| /linux/net/netfilter/ |
| H A D | xt_owner.c | 90 if ((uid_gte(filp->f_cred->fsuid, uid_min) && in owner_mt()
91 uid_lte(filp->f_cred->fsuid, uid_max)) ^ in owner_mt()
102 struct group_info *gi = filp->f_cred->group_info; in owner_mt()
104 if (gid_gte(filp->f_cred->fsgid, gid_min) && in owner_mt()
105 gid_lte(filp->f_cred->fsgid, gid_max)) in owner_mt()
|
| H A D | nft_meta.c | 150 sock->file->f_cred->fsuid); in nft_meta_get_eval_skugid()
154 sock->file->f_cred->fsgid); in nft_meta_get_eval_skugid()
|
| /linux/Documentation/translations/zh_CN/security/ |
| H A D | credentials.rst | 459 ``f_cred`` 字段中,替代原来的 ``f_uid`` 和 ``f_gid`` 。原来访问
460 ``file->f_uid`` 和 ``file->f_gid`` 的代码现在应访问 ``file->f_cred->fsuid``
461 和 ``file->f_cred->fsgid`` 。
463 安全访问 ``f_cred`` 的情况下可以不使用RCU或加锁,因为指向凭据的指针
|
| /linux/security/safesetid/ |
| H A D | securityfs.c | 54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
|
| /linux/include/rdma/ |
| H A D | ib.h | 78 return filp->f_cred == current_cred(); in ib_safe_file_access()
|
| /linux/fs/ |
| H A D | file_table.c | 74 put_cred(f->f_cred); in file_free()
158 f->f_cred = get_cred(cred); in init_file()
161 put_cred(f->f_cred); in init_file()
|
| /linux/kernel/ |
| H A D | acct.c | 526 ac->ac_uid = from_kuid_munged(file->f_cred->user_ns, current_uid()); in fill_ac()
527 ac->ac_gid = from_kgid_munged(file->f_cred->user_ns, current_gid()); in fill_ac()
551 cred = override_creds(file->f_cred); in acct_write_process()
|
| H A D | capability.c | 440 if (security_capable(file->f_cred, ns, cap, CAP_OPT_NONE) == 0) in file_ns_capable()
|
| H A D | user_namespace.c | 893 const struct user_namespace *file_ns = file->f_cred->user_ns; in verify_root_map()
1174 const struct cred *cred = file->f_cred; in new_idmap_permitted()
|
| /linux/kernel/module/ |
| H A D | procfs.c | 133 m->private = kallsyms_show_value(file->f_cred) ? NULL : (void *)8ul; in modules_open()
|
| H A D | sysfs.c | 47 kallsyms_show_value(file->f_cred) in module_sect_read()
|
| /linux/fs/efivarfs/ |
| H A D | file.c | 89 while (!__ratelimit(&file->f_cred->user->ratelimit)) in efivarfs_file_read()
|
| /linux/rust/kernel/fs/ |
| H A D | file.rs | 316 // SAFETY: It's okay to read the `f_cred` field without synchronization because `f_cred` is in cred()
318 let ptr = unsafe { (*self.as_ptr()).f_cred }; in cred()
|
| /linux/security/landlock/ |
| H A D | task.c | 242 dom_other = landlock_cred(other->sk_socket->file->f_cred)->domain; in sock_is_scoped()
|
| H A D | fs.c | 1622 landlock_get_applicable_subject(file->f_cred, any_fs, NULL); in hook_file_open()
1706 landlock_log_denial(landlock_cred(file->f_cred), &(struct landlock_request) { in hook_file_truncate()
1742 landlock_log_denial(landlock_cred(file->f_cred), &(struct landlock_request) { in hook_file_ioctl_common()
|
| /linux/fs/erofs/ |
| H A D | fileio.c | 64 old_cred = override_creds(rq->iocb.ki_filp->f_cred); in erofs_fileio_rq_submit()
|
| /linux/net/sched/ |
| H A D | cls_flow.c | 208 kuid_t skuid = sk->sk_socket->file->f_cred->fsuid; in flow_get_skuid()
220 kgid_t skgid = sk->sk_socket->file->f_cred->fsgid; in flow_get_skgid()
|
| /linux/security/keys/ |
| H A D | proc.c | 167 .cred = m->file->f_cred, in proc_keys_show()
|
| /linux/include/linux/ |
| H A D | seq_file.h | 252 return seq->file->f_cred->user_ns; in seq_user_ns()
|
| /linux/fs/ecryptfs/ |
| H A D | messaging.c | 109 if (uid_eq((*daemon)->file->f_cred->euid, current_euid())) { in ecryptfs_find_daemon_by_euid()
|
| /linux/fs/nfs/ |
| H A D | localio.c | 451 save_cred = override_creds(filp->f_cred); in nfs_local_call_read()
644 save_cred = override_creds(filp->f_cred); in nfs_local_call_write()
|
| /linux/Documentation/security/ |
| H A D | credentials.rst | 535 credentials and this is attached to the file struct as ``f_cred`` in place of
537 ``file->f_gid`` should now access ``file->f_cred->fsuid`` and
538 ``file->f_cred->fsgid``.
540 It is safe to access ``f_cred`` without the use of RCU or locking because the
|
| /linux/fs/fuse/ |
| H A D | cuse.c | 513 * be represented in file->f_cred->user_ns. in cuse_channel_open()
515 fuse_conn_init(&cc->fc, &cc->fm, file->f_cred->user_ns, in cuse_channel_open()
|
| /linux/fs/nfsd/ |
| H A D | nfsctl.c | 414 rv = nfsd_svc(1, &newthreads, net, file->f_cred, NULL); in write_threads()
786 return __write_ports_addfd(buf, net, file->f_cred); in __write_ports()
789 return __write_ports_addxprt(buf, net, file->f_cred); in __write_ports()
|
| /linux/fs/orangefs/ |
| H A D | devorangefs-req.c | 126 if (file->f_cred->user_ns != &init_user_ns) { in orangefs_devreq_open()
|