Home
last modified time | relevance | path

Searched refs:user_ns (Results 1 – 25 of 186) sorted by relevance

12345678

/linux-6.15/kernel/
H A Dutsname.c45 static struct uts_namespace *clone_uts_ns(struct user_namespace *user_ns, in clone_uts_ns() argument
53 ucounts = inc_uts_namespaces(user_ns); in clone_uts_ns()
71 ns->user_ns = get_user_ns(user_ns); in clone_uts_ns()
90 struct user_namespace *user_ns, struct uts_namespace *old_ns) in copy_utsname() argument
100 new_ns = clone_uts_ns(user_ns, old_ns); in copy_utsname()
109 put_user_ns(ns->user_ns); in free_uts_ns()
145 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in utsns_install()
146 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in utsns_install()
157 return to_uts_ns(ns)->user_ns; in utsns_owner()
H A Dnsproxy.c68 struct task_struct *tsk, struct user_namespace *user_ns, in create_new_namespaces() argument
103 new_nsp->cgroup_ns = copy_cgroup_ns(flags, user_ns, in create_new_namespaces()
154 struct user_namespace *user_ns = task_cred_xxx(tsk, user_ns); in copy_namespaces() local
165 } else if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_namespaces()
216 struct user_namespace *user_ns; in unshare_nsproxy_namespaces() local
224 user_ns = new_cred ? new_cred->user_ns : current_user_ns(); in unshare_nsproxy_namespaces()
225 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in unshare_nsproxy_namespaces()
379 struct user_namespace *user_ns = NULL; in validate_nsset() local
421 user_ns = get_user_ns(__task_cred(tsk)->user_ns); in validate_nsset()
433 ret = validate_ns(nsset, &user_ns->ns); in validate_nsset()
[all …]
H A Duid16.c70 ruid = high2lowuid(from_kuid_munged(cred->user_ns, cred->uid)); in SYSCALL_DEFINE3()
71 euid = high2lowuid(from_kuid_munged(cred->user_ns, cred->euid)); in SYSCALL_DEFINE3()
72 suid = high2lowuid(from_kuid_munged(cred->user_ns, cred->suid)); in SYSCALL_DEFINE3()
93 rgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->gid)); in SYSCALL_DEFINE3()
94 egid = high2lowgid(from_kgid_munged(cred->user_ns, cred->egid)); in SYSCALL_DEFINE3()
95 sgid = high2lowgid(from_kgid_munged(cred->user_ns, cred->sgid)); in SYSCALL_DEFINE3()
117 struct user_namespace *user_ns = current_user_ns(); in groups16_to_user() local
124 group = high2lowgid(from_kgid_munged(user_ns, kgid)); in groups16_to_user()
135 struct user_namespace *user_ns = current_user_ns(); in groups16_from_user() local
144 kgid = make_kgid(user_ns, low2highgid(group)); in groups16_from_user()
H A Dpid_namespace.c75 static struct pid_namespace *create_pid_namespace(struct user_namespace *user_ns, in create_pid_namespace() argument
84 if (!in_userns(parent_pid_ns->user_ns, user_ns)) in create_pid_namespace()
90 ucounts = inc_pid_namespaces(user_ns); in create_pid_namespace()
118 ns->user_ns = get_user_ns(user_ns); in create_pid_namespace()
145 put_user_ns(ns->user_ns); in delayed_free_pidns()
175 struct user_namespace *user_ns, struct pid_namespace *old_ns) in copy_pid_ns() argument
181 return create_pid_namespace(user_ns, old_ns); in copy_pid_ns()
292 if (write && !checkpoint_restore_ns_capable(pid_ns->user_ns)) in pid_ns_ctl_handler()
399 if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || in pidns_install()
400 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in pidns_install()
[all …]
H A Dgroups.c40 struct user_namespace *user_ns = current_user_ns(); in groups_to_user() local
46 gid = from_kgid_munged(user_ns, group_info->gid[i]); in groups_to_user()
57 struct user_namespace *user_ns = current_user_ns(); in groups_from_user() local
