60 suser_enabled(struct ucred *cred)  in suser_enabled()  argument
63 	return (prison_allow(cred, PR_ALLOW_SUSER));  in suser_enabled()
69 	struct ucred *cred;  in sysctl_kern_suser_enabled()  local
72 	cred = req->td->td_ucred;  in sysctl_kern_suser_enabled()
73 	enabled = suser_enabled(cred);  in sysctl_kern_suser_enabled()
77 	prison_set_allow(cred, PR_ALLOW_SUSER, enabled);  in sysctl_kern_suser_enabled()
99 priv_check_cred_pre(struct ucred *cred, int priv)  in priv_check_cred_pre()  argument
104 	error = mac_priv_check(cred, priv);  in priv_check_cred_pre()
112 priv_check_cred_post(struct ucred *cred, int priv, int error, bool handled)  in priv_check_cred_post()  argument
122 	if (mac_priv_grant(cred, priv) == 0) {  in priv_check_cred_post()
148 priv_check_cred(struct ucred *cred, int priv)  in priv_check_cred()  argument
157 		return (priv_check_cred_vfs_lookup(cred));  in priv_check_cred()
159 		return (priv_check_cred_vfs_generation(cred));  in priv_check_cred()
166 	error = priv_check_cred_pre(cred, priv);  in priv_check_cred()
174 	error = prison_priv_check(cred, priv);  in priv_check_cred()
213 	if (suser_enabled(cred)) {  in priv_check_cred()
218 			if (cred->cr_ruid == 0) {  in priv_check_cred()
228 			if (jailed(cred))  in priv_check_cred()
232 			if (cred->cr_uid == 0) {  in priv_check_cred()
258 		if (prison_allow(cred, PR_ALLOW_UNPRIV_DEBUG)) {  in priv_check_cred()
264 	return (priv_check_cred_post(cred, priv, error, false));  in priv_check_cred()
266 	return (priv_check_cred_post(cred, priv, error, true));  in priv_check_cred()
279 priv_check_cred_vfs_lookup_slow(struct ucred *cred)  in priv_check_cred_vfs_lookup_slow()  argument
283 	error = priv_check_cred_pre(cred, PRIV_VFS_LOOKUP);  in priv_check_cred_vfs_lookup_slow()
287 	if (cred->cr_uid == 0 && suser_enabled(cred)) {  in priv_check_cred_vfs_lookup_slow()
292 	return (priv_check_cred_post(cred, PRIV_VFS_LOOKUP, error, false));  in priv_check_cred_vfs_lookup_slow()
294 	return (priv_check_cred_post(cred, PRIV_VFS_LOOKUP, error, true));  in priv_check_cred_vfs_lookup_slow()
299 priv_check_cred_vfs_lookup(struct ucred *cred)  in priv_check_cred_vfs_lookup()  argument
305 		return (priv_check_cred_vfs_lookup_slow(cred));  in priv_check_cred_vfs_lookup()
308 	if (cred->cr_uid == 0 && suser_enabled(cred))  in priv_check_cred_vfs_lookup()
314 priv_check_cred_vfs_lookup_nomac(struct ucred *cred)  in priv_check_cred_vfs_lookup_nomac()  argument
323 	if (cred->cr_uid == 0 && suser_enabled(cred))  in priv_check_cred_vfs_lookup_nomac()
329 priv_check_cred_vfs_generation_slow(struct ucred *cred)  in priv_check_cred_vfs_generation_slow()  argument
333 	error = priv_check_cred_pre(cred, PRIV_VFS_GENERATION);  in priv_check_cred_vfs_generation_slow()
337 	if (jailed(cred)) {  in priv_check_cred_vfs_generation_slow()
342 	if (cred->cr_uid == 0 && suser_enabled(cred)) {  in priv_check_cred_vfs_generation_slow()
347 	return (priv_check_cred_post(cred, PRIV_VFS_GENERATION, error, false));  in priv_check_cred_vfs_generation_slow()
349 	return (priv_check_cred_post(cred, PRIV_VFS_GENERATION, error, true));  in priv_check_cred_vfs_generation_slow()
354 priv_check_cred_vfs_generation(struct ucred *cred)  in priv_check_cred_vfs_generation()  argument
360 		return (priv_check_cred_vfs_generation_slow(cred));  in priv_check_cred_vfs_generation()
363 	if (!jailed(cred) && cred->cr_uid == 0 && suser_enabled(cred))  in priv_check_cred_vfs_generation()