| /security/safesetid/ |
| A D | lsm.c | 41 if (!uid_eq(rule->src_id.uid, src.uid)) in _setid_policy_lookup()
43 if (uid_eq(rule->dst_id.uid, dst.uid)) in _setid_policy_lookup()
114 if (setid_policy_lookup((kid_t){.uid = cred->uid}, INVALID_ID, UID) == SIDPOL_DEFAULT) in safesetid_security_capable()
121 __kuid_val(cred->uid)); in safesetid_security_capable()
154 if (uid_eq(new_id.uid, old->uid) || uid_eq(new_id.uid, old->euid) || in id_permitted_for_cred()
155 uid_eq(new_id.uid, old->suid)) in id_permitted_for_cred()
169 setid_policy_lookup((kid_t){.uid = old->uid}, new_id, new_type) != SIDPOL_CONSTRAINED; in id_permitted_for_cred()
174 __kuid_val(old->uid), __kuid_val(old->euid), in id_permitted_for_cred()
175 __kuid_val(old->suid), __kuid_val(new_id.uid)); in id_permitted_for_cred()
197 if (setid_policy_lookup((kid_t){.uid = old->uid}, INVALID_ID, UID) == SIDPOL_DEFAULT) in safesetid_task_fix_setuid()
[all …]
|
| A D | securityfs.c | 54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
56 if (!uid_valid(rule->src_id.uid) || !uid_valid(rule->dst_id.uid)) in parse_policy_line()
91 hash_add(pol->rules, &rule->next, __kuid_val(rule->src_id.uid)); in insert_rule()
108 __kuid_val(rule->src_id.uid), in verify_ruleset()
109 __kuid_val(rule->dst_id.uid)); in verify_ruleset()
125 nrule->src_id.uid = rule->dst_id.uid; in verify_ruleset()
126 nrule->dst_id.uid = rule->dst_id.uid; in verify_ruleset()
|
| A D | lsm.h | 31 kuid_t uid; member
56 #define INVALID_ID (kid_t){.uid = INVALID_UID}
|
| /security/keys/ |
| A D | persistent.c | 58 uid, INVALID_GID, current_cred(), in key_create_persistent()
73 static long key_get_persistent(struct user_namespace *ns, kuid_t uid, in key_get_persistent() argument
86 index_key.desc_len = sprintf(buf, "_persistent.%u", from_kuid(ns, uid)); in key_get_persistent()
103 persistent_ref = key_create_persistent(ns, uid, &index_key); in key_get_persistent()
133 kuid_t uid; in keyctl_get_persistent() local
138 uid = current_uid(); in keyctl_get_persistent()
140 uid = make_kuid(ns, _uid); in keyctl_get_persistent()
141 if (!uid_valid(uid)) in keyctl_get_persistent()
147 if (!uid_eq(uid, current_uid()) && in keyctl_get_persistent()
148 !uid_eq(uid, current_euid()) && in keyctl_get_persistent()
[all …]
|
| A D | process_keys.c | 32 .uid = GLOBAL_ROOT_UID,
82 uid_t uid = from_kuid(user_ns, cred->user->uid); in look_up_user_keyrings() local
88 kenter("%u", uid); in look_up_user_keyrings()
101 snprintf(buf, sizeof(buf), "_uid.%u", uid); in look_up_user_keyrings()
123 snprintf(buf, sizeof(buf), "_uid_ses.%u", uid); in look_up_user_keyrings()
206 cred->user->uid)); in get_user_session_keyring_rcu()
228 keyring = keyring_alloc("_tid", new->uid, new->gid, new, in install_thread_keyring_to_cred()
275 keyring = keyring_alloc("_pid", new->uid, new->gid, new, in install_process_keyring_to_cred()
382 new_cred->thread_keyring->uid = new_cred->fsuid; in key_fsuid_changed()
870 name, old->uid, old->gid, old, in join_session_keyring()
[all …]
|
| A D | proc.c | 71 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
103 if (kuid_has_mapping(user_ns, minkey->user->uid)) in find_ge_key()
238 from_kuid_munged(seq_user_ns(m), key->uid), in proc_keys_show()
256 if (kuid_has_mapping(user_ns, user->uid)) in __key_user_next()
307 unsigned maxkeys = uid_eq(user->uid, GLOBAL_ROOT_UID) ? in proc_key_users_show()
309 unsigned maxbytes = uid_eq(user->uid, GLOBAL_ROOT_UID) ? in proc_key_users_show()
313 from_kuid_munged(seq_user_ns(m), user->uid), in proc_key_users_show()
|
| A D | key.c | 50 struct key_user *key_user_lookup(kuid_t uid) in key_user_lookup() argument
65 if (uid_lt(uid, user->uid)) in key_user_lookup()
67 else if (uid_gt(uid, user->uid)) in key_user_lookup()
95 candidate->uid = uid; in key_user_lookup()
225 kuid_t uid, kgid_t gid, const struct cred *cred, in key_alloc() argument
251 user = key_user_lookup(uid); in key_alloc()
258 unsigned maxkeys = uid_eq(uid, GLOBAL_ROOT_UID) ? in key_alloc()
260 unsigned maxbytes = uid_eq(uid, GLOBAL_ROOT_UID) ? in key_alloc()
294 key->uid = uid; in key_alloc()
383 unsigned maxbytes = uid_eq(key->user->uid, GLOBAL_ROOT_UID) ? in key_payload_reserve()
|
| A D | keyctl.c | 683 from_kuid_munged(current_user_ns(), key->uid), in keyctl_describe_key()
955 kuid_t uid; in keyctl_chown_key() local
959 uid = make_kuid(current_user_ns(), user); in keyctl_chown_key()
962 if ((user != (uid_t) -1) && !uid_valid(uid)) in keyctl_chown_key()
