Home
last modified time | relevance | path

Searched full:privilege (Results 1 – 25 of 350) sorted by relevance

12345678910>>...14

/freebsd/share/man/man9/
H A Dpriv.934 .Nd kernel privilege checking API
51 privilege checking interface.
55 The caller identifies the desired privilege via the
58 .Ss Privilege Policies
60 the superuser policy, which grants privilege based on the effective (or
69 When adding a new privilege check to a code path, first check the complete
72 to see if one already exists for the class of privilege required.
73 Only if there is not an exact match should a new privilege be added to the
74 privilege list.
75 As privilege numbers becomes encoded in the kernel module ABI, privilege
[all …]
H A Dvaccess_acl_nfs4.966 privilege was required for successful evaluation of the call; the
71 privilege information, or it may point to an integer that will be set to
72 1 if privilege is used, and 0 otherwise.
100 then super-user privilege, if available for the credential, will also be
H A Dvaccess_acl_posix1e.966 privilege was required for successful evaluation of the call; the
71 privilege information, or it may point to an integer that will be set to
72 1 if privilege is used, and 0 otherwise.
99 then super-user privilege, if available for the credential, will also be
H A Dvm_map_check_protection.945 allows the specified privilege
60 function returns TRUE if the privilege is allowed; if it is not allowed,
/freebsd/sys/contrib/device-tree/Bindings/powerpc/
H A Dibm,powerpc-cpu-features.txt13 enablement, privilege, and compatibility metadata.
94 - usable-privilege
104 This property describes the privilege levels and/or software components
118 This property describes the HV privilege support required to enable the
119 feature to lesser privilege levels. If the property does not exist then no
137 This property describes the OS privilege support required to enable the
138 feature to lesser privilege levels. If the property does not exist then no
179 This property may exist when the usable-privilege property value has PR bit set.
213 usable-privilege = <1 | 2 | 4>;
219 usable-privilege = <1 | 2>;
[all …]
/freebsd/sys/kern/
H A Dkern_priv.c51 * it is nonzero, an effective uid of 0 connotes special privilege,
53 * uid 0 is offered no special privilege in the kernel security policy.
83 &sysctl_kern_suser_enabled, "I", "Processes with uid 0 have privilege");
119 * privilege. in priv_check_cred_post()
130 * with a privilege error here. in priv_check_cred_post()
144 * Check a credential for privilege. Lots of good reasons to deny privilege;
152 KASSERT(PRIV_VALID(priv), ("priv_check_cred: invalid privilege %d", in priv_check_cred()
164 * privilege unilaterally. in priv_check_cred()
203 * Having determined if privilege is restricted by various policies, in priv_check_cred()
204 * now determine if privilege is granted. At this point, any policy in priv_check_cred()
[all …]
H A Dsubr_acl_posix1e.c136 * XXXRW: Do privilege lookup here. in vaccess_acl_posix1e()
210 * XXXRW: Do privilege lookup here. in vaccess_acl_posix1e()
224 * know if we should try again with any available privilege, or if we in vaccess_acl_posix1e()
274 * DAC. Try again, this time with privilege. in vaccess_acl_posix1e()
291 * XXXRW: Do privilege lookup here. in vaccess_acl_posix1e()
313 * XXXRW: Do privilege lookup here. in vaccess_acl_posix1e()
326 * Even with privilege, group membership was not sufficient. in vaccess_acl_posix1e()
346 * XXXRW: Do privilege lookup here. in vaccess_acl_posix1e()
/freebsd/sys/sys/
H A Dpriv.h33 * Privilege checking interface for BSD kernel.
39 * Privilege list, sorted loosely by kernel subsystem.
42 * there existing instances referring to the same privilege? Third party
44 * modules. Particular numeric privilege assignments are part of the
48 * When adding a new privilege, remember to determine if it's appropriate
49 * for use in jail, and update the privilege switch in prison_priv_check()
54 * Track beginning of privilege list.
60 * number of specific privilege checks, and have (relatively) precise
77 #define PRIV_DRIVER 14 /* Low-level driver privilege. */
154 #define PRIV_MAC_PARTITION 140 /* Privilege in mac_partition policy. */
[all …]
/freebsd/sys/security/mac/
H A Dmac_priv.c52 * The MAC Framework interacts with kernel privilege checks in two ways: it
53 * may restrict the granting of privilege to a subject, and it may grant
55 * or both of these entry points. Restriction of privilege by any policy
56 * always overrides granting of privilege by any policy or other privilege
64 * Restrict access to a privilege for a credential. Return failure if any
81 * Grant access to a privilege for a credential. Return success if any
/freebsd/crypto/heimdal/lib/kadm5/
H A Dkadm5_err.et12 error_code AUTH_GET, "Operation requires `get' privilege"
13 error_code AUTH_ADD, "Operation requires `add' privilege"
14 error_code AUTH_MODIFY, "Operation requires `modify' privilege"
15 error_code AUTH_DELETE, "Operation requires `delete' privilege"
55 error_code AUTH_LIST, "Operation requires `list' privilege"
56 error_code AUTH_CHANGEPW, "Operation requires `change-password' privilege"
/freebsd/crypto/openssh/
H A DREADME.privsep1 Privilege separation, or privsep, is method in OpenSSH by which
2 operations that require root privilege are performed by a separate
3 privileged monitor process. Its purpose is to prevent privilege
8 Privilege separation is now mandatory. During the pre-authentication
28 --with-privsep-path=xxx Path for privilege separation chroot
29 --with-privsep-user=user Specify non-privileged user for privilege separation
/freebsd/sys/dev/sfxge/common/
H A Def10_mcdi.c290 * Use privilege mask state at MCDI attach. in ef10_mcdi_feature_supported()
296 * Admin privilege must be used prior to introduction of in ef10_mcdi_feature_supported()
304 * Admin privilege used prior to introduction of in ef10_mcdi_feature_supported()
313 * Admin privilege must be used prior to introduction of in ef10_mcdi_feature_supported()
314 * mac spoofing privilege