Home
last modified time | relevance | path

Searched refs:ns_capable (Results 1 – 25 of 90) sorted by relevance

1234

/linux/net/bridge/
A Dbr_ioctl.c90 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in add_del_if()
199 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
206 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
213 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
220 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
260 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
267 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
276 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
290 if (!ns_capable(dev_net(dev)->user_ns, CAP_NET_ADMIN)) in br_dev_siocdevprivate()
353 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in old_deviceless()
[all …]
/linux/include/linux/
A Dcapability.h211 extern bool ns_capable(struct user_namespace *ns, int cap);
237 static inline bool ns_capable(struct user_namespace *ns, int cap) in ns_capable() function
269 return ns_capable(ns, CAP_CHECKPOINT_RESTORE) || in checkpoint_restore_ns_capable()
270 ns_capable(ns, CAP_SYS_ADMIN); in checkpoint_restore_ns_capable()
/linux/kernel/cgroup/
A Dnamespace.c66 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_cgroup_ns()
103 if (!ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN) || in cgroupns_install()
104 !ns_capable(cgroup_ns->user_ns, CAP_SYS_ADMIN)) in cgroupns_install()
/linux/kernel/
A Dcapability.c394 bool ns_capable(struct user_namespace *ns, int cap) in ns_capable() function
398 EXPORT_SYMBOL(ns_capable);
449 return ns_capable(&init_user_ns, cap); in capable()
509 return ns_capable(ns, cap) && in capable_wrt_inode_uidgid()
A Dutsname.c145 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in utsns_install()
146 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in utsns_install()
A Dpid_namespace.c381 if (!ns_capable(new->user_ns, CAP_SYS_ADMIN) || in pidns_install()
382 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in pidns_install()
A Dnsproxy.c164 } else if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in copy_namespaces()
223 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in unshare_nsproxy_namespaces()
/linux/net/8021q/
A Dvlan.c577 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
587 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
596 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
605 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
620 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
627 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in vlan_ioctl_handler()
/linux/security/
A Dcommoncap.c149 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
557 if (ns_capable(inode->i_sb->s_user_ns, CAP_SETFCAP)) in cap_convert_nscap()
923 if (!ns_capable(new->user_ns, CAP_SETUID) || in cap_bprm_creds_from_file()
1009 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_setxattr()
1053 if (!ns_capable(user_ns, CAP_SYS_ADMIN)) in cap_inode_removexattr()
1182 if (!is_subset && !ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE)) in cap_safe_nice()
1241 if (!ns_capable(current_user_ns(), CAP_SETPCAP)) in cap_prctl_drop()
/linux/ipc/
A Dnamespace.c204 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in ipcns_install()
205 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in ipcns_install()
A Dutil.c568 !ns_capable(ns->user_ns, CAP_IPC_OWNER)) in ipcperms()
743 ns_capable(ns->user_ns, CAP_SYS_ADMIN)) in ipcctl_obtain_check()
/linux/fs/
A Dfsopen.c122 if (!ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN)) in SYSCALL_DEFINE2()
165 if (!ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN)) in SYSCALL_DEFINE3()
249 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) { in vfs_fsconfig_locked()
A Dattr.c43 ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN)) in chown_ok()
70 ns_capable(inode->i_sb->s_user_ns, CAP_CHOWN)) in chgrp_ok()
A Dinit.c71 if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT)) in init_chroot()
A Dioctl.c394 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) in ioctl_fsfreeze()
411 if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN)) in ioctl_fsthaw()
/linux/net/core/
A Dscm.c55 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && in scm_check_creds()
57 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
59 gid_eq(gid, cred->sgid)) || ns_capable(cred->user_ns, CAP_SETGID))) { in scm_check_creds()
A Ddev_ioctl.c536 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
578 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in dev_ioctl()
A Dsock_diag.c299 if (!ns_capable(sock_net(sk)->user_ns, CAP_NET_ADMIN)) in sock_diag_destroy()
/linux/security/yama/
A Dyama_lsm.c371 !ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
377 if (!ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
/linux/net/ipv4/
A Dip_options.c409 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
444 if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) { in __ip_options_compile()
457 if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) { in __ip_options_compile()
/linux/kernel/time/
A Dnamespace.c294 if (!ns_capable(ns->user_ns, CAP_SYS_ADMIN) || in timens_install()
295 !ns_capable(nsset->cred->user_ns, CAP_SYS_ADMIN)) in timens_install()
/linux/net/ieee802154/
A Dsocket.c897 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
898 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
921 if (!ns_capable(net->user_ns, CAP_NET_ADMIN) && in dgram_setsockopt()
922 !ns_capable(net->user_ns, CAP_NET_RAW)) { in dgram_setsockopt()
/linux/security/keys/
A Dpersistent.c149 !ns_capable(ns, CAP_SETUID)) in keyctl_get_persistent()
/linux/net/ipv6/
A Dipv6_sockglue.c330 if (optname != IPV6_RTHDR && !ns_capable(net->user_ns, CAP_NET_RAW)) in ipv6_set_opt_hdr()
628 if (valbool && !ns_capable(net->user_ns, CAP_NET_RAW) && in do_ipv6_setsockopt()
629 !ns_capable(net->user_ns, CAP_NET_ADMIN)) { in do_ipv6_setsockopt()
940 if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) in do_ipv6_setsockopt()
A Ddatagram.c870 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
890 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()
915 if (!ns_capable(net->user_ns, CAP_NET_RAW)) { in ip6_datagram_send_ctl()

Completed in 37 milliseconds

1234