Home
last modified time | relevance | path

Searched refs:ns_capable (Results 1 – 25 of 82) sorted by relevance

1234

/Linux-v5.4/net/bridge/
Dbr_ioctl.c89 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
181 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
188 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
195 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
202 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
242 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
250 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
259 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
273 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in old_dev_ioctl()
336 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
[all …]
/Linux-v5.4/kernel/cgroup/
Dnamespace.c66 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_cgroup_ns()
102 if (!ns_capable(current_user_ns(), CAP_SYS_ADMIN) || in cgroupns_install()
103 !ns_capable(cgroup_ns->user_ns, CAP_SYS_ADMIN)) in cgroupns_install()
/Linux-v5.4/kernel/
Dcapability.c394 bool ns_capable(struct user_namespace *ns, int cap) in ns_capable() function
398 EXPORT_SYMBOL(ns_capable);
449 return ns_capable(&init_user_ns, cap); in capable()
506 return ns_capable(ns, cap) && privileged_wrt_inode_uidgid(ns, inode); in capable_wrt_inode_uidgid()
Dutsname.c147 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in utsns_install()
148 !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) in utsns_install()
Dpid_namespace.c274 if (write && !ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN)) in pid_ns_ctl_handler()
388 if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || in pidns_install()
389 !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) in pidns_install()
Dnsproxy.c147 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_namespaces()
199 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in unshare_nsproxy_namespaces()
Dsys.c163 if (ns_capable(pcred->user_ns, CAP_SYS_NICE)) in set_one_prio_perm()
375 ns_capable(old->user_ns, CAP_SETGID)) in __sys_setregid()
384 ns_capable(old->user_ns, CAP_SETGID)) in __sys_setregid()
430 if (ns_capable(old->user_ns, CAP_SETGID)) in __sys_setgid()
738 if (!ns_capable(old->user_ns, CAP_SETGID)) { in __sys_setresgid()
861 ns_capable(old->user_ns, CAP_SETGID)) { in __sys_setfsgid()
1310 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN)) in SYSCALL_DEFINE2()
1363 if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN)) in SYSCALL_DEFINE2()
1600 if (!id_match && !ns_capable(tcred->user_ns, CAP_SYS_RESOURCE)) in check_prlimit_permission()
1998 if (!ns_capable(current_user_ns(), CAP_SYS_ADMIN)) in prctl_set_mm_map()
Dgroups.c181 return ns_capable(user_ns, CAP_SETGID) && in may_setgroups()
Ducount.c42 if (ns_capable(user_ns, CAP_SYS_RESOURCE)) in set_permissions()
Dreboot.c318 if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT)) in SYSCALL_DEFINE4()
/Linux-v5.4/net/8021q/
Dvlan.c577 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
587 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
596 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
605 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
620 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
627 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
/Linux-v5.4/ipc/
Dnamespace.c183 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in ipcns_install()
184 !ns_capable(current_user_ns(), CAP_SYS_ADMIN)) in ipcns_install()
Dutil.c534 !ns_capable(ns->user_ns, CAP_IPC_OWNER)) in ipcperms()
709 ns_capable(ns->user_ns, CAP_SYS_ADMIN)) in ipcctl_obtain_check()
/Linux-v5.4/security/
Dcommoncap.c149 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
495 if (ns_capable(inode->i_sb->s_user_ns, CAP_SETFCAP)) in cap_convert_nscap()
841 if (!ns_capable(new->user_ns, CAP_SETUID) || in cap_bprm_set_creds()
928 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_setxattr()
963 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_removexattr()
1090 if (!is_subset && !ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE)) in cap_safe_nice()
1143 if (!ns_capable(current_user_ns(), CAP_SETPCAP)) in cap_prctl_drop()
/Linux-v5.4/net/core/
Dscm.c55 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && in scm_check_creds()
57 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
59 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
Ddev_ioctl.c440 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
482 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
/Linux-v5.4/fs/
Dfsopen.c122 if (!ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN)) in SYSCALL_DEFINE2()
165 if (!ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN)) in SYSCALL_DEFINE3()
249 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) { in vfs_fsconfig_locked()
Dattr.c29 ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN)) in chown_ok()
42 ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN)) in chgrp_ok()
Dioctl.c561 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) in ioctl_fsfreeze()
578 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) in ioctl_fsthaw()
/Linux-v5.4/include/linux/
Dcapability.h211 extern bool ns_capable(struct user_namespace *ns, int cap);
237 static inline bool ns_capable(struct user_namespace *ns, int cap) in ns_capable() function
/Linux-v5.4/security/yama/
Dyama_lsm.c371 !ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
377 if (!ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
/Linux-v5.4/net/ipv4/
Dip_options.c409 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
444 if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) { in __ip_options_compile()
457 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
/Linux-v5.4/security/keys/
Dpersistent.c149 !ns_capable(ns, CAP_SETUID)) in keyctl_get_persistent()
/Linux-v5.4/net/ieee802154/
Dsocket.c902 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
903 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
926 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
927 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
/Linux-v5.4/net/ipv6/
Dipv6_sockglue.c366 if (valbool && !ns_capable(net->user_ns, CAP_NET_RAW) && in do_ipv6_setsockopt()
367 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { in do_ipv6_setsockopt()
403 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) in do_ipv6_setsockopt()
830 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in do_ipv6_setsockopt()

1234