct subprocess_info *info, struct cred *cred) in umh_keys_init() argument
81 return install_session_keyring_to_cred(cred, keyring); in umh_keys_init()
119 const struct cred *cred = current_cred(); in call_sbin_request_key() local
136 cred = get_current_cred(); in call_sbin_request_key()
137 keyring = keyring_alloc(desc, cred->fsuid, cred->fsgid, cred, in call_sbin_request_key()
140 put_cred(cred); in call_sbin_request_key()
152 sprintf(uid_str, "%d", from_kuid(&init_user_ns, cred->fsuid)); in call_sbin_request_key()
153 sprintf(gid_str, "%d", from_kgid(&init_user_ns, cred->fsgid)); in call_sbin_request_key()
160 cred->thread_keyring ? cred->thread_keyring->serial : 0); in call_sbin_request_key()
163 if (cred->process_keyring) in call_sbin_request_key()
[all …]
|
| D | permission.c | 26 int key_task_permission(const key_ref_t key_ref, const struct cred *cred, in key_task_permission() argument
54 if (uid_eq(key->uid, cred->fsuid)) { in key_task_permission()
62 if (gid_eq(key->gid, cred->fsgid)) { in key_task_permission()
67 ret = groups_search(cred->group_info, key->gid); in key_task_permission()
90 return security_key_permission(key_ref, cred, need_perm); in key_task_permission()
|
| /Linux-v5.10/include/linux/sunrpc/ |
| D | svcauth.h | 36 static inline void init_svc_cred(struct svc_cred *cred) in init_svc_cred() argument
38 cred->cr_group_info = NULL; in init_svc_cred()
39 cred->cr_raw_principal = NULL; in init_svc_cred()
40 cred->cr_principal = NULL; in init_svc_cred()
41 cred->cr_targ_princ = NULL; in init_svc_cred()
42 cred->cr_gss_mech = NULL; in init_svc_cred()
45 static inline void free_svc_cred(struct svc_cred *cred) in free_svc_cred() argument
47 if (cred->cr_group_info) in free_svc_cred()
48 put_group_info(cred->cr_group_info); in free_svc_cred()
49 kfree(cred->cr_raw_principal); in free_svc_cred()
[all …]
|
| /Linux-v5.10/security/ |
| D | commoncap.c | 65 int cap_capable(const struct cred *cred, struct user_namespace *targ_ns, in cap_capable() argument
76 if (ns == cred->user_ns) in cap_capable()
77 return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM; in cap_capable()
83 if (ns->level <= cred->user_ns->level) in cap_capable()
90 if ((ns->parent == cred->user_ns) && uid_eq(ns->owner, cred->euid)) in cap_capable()
136 const struct cred *cred, *child_cred; in cap_ptrace_access_check() local
140 cred = current_cred(); in cap_ptrace_access_check()
143 caller_caps = &cred->cap_effective; in cap_ptrace_access_check()
145 caller_caps = &cred->cap_permitted; in cap_ptrace_access_check()
146 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_access_check()
[all …]
|
| /Linux-v5.10/security/apparmor/include/ |
| D | cred.h | 22 static inline struct aa_label *cred_label(const struct cred *cred) in cred_label() argument
24 struct aa_label **blob = cred->security + apparmor_blob_sizes.lbs_cred; in cred_label()
30 static inline void set_cred_label(const struct cred *cred, in set_cred_label() argument
33 struct aa_label **blob = cred->security + apparmor_blob_sizes.lbs_cred; in set_cred_label()
47 static inline struct aa_label *aa_cred_raw_label(const struct cred *cred) in aa_cred_raw_label() argument
49 struct aa_label *label = cred_label(cred); in aa_cred_raw_label()
61 static inline struct aa_label *aa_get_newest_cred_label(const struct cred *cred) in aa_get_newest_cred_label() argument
63 return aa_get_newest_label(aa_cred_raw_label(cred)); in aa_get_newest_cred_label()
|
| /Linux-v5.10/drivers/net/ethernet/pensando/ionic/ |
| D | ionic_regs.h | 66 int intr_idx, u32 cred, u32 flags) in ionic_intr_credits() argument
68 if (WARN_ON_ONCE(cred > IONIC_INTR_CRED_COUNT)) { in ionic_intr_credits()
69 cred = ioread32(&intr_ctrl[intr_idx].credits); in ionic_intr_credits()
70 cred &= IONIC_INTR_CRED_COUNT_SIGNED; in ionic_intr_credits()
73 iowrite32(cred | flags, &intr_ctrl[intr_idx].credits); in ionic_intr_credits()
79 u32 cred; in ionic_intr_clean() local
81 cred = ioread32(&intr_ctrl[intr_idx].credits); in ionic_intr_clean()
82 cred &= IONIC_INTR_CRED_COUNT_SIGNED; in ionic_intr_clean()
83 cred |= IONIC_INTR_CRED_RESET_COALESCE; in ionic_intr_clean()
84 iowrite32(cred, &intr_ctrl[intr_idx].credits); in ionic_intr_clean()
|
| /Linux-v5.10/fs/nfs/ |
| D | nfs4state.c | 110 int nfs4_init_clientid(struct nfs_client *clp, const struct cred *cred) in nfs4_init_clientid() argument
126 status = nfs4_proc_setclientid(clp, NFS4_CALLBACK, port, cred, &clid); in nfs4_init_clientid()
133 status = nfs4_proc_setclientid_confirm(clp, &clid, cred); in nfs4_init_clientid()
157 const struct cred *cred) in nfs40_discover_server_trunking() argument
171 status = nfs4_proc_setclientid(clp, NFS4_CALLBACK, port, cred, &clid); in nfs40_discover_server_trunking()
