Lines Matching full:capability
2 /* Common capabilities, needed by capability.o.
5 #include <linux/capability.h>
51 * cap_capable - Determine whether a task has a particular effective capability
53 * @ns: The user namespace in which we need the capability
54 * @cap: The capability to check for
57 * Determine whether the nominated task has the specified capability amongst
62 * cap_has_capability() returns 0 when a task has a capability, but the
70 /* See if cred has the capability in the target user namespace in cap_capable()
94 * If you have a capability in a parent user ns, then you have in cap_capable()
126 * If we have the ptrace capability to the target user_ns, then ptrace
163 * If parent has the ptrace capability to current's user_ns, then ptrace
190 * cap_capget - Retrieve a task's capability sets
191 * @target: The task from which to retrieve the capability sets
204 /* Derived from kernel/capability.c:sys_capget. */ in cap_capget()
221 * capability in cap_inh_is_capped()
238 * process's capability sets. The changes are made to the proposed new
292 * Returns 1 if security.capability has a value, meaning inode_killpriv()
381 if (strcmp(name, "capability") != 0) in cap_inode_getsecurity()
432 /* This comes from a parent namespace. Return as a v2 capability */ in cap_inode_getsecurity()
471 * User requested a write of security.capability. If needed, update the
525 * Calculate the new process capability sets from the capability sets attached
569 * Extract the on-exec-apply capability sets for an executable file.
646 * Attempt to get the on-exec apply capability sets for an executable file from
666 * explicit that capability bits are limited to s_user_ns and its in get_file_caps()
723 * If the legacy file capability is set, then don't set privs in handle_privileged_root()
734 * capability sets for the file. in handle_privileged_root()
956 /* security.capability gets namespaced */ in cap_inode_removexattr()
1138 * Implement PR_CAPBSET_DROP. Attempt to remove the specified capability from
1201 * capability-based-privilege environment. in cap_task_prctl()
1319 * capability security module. Returns 0 if this mapping should be allowed
1368 "capability"); in capability_init()
1372 DEFINE_LSM(capability) = {
1373 .name = "capability",