67 kgid = make_kgid(user_ns, gid); in groups_from_user()
187 struct user_namespace *user_ns = current_user_ns(); in may_setgroups() local
189 return ns_capable_setid(user_ns, CAP_SETGID) && in may_setgroups()
190 userns_may_setgroups(user_ns); in may_setgroups()
H A Dcred.c60 .user_ns = &init_user_ns,
88 put_user_ns(cred->user_ns); in put_cred_rcu()
225 get_user_ns(new->user_ns); in prepare_creds()
355 const struct user_namespace *set_ns = set->user_ns; in cred_cap_issubset()
356 const struct user_namespace *subset_ns = subset->user_ns; in cred_cap_issubset()
436 if (new->user != old->user || new->user_ns != old->user_ns) in commit_creds()
440 if (new->user != old->user || new->user_ns != old->user_ns) in commit_creds()
541 if (old_ucounts->ns == new->user_ns && uid_eq(old_ucounts->uid, new->uid)) in set_cred_ucounts()
544 if (!(new_ucounts = alloc_ucounts(new->user_ns, new->uid))) in set_cred_ucounts()
599 get_user_ns(new->user_ns); in prepare_kernel_cred()
H A Duser_namespace.c59 cred->user_ns = user_ns; in set_cred_user_ns()
84 struct user_namespace *ns, *parent_ns = new->user_ns; in create_user_ns()
893 const struct user_namespace *file_ns = file->f_cred->user_ns; in verify_root_map()
1332 struct user_namespace *user_ns; in userns_get() local
1335 user_ns = get_user_ns(__task_cred(task)->user_ns); in userns_get()
1338 return user_ns ? &user_ns->ns : NULL; in userns_get()
1348 struct user_namespace *user_ns = to_user_ns(ns); in userns_install() local
1354 if (user_ns == current_user_ns()) in userns_install()
1364 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in userns_install()
1371 put_user_ns(cred->user_ns); in userns_install()
[all …]
/linux-6.15/ipc/
H A Dnamespace.c38 static struct ipc_namespace *create_ipc_ns(struct user_namespace *user_ns, in create_ipc_ns() argument
47 ucounts = inc_ipc_namespaces(user_ns); in create_ipc_ns()
70 ns->user_ns = get_user_ns(user_ns); in create_ipc_ns()
99 put_user_ns(ns->user_ns); in create_ipc_ns()
110 struct user_namespace *user_ns, struct ipc_namespace *ns) in copy_ipcs() argument
114 return create_ipc_ns(user_ns, ns); in copy_ipcs()
163 put_user_ns(ns->user_ns); in free_ipc_ns()
239 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in ipcns_install()
240 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in ipcns_install()
250 return to_ipc_ns(ns)->user_ns; in ipcns_owner()
/linux-6.15/kernel/cgroup/
H A Dnamespace.c44 put_user_ns(ns->user_ns); in free_cgroup_ns()
51 struct user_namespace *user_ns, in copy_cgroup_ns() argument
66 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_cgroup_ns()
69 ucounts = inc_cgroup_namespaces(user_ns); in copy_cgroup_ns()
86 new_ns->user_ns = get_user_ns(user_ns); in copy_cgroup_ns()
103 if (!ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN) || in cgroupns_install()
104 !ns_capable(cgroup_ns->user_ns, CAP_SYS_ADMIN)) in cgroupns_install()
141 return to_cg_ns(ns)->user_ns; in cgroupns_owner()
/linux-6.15/net/netfilter/
H A Dxt_owner.c32 (current_user_ns() != net->user_ns)) in owner_check()
37 kuid_t uid_min = make_kuid(net->user_ns, info->uid_min); in owner_check()
38 kuid_t uid_max = make_kuid(net->user_ns, info->uid_max); in owner_check()
49 kgid_t gid_min = make_kgid(net->user_ns, info->gid_min); in owner_check()
50 kgid_t gid_max = make_kgid(net->user_ns, info->gid_max); in owner_check()
88 kuid_t uid_min = make_kuid(net->user_ns, info->uid_min); in owner_mt()
89 kuid_t uid_max = make_kuid(net->user_ns, info->uid_max); in owner_mt()
