| /security/safesetid/ |
| A D | lsm.c | 49 if (!gid_eq(rule->src_id.gid, src.gid)) in _setid_policy_lookup()
51 if (gid_eq(rule->dst_id.gid, dst.gid)){ in _setid_policy_lookup()
128 if (setid_policy_lookup((kid_t){.gid = cred->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT) in safesetid_security_capable()
135 __kgid_val(cred->gid)); in safesetid_security_capable()
158 if (gid_eq(new_id.gid, old->gid) || gid_eq(new_id.gid, old->egid) || in id_permitted_for_cred()
159 gid_eq(new_id.gid, old->sgid)) in id_permitted_for_cred()
178 __kgid_val(old->gid), __kgid_val(old->egid), in id_permitted_for_cred()
221 if (setid_policy_lookup((kid_t){.gid = old->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT) in safesetid_task_fix_setgid()
224 if (id_permitted_for_cred(old, (kid_t){.gid = new->gid}, GID) && in safesetid_task_fix_setgid()
244 if (setid_policy_lookup((kid_t){.gid = old->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT) in safesetid_task_fix_setgroups()
[all …]
|
| A D | securityfs.c | 59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
61 if (!gid_valid(rule->src_id.gid) || !gid_valid(rule->dst_id.gid)) in parse_policy_line()
93 hash_add(pol->rules, &rule->next, __kgid_val(rule->src_id.gid)); in insert_rule()
112 __kgid_val(rule->src_id.gid), in verify_ruleset()
113 __kgid_val(rule->dst_id.gid)); in verify_ruleset()
129 nrule->src_id.gid = rule->dst_id.gid; in verify_ruleset()
130 nrule->dst_id.gid = rule->dst_id.gid; in verify_ruleset()
|
| A D | lsm.h | 32 kgid_t gid; member
|
| /security/keys/ |
| A D | permission.c | 61 if (gid_valid(key->gid) && key->perm & KEY_GRP_ALL) { in key_task_permission()
62 if (gid_eq(key->gid, cred->fsgid)) { in key_task_permission()
67 ret = groups_search(cred->group_info, key->gid); in key_task_permission()
|
| A D | process_keys.c | 228 keyring = keyring_alloc("_tid", new->uid, new->gid, new, in install_thread_keyring_to_cred()
275 keyring = keyring_alloc("_pid", new->uid, new->gid, new, in install_process_keyring_to_cred()
330 keyring = keyring_alloc("_ses", cred->uid, cred->gid, cred, in install_session_keyring_to_cred()
395 new_cred->thread_keyring->gid = new_cred->fsgid; in key_fsgid_changed()
870 name, old->uid, old->gid, old, in join_session_keyring()
932 new-> gid = old-> gid; in key_change_session_keyring()
|
| A D | keyctl.c | 684 from_kgid_munged(current_user_ns(), key->gid), in keyctl_describe_key()
956 kgid_t gid; in keyctl_chown_key() local
960 gid = make_kgid(current_user_ns(), group); in keyctl_chown_key()
964 if ((group != (gid_t) -1) && !gid_valid(gid)) in keyctl_chown_key()
993 if (group != (gid_t) -1 && !gid_eq(gid, key->gid) && !in_group_p(gid)) in keyctl_chown_key()
1046 key->gid = gid; in keyctl_chown_key()
1685 !gid_eq(pcred->gid, mycred->egid) || in keyctl_session_to_parent()
|
| A D | key.c | 225 kuid_t uid, kgid_t gid, const struct cred *cred, in key_alloc() argument
295 key->gid = gid; in key_alloc()
|
| A D | proc.c | 239 from_kgid_munged(seq_user_ns(m), key->gid), in proc_keys_show()
|
| A D | keyring.c | 517 struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, in keyring_alloc() argument
527 uid, gid, cred, perm, flags, restrict_link); in keyring_alloc()
|
| /security/tomoyo/ |
| A D | tomoyo.c | 376 static int tomoyo_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in tomoyo_path_chown() argument
383 if (!error && gid_valid(gid)) in tomoyo_path_chown()
385 from_kgid(&init_user_ns, gid)); in tomoyo_path_chown()
|
| A D | audit.c | 201 from_kgid(&init_user_ns, stat->gid), in tomoyo_print_header()
210 from_kgid(&init_user_ns, stat->gid), in tomoyo_print_header()
|
| A D | condition.c | 743 stat->gid = inode->i_gid; in tomoyo_get_attributes()
1005 value = from_kgid(&init_user_ns, stat->gid); in tomoyo_condition()
|
| A D | common.h | 569 kgid_t gid; member
|
| /security/integrity/ima/ |
| A D | ima_policy.c | 107 kgid_t gid; member
618 if ((rule->flags & IMA_GID) && !rule->gid_op(cred->gid, rule->gid)) in ima_match_rules()
622 if (!rule->gid_op(cred->egid, rule->gid) in ima_match_rules()
623 && !rule->gid_op(cred->sgid, rule->gid) in ima_match_rules()
624 && !rule->gid_op(cred->gid, rule->gid)) in ima_match_rules()
626 } else if (!rule->gid_op(cred->egid, rule->gid)) in ima_match_rules()
1422 entry->gid = INVALID_GID; in ima_parse_rule()
1690 if (gid_valid(entry->gid)) { in ima_parse_rule()
1697 entry->gid = make_kgid(current_user_ns(), in ima_parse_rule()
1699 if (!gid_valid(entry->gid) || in ima_parse_rule()
[all …]
|
| /security/integrity/evm/ |
| A D | evm_crypto.c | 149 gid_t gid; in hmac_add_misc() member
170 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); in hmac_add_misc()
|
| /security/ |
| A D | commoncap.c | 947 new->egid = new->gid; in cap_bprm_creds_from_file()
992 !gid_eq(new->egid, old->gid) || in cap_bprm_creds_from_file()
|
| A D | security.c | 2076 int security_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in security_path_chown() argument
2080 return call_int_hook(path_chown, path, uid, gid); in security_path_chown()
|
| /security/apparmor/ |
| A D | lsm.c | 449 static int apparmor_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in apparmor_path_chown() argument
|