988 if (user != (uid_t) -1 && !uid_eq(key->uid, uid)) in keyctl_chown_key()
1001 if (user != (uid_t) -1 && !uid_eq(uid, key->uid)) { in keyctl_chown_key()
1003 newowner = key_user_lookup(uid); in keyctl_chown_key()
1009 unsigned maxkeys = uid_eq(uid, GLOBAL_ROOT_UID) ? in keyctl_chown_key()
1011 unsigned maxbytes = uid_eq(uid, GLOBAL_ROOT_UID) ? in keyctl_chown_key()
1041 key->uid = uid; in keyctl_chown_key()
[all …]
|
| A D | internal.h | 61 kuid_t uid; member
70 extern struct key_user *key_user_lookup(kuid_t uid);
272 static inline long keyctl_get_persistent(uid_t uid, key_serial_t destring) in keyctl_get_persistent() argument
|
| A D | permission.c | 54 if (uid_eq(key->uid, cred->fsuid)) { in key_task_permission()
|
| A D | keyring.c | 517 struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, in keyring_alloc() argument
527 uid, gid, cred, perm, flags, restrict_link); in keyring_alloc()
1158 if (!kuid_has_mapping(ns, keyring->user->uid)) in find_keyring_by_name()
|
| /security/ |
| A D | commoncap.c | 797 static inline bool __is_real(kuid_t uid, struct cred *cred) in __is_real() argument
798 { return uid_eq(cred->uid, uid); } in __is_real()
800 static inline bool __is_eff(kuid_t uid, struct cred *cred) in __is_eff() argument
801 { return uid_eq(cred->euid, uid); } in __is_eff()
803 static inline bool __is_suid(kuid_t uid, struct cred *cred) in __is_suid() argument
804 { return !__is_real(uid, cred) && __is_eff(uid, cred); } in __is_suid()
946 new->euid = new->uid; in cap_bprm_creds_from_file()
991 !uid_eq(new->euid, old->uid) || in cap_bprm_creds_from_file()
1114 if ((uid_eq(old->uid, root_uid) || in cap_emulate_setxuid()
1117 (!uid_eq(new->uid, root_uid) && in cap_emulate_setxuid()
|
| /security/integrity/ima/ |
| A D | ima_policy.c | 106 kuid_t uid; member
172 .uid = GLOBAL_ROOT_UID, .uid_op = &uid_eq,
184 .uid = GLOBAL_ROOT_UID, .uid_op = &uid_eq,
187 .uid = GLOBAL_ROOT_UID, .uid_op = &uid_eq,
522 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rule_data()
607 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules()
611 if (!rule->uid_op(cred->euid, rule->uid) in ima_match_rules()
613 && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules()
1421 entry->uid = INVALID_UID; in ima_parse_rule()
1655 if (uid_valid(entry->uid)) { in ima_parse_rule()
[all …]
|
| /security/apparmor/ |
| A D | file.c | 163 NULL, NULL, cond->uid, info, error)); in path_name()
191 if (uid_eq(subj_uid, cond->uid)) in aa_lookup_condperms()
238 cond->uid, NULL, e); in __aa_path_perm()
403 NULL, cond->uid, info, error); in profile_path_link()
434 .uid = vfsuid_into_kuid(vfsuid), in aa_path_link()
488 .uid = vfsuid_into_kuid(vfsuid), in __file_path_perm()
|
| A D | domain.c | 707 OP_EXEC, MAY_EXEC, name, target, new, cond->uid, in profile_transition()
783 cond->uid, info, error); in profile_transition()
862 NULL, onexec, cond->uid, info, error); in profile_onexec()
|
| A D | lsm.c | 296 cond.uid = vfsuid_into_kuid(vfsuid); in common_perm_rm()
405 cond.uid = vfsuid_into_kuid(vfsuid); in apparmor_path_rename()
412 cond_exchange.uid = vfsuid_into_kuid(vfsuid); in apparmor_path_rename()
449 static int apparmor_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in apparmor_path_chown() argument
490 cond.uid = vfsuid_into_kuid(vfsuid); in apparmor_file_open()
|
| /security/tomoyo/ |
| A D | tomoyo.c | 376 static int tomoyo_path_chown(const struct path *path, kuid_t uid, kgid_t gid) in tomoyo_path_chown() argument
380 if (uid_valid(uid)) in tomoyo_path_chown()
382 from_kuid(&init_user_ns, uid)); in tomoyo_path_chown()
|
| A D | audit.c | 200 from_kuid(&init_user_ns, stat->uid), in tomoyo_print_header()
209 from_kuid(&init_user_ns, stat->uid), in tomoyo_print_header()
|
| A D | condition.c | 742 stat->uid = inode->i_uid; in tomoyo_get_attributes()
999 value = from_kuid(&init_user_ns, stat->uid); in tomoyo_condition()
|
| A D | common.h | 568 kuid_t uid; member
|
| /security/landlock/ |
| A D | domain.h | 51 uid_t uid; member
|
| A D | domain.c | 104 details->uid = from_kuid(&init_user_ns, current_uid()); in get_current_details()
|
| A D | audit.c | 123 hierarchy->details->uid); in log_domain()
|
| /security/apparmor/include/ |
| A D | file.h | 68 kuid_t uid; member
|
| /security/integrity/evm/ |
| A D | evm_crypto.c | 148 uid_t uid; in hmac_add_misc() member
169 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid); in hmac_add_misc()
|