100 kgid_t gid_min = make_kgid(net->user_ns, info->gid_min); in owner_mt()
101 kgid_t gid_max = make_kgid(net->user_ns, info->gid_max); in owner_mt()
/linux-6.15/kernel/time/
H A Dnamespace.c78 static struct time_namespace *clone_time_ns(struct user_namespace *user_ns, in clone_time_ns() argument
86 ucounts = inc_time_namespaces(user_ns); in clone_time_ns()
107 ns->user_ns = get_user_ns(user_ns); in clone_time_ns()
134 struct user_namespace *user_ns, struct time_namespace *old_ns) in copy_time_ns() argument
139 return clone_time_ns(user_ns, old_ns); in copy_time_ns()
252 put_user_ns(ns->user_ns); in free_time_ns()
314 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in timens_install()
315 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in timens_install()
346 return to_time_ns(ns)->user_ns; in timens_owner()
395 if (!file_ns_capable(file, time_ns->user_ns, CAP_SYS_TIME)) { in proc_timens_set_offset()
[all …]
/linux-6.15/net/bridge/
H A Dbr_ioctl.c91 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
219 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
226 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
233 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
240 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
280 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
287 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
296 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
379 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
406 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in br_ioctl_stub()
[all …]
/linux-6.15/security/keys/
H A Dproc.c66 struct user_namespace *user_ns = seq_user_ns(p); in key_serial_next() local
71 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
80 struct user_namespace *user_ns = seq_user_ns(p); in find_ge_key() local
103 if (kuid_has_mapping(user_ns, minkey->user->uid)) in find_ge_key()
252 static struct rb_node *__key_user_next(struct user_namespace *user_ns, struct rb_node *n) in __key_user_next() argument
256 if (kuid_has_mapping(user_ns, user->uid)) in __key_user_next()
263 static struct rb_node *key_user_next(struct user_namespace *user_ns, struct rb_node *n) in key_user_next() argument
265 return __key_user_next(user_ns, rb_next(n)); in key_user_next()
268 static struct rb_node *key_user_first(struct user_namespace *user_ns, struct rb_root *r) in key_user_first() argument
271 return __key_user_next(user_ns, n); in key_user_first()
H A Dprocess_keys.c45 down_write(&user_ns->keyring_sem); in get_user_register()
50 reg_keyring = user_ns->user_keyring_register; in get_user_register()
53 user_ns->owner, INVALID_GID, in get_user_register()
64 up_write(&user_ns->keyring_sem); in get_user_register()
82 uid_t uid = from_kuid(user_ns, cred->user->uid); in look_up_user_keyrings()
90 reg_keyring = get_user_register(user_ns); in look_up_user_keyrings()
94 down_write(&user_ns->keyring_sem); in look_up_user_keyrings()
158 up_write(&user_ns->keyring_sem); in look_up_user_keyrings()
176 up_write(&user_ns->keyring_sem); in look_up_user_keyrings()
205 from_kuid(cred->user_ns, in get_user_session_keyring_rcu()
[all …]
/linux-6.15/include/linux/
H A Dposix_acl_xattr.h36 struct posix_acl *posix_acl_from_xattr(struct user_namespace *user_ns,
40 posix_acl_from_xattr(struct user_namespace *user_ns, const void *value, in posix_acl_from_xattr() argument
47 int posix_acl_to_xattr(struct user_namespace *user_ns,
H A Dutsname.h26 struct user_namespace *user_ns; member
39 struct user_namespace *user_ns, struct uts_namespace *old_ns);