177 status = nfs40_walk_client_list(clp, result, cred); in nfs40_discover_server_trunking()
191 const struct cred *nfs4_get_machine_cred(struct nfs_client *clp) in nfs4_get_machine_cred()
204 static const struct cred *
207 const struct cred *cred = NULL; in nfs4_get_renew_cred_server_locked() local
217 cred = get_cred(sp->so_cred); in nfs4_get_renew_cred_server_locked()
[all …]
|
| D | nfs4_fs.h | 67 nfs4_stateid *, const struct cred *);
113 const struct cred *so_cred; /* Associated cred */
219 int (*establish_clid)(struct nfs_client *, const struct cred *);
220 int (*reclaim_complete)(struct nfs_client *, const struct cred *);
222 const struct cred *);
252 const struct cred *cred; member
256 int (*sched_state_renewal)(struct nfs_client *, const struct cred *, unsigned);
257 const struct cred * (*get_state_renewal_cred)(struct nfs_client *);
258 int (*renew_lease)(struct nfs_client *, const struct cred *);
263 struct page *, const struct cred *);
[all …]
|
| D | delegation.h | 18 const struct cred *cred; member
41 int nfs_inode_set_delegation(struct inode *inode, const struct cred *cred,
43 void nfs_inode_reclaim_delegation(struct inode *inode, const struct cred *cred,
68 int nfs4_proc_delegreturn(struct inode *inode, const struct cred *cred, const nfs4_stateid *stateid…
71 …elegation_stateid(struct inode *inode, fmode_t flags, nfs4_stateid *dst, const struct cred **cred);
|
| D | delegation.c | 35 put_cred(delegation->cred); in __nfs_free_delegation()
36 delegation->cred = NULL; in __nfs_free_delegation()
223 void nfs_inode_reclaim_delegation(struct inode *inode, const struct cred *cred, in nfs_inode_reclaim_delegation() argument
229 const struct cred *oldcred = NULL; in nfs_inode_reclaim_delegation()
239 oldcred = delegation->cred; in nfs_inode_reclaim_delegation()
240 delegation->cred = get_cred(cred); in nfs_inode_reclaim_delegation()
253 nfs_inode_set_delegation(inode, cred, type, stateid, pagemod_limit); in nfs_inode_reclaim_delegation()
258 const struct cred *cred; in nfs_do_return_delegation() local
263 cred = get_cred(delegation->cred); in nfs_do_return_delegation()
265 res = nfs4_proc_delegreturn(inode, cred, in nfs_do_return_delegation()
[all …]
|
| /Linux-v5.10/net/sunrpc/auth_gss/ |
| D | auth_gss.c | 115 gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx) in gss_cred_set_ctx() argument
117 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base); in gss_cred_set_ctx()
119 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags)) in gss_cred_set_ctx()
123 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); in gss_cred_set_ctx()
125 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags); in gss_cred_set_ctx()
158 gss_cred_get_ctx(struct rpc_cred *cred) in gss_cred_get_ctx() argument
160 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base); in gss_cred_get_ctx()
417 const struct cred *cred) in gss_encode_v0_msg() argument
419 struct user_namespace *userns = cred->user_ns; in gss_encode_v0_msg()
444 const struct cred *cred) in gss_encode_v1_msg() argument
[all …]
|
| /Linux-v5.10/fs/cifs/ |
| D | cifs_spnego.c | 33 static const struct cred *spnego_cred;
108 const struct cred *saved_cred; in cifs_get_spnego_key()
192 struct cred *cred; in init_cifs_spnego() local
204 cred = prepare_kernel_cred(NULL); in init_cifs_spnego()
205 if (!cred) in init_cifs_spnego()
209 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, in init_cifs_spnego()
227 cred->thread_keyring = keyring; in init_cifs_spnego()
228 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; in init_cifs_spnego()
229 spnego_cred = cred; in init_cifs_spnego()
237 put_cred(cred); in init_cifs_spnego()
|
| /Linux-v5.10/security/safesetid/ |
| D | lsm.c | 90 static int safesetid_security_capable(const struct cred *cred, in safesetid_security_capable() argument
119 if (setid_policy_lookup((kid_t){.uid = cred->uid}, INVALID_ID, UID) == SIDPOL_DEFAULT) in safesetid_security_capable()
126 __kuid_val(cred->uid)); in safesetid_security_capable()
134 if (setid_policy_lookup((kid_t){.gid = cred->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT) in safesetid_security_capable()
141 __kuid_val(cred->uid)); in safesetid_security_capable()
156 static bool id_permitted_for_cred(const struct cred *old, kid_t new_id, enum setid_type new_type) in id_permitted_for_cred()
199 static int safesetid_task_fix_setuid(struct cred *new, in safesetid_task_fix_setuid()
200 const struct cred *old, in safesetid_task_fix_setuid()
223 static int safesetid_task_fix_setgid(struct cred *new, in safesetid_task_fix_setgid()
224 const struct cred *old, in safesetid_task_fix_setgid()
|
