Home
last modified time | relevance | path

Searched refs:cap (Results 1 – 11 of 11) sorted by relevance

/security/apparmor/
A Dcapability.c68 int cap, int error) in audit_caps() argument
81 !cap_raised(rules->caps.audit, cap))) in audit_caps()
85 cap_raised(rules->caps.kill, cap)) { in audit_caps()
87 } else if (cap_raised(rules->caps.quiet, cap) && in audit_caps()
135 request = 1 << (cap & 0x1f); in profile_capable()
150 if (cap_raised(rules->caps.allow, cap) && in profile_capable()
151 !cap_raised(rules->caps.denied, cap)) in profile_capable()
165 return audit_caps(ad, profile, cap, error); in profile_capable()
180 int cap, unsigned int opts) in aa_capable() argument
187 ad.common.u.cap = cap; in aa_capable()
[all …]
A Dpolicy.c823 struct user_namespace *userns, int cap) in policy_ns_capable() argument
828 err = cap_capable(subj_cred, userns, cap, CAP_OPT_NONE); in policy_ns_capable()
830 err = aa_capable(subj_cred, label, cap, CAP_OPT_NONE); in policy_ns_capable()
A Dlsm.c196 int cap, unsigned int opts) in apparmor_capable() argument
203 error = aa_capable(cred, label, cap, opts); in apparmor_capable()
628 struct aa_label *new, int cap, in profile_uring() argument
/security/
A Dcommoncap.c71 int cap) in cap_capable_helper()
125 int cap, unsigned int opts) in cap_capable()
420 struct vfs_cap_data *cap; in cap_inode_getsecurity() local
440 if (is_v2header(size, cap)) { in cap_inode_getsecurity()
494 cap = kzalloc(size, GFP_ATOMIC); in cap_inode_getsecurity()
495 if (!cap) { in cap_inode_getsecurity()
509 *buffer = cap; in cap_inode_getsecurity()
537 return is_v2header(size, cap) || is_v3header(size, cap); in validheader()
575 if (!validheader(size, cap)) in cap_convert_nscap()
1266 if (!cap_valid(cap)) in cap_prctl_drop()
[all …]
A Dlsm_audit.c194 audit_log_format(ab, " capability=%d ", a->u.cap); in audit_log_lsm_data()
A Dsecurity.c1139 int cap, in security_capable() argument
1142 return call_int_hook(capable, cred, ns, cap, opts); in security_capable()
5783 int security_bpf_token_capable(const struct bpf_token *token, int cap) in security_bpf_token_capable() argument
5785 return call_int_hook(bpf_token_capable, token, cap); in security_bpf_token_capable()
/security/safesetid/
A Dlsm.c93 int cap, in safesetid_security_capable() argument
97 if (cap != CAP_SETUID && cap != CAP_SETGID) in safesetid_security_capable()
108 switch (cap) { in safesetid_security_capable()
/security/smack/
A Dsmack_access.c658 bool smack_privileged_cred(int cap, const struct cred *cred) in smack_privileged_cred() argument
665 rc = cap_capable(cred, &init_user_ns, cap, CAP_OPT_NONE); in smack_privileged_cred()
695 bool smack_privileged(int cap) in smack_privileged() argument
703 return smack_privileged_cred(cap, current_cred()); in smack_privileged()
A Dsmack.h294 bool smack_privileged(int cap);
295 bool smack_privileged_cred(int cap, const struct cred *cred);
/security/apparmor/include/
A Dcapability.h41 int cap, unsigned int opts);
/security/selinux/
A Dhooks.c1630 int cap, unsigned int opts, bool initns) in cred_has_capability() argument
1636 u32 av = CAP_TO_MASK(cap); in cred_has_capability()
1640 ad.u.cap = cap; in cred_has_capability()
1642 switch (CAP_TO_INDEX(cap)) { in cred_has_capability()
1650 pr_err("SELinux: out of range capability %d\n", cap); in cred_has_capability()
2153 int cap, unsigned int opts) in selinux_capable() argument
2155 return cred_has_capability(cred, cap, opts, ns == &init_user_ns); in selinux_capable()

Completed in 50 milliseconds