Home
last modified time | relevance | path

Searched refs:ns_capable (Results 1 – 25 of 90) sorted by relevance

1234

/linux-6.15/net/bridge/
H A Dbr_ioctl.c91 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
219 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
226 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
233 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
240 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
280 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
287 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
296 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
379 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
406 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in br_ioctl_stub()
[all …]
/linux-6.15/include/linux/
H A Dcapability.h148 extern bool ns_capable(struct user_namespace *ns, int cap);
170 static inline bool ns_capable(struct user_namespace *ns, int cap) in ns_capable() function
202 return ns_capable(ns, CAP_CHECKPOINT_RESTORE) || in checkpoint_restore_ns_capable()
203 ns_capable(ns, CAP_SYS_ADMIN); in checkpoint_restore_ns_capable()
/linux-6.15/kernel/cgroup/
H A Dnamespace.c66 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_cgroup_ns()
103 if (!ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN) || in cgroupns_install()
104 !ns_capable(cgroup_ns->user_ns, CAP_SYS_ADMIN)) in cgroupns_install()
/linux-6.15/kernel/
H A Dcapability.c361 bool ns_capable(struct user_namespace *ns, int cap) in ns_capable() function
365 EXPORT_SYMBOL(ns_capable);
416 return ns_capable(&init_user_ns, cap); in capable()
478 return ns_capable(ns, cap) && in capable_wrt_inode_uidgid()
H A Dutsname.c145 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in utsns_install()
146 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in utsns_install()
H A Dpid_sysctl.h15 if (write && !ns_capable(ns->user_ns, CAP_SYS_ADMIN)) in pid_mfd_noexec_dointvec_minmax()
H A Dpid_namespace.c399 if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || in pidns_install()
400 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in pidns_install()
H A Dnsproxy.c165 } else if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_namespaces()
225 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in unshare_nsproxy_namespaces()
/linux-6.15/net/8021q/
H A Dvlan.c577 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
587 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
596 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
605 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
620 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
627 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
/linux-6.15/kernel/bpf/
H A Dtoken.c13 return ns_capable(ns, cap) || (cap != CAP_SYS_ADMIN && ns_capable(ns, CAP_SYS_ADMIN)); in bpf_ns_capable()
146 if (!ns_capable(userns, CAP_BPF)) in bpf_token_create()
/linux-6.15/ipc/
H A Dnamespace.c239 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in ipcns_install()
240 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in ipcns_install()
H A Dutil.c568 !ns_capable(ns->user_ns, CAP_IPC_OWNER)) in ipcperms()
740 ns_capable(ns->user_ns, CAP_SYS_ADMIN)) in ipcctl_obtain_check()
/linux-6.15/security/
H A Dcommoncap.c180 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
580 if (ns_capable(inode->i_sb->s_user_ns, CAP_SETFCAP)) in cap_convert_nscap()
950 if (!ns_capable(new->user_ns, CAP_SETUID) || in cap_bprm_creds_from_file()
1036 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_setxattr()
1080 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_removexattr()
1209 if (!is_subset && !ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE)) in cap_safe_nice()
1268 if (!ns_capable(current_user_ns(), CAP_SETPCAP)) in cap_prctl_drop()
/linux-6.15/fs/
H A Dfhandle.c303 if (ns_capable(root->mnt->mnt_sb->s_user_ns, CAP_SYS_ADMIN)) in may_decode_fh()
306 ns_capable(real_mount(root->mnt)->mnt_ns->user_ns, in may_decode_fh()
314 if (!ns_capable(current_user_ns(), CAP_DAC_READ_SEARCH)) in may_decode_fh()
H A Dattr.c104 ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN)) in chown_ok()
135 ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN)) in chgrp_ok()
H A Dinit.c71 if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT)) in init_chroot()
/linux-6.15/net/core/
H A Dscm.c57 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && in scm_check_creds()
59 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
61 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
H A Ddev_ioctl.c771 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
813 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
/linux-6.15/security/yama/
H A Dyama_lsm.c366 !ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
372 if (!ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
/linux-6.15/net/ipv4/
H A Dip_options.c396 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
431 if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) { in __ip_options_compile()
444 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
/linux-6.15/kernel/time/
H A Dnamespace.c314 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in timens_install()
315 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in timens_install()
/linux-6.15/security/keys/
H A Dpersistent.c149 !ns_capable(ns, CAP_SETUID)) in keyctl_get_persistent()
/linux-6.15/net/ieee802154/
H A Dsocket.c905 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
906 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
929 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
930 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
/linux-6.15/drivers/connector/
H A Dconnector.c176 if (ns_capable(net->user_ns, CAP_NET_ADMIN)) in cn_bind()
/linux-6.15/net/ipv6/
H A Ddatagram.c876 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
896 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
921 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()

1234