59 struct user_namespace *user_ns, struct uts_namespace *old_ns) in copy_utsname() argument
H A Dpid_namespace.h38 struct user_namespace *user_ns; member
82 struct user_namespace *user_ns, struct pid_namespace *ns);
101 struct user_namespace *user_ns, struct pid_namespace *ns) in copy_pid_ns() argument
H A Dipc_namespace.h75 struct user_namespace *user_ns; member
133 struct user_namespace *user_ns, struct ipc_namespace *ns);
155 struct user_namespace *user_ns, struct ipc_namespace *ns) in copy_ipcs() argument
H A Dtsacct_kern.h14 extern void bacct_add_tsk(struct user_namespace *user_ns,
18 static inline void bacct_add_tsk(struct user_namespace *user_ns, in bacct_add_tsk() argument
/linux-6.15/security/
H A Dcommoncap.c127 const struct user_namespace *cred_ns = cred->user_ns; in cap_capable()
177 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_access_check()
180 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
209 if (cred->user_ns == child_cred->user_ns && in cap_ptrace_traceme()
931 root_uid = make_kuid(new->user_ns, 0); in cap_bprm_creds_from_file()
948 !ptracer_capable(current, new->user_ns))) { in cap_bprm_creds_from_file()
950 if (!ns_capable(new->user_ns, CAP_SETUID) || in cap_bprm_creds_from_file()
1036 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_setxattr()
1080 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_removexattr()
1116 kuid_t root_uid = make_kuid(old->user_ns, 0); in cap_emulate_setxuid()
[all …]
/linux-6.15/fs/
H A Dpidfs.c251 struct user_namespace *user_ns; in pidfd_info() local
301 user_ns = current_user_ns(); in pidfd_info()
302 kinfo.ruid = from_kuid_munged(user_ns, c->uid); in pidfd_info()
303 kinfo.rgid = from_kgid_munged(user_ns, c->gid); in pidfd_info()
304 kinfo.euid = from_kuid_munged(user_ns, c->euid); in pidfd_info()
305 kinfo.egid = from_kgid_munged(user_ns, c->egid); in pidfd_info()
306 kinfo.suid = from_kuid_munged(user_ns, c->suid); in pidfd_info()
307 kinfo.sgid = from_kgid_munged(user_ns, c->sgid); in pidfd_info()
308 kinfo.fsuid = from_kuid_munged(user_ns, c->fsuid); in pidfd_info()
309 kinfo.fsgid = from_kgid_munged(user_ns, c->fsgid); in pidfd_info()
[all …]
H A Dbinfmt_misc.c183 const struct user_namespace *user_ns; in load_binfmt_misc() local
186 user_ns = current_user_ns(); in load_binfmt_misc()
187 while (user_ns) { in load_binfmt_misc()
189 misc = smp_load_acquire(&user_ns->binfmt_misc); in load_binfmt_misc()
193 user_ns = user_ns->parent; in load_binfmt_misc()
958 struct user_namespace *user_ns = sb->s_fs_info; in bm_put_super() local
961 put_user_ns(user_ns); in bm_put_super()
973 struct user_namespace *user_ns = sb->s_user_ns; in bm_fill_super() local
981 if (WARN_ON(user_ns != current_user_ns())) in bm_fill_super()
999 misc = user_ns->binfmt_misc; in bm_fill_super()
[all …]
/linux-6.15/fs/sysfs/
H A Dmount.c75 put_user_ns(fc->user_ns); in sysfs_init_fs_context()
76 fc->user_ns = get_user_ns(netns->user_ns); in sysfs_init_fs_context()
/linux-6.15/fs/proc/
H A Droot.c147 struct user_namespace *user_ns) in proc_apply_options() argument
152 fs_info->pid_gid = make_kgid(user_ns, ctx->gid); in proc_apply_options()
253 put_user_ns(fc->user_ns); in proc_init_fs_context()
254 fc->user_ns = get_user_ns(ctx->pid_ns->user_ns); in proc_init_fs_context()
/linux-6.15/net/
H A Dsysctl_net.c48 if (ns_capable_noaudit(net->user_ns, CAP_NET_ADMIN)) { in net_ctl_permissions()
63 ns_root_uid = make_kuid(net->user_ns, 0); in net_ctl_set_ownership()
67 ns_root_gid = make_kgid(net->user_ns, 0); in net_ctl_set_ownership()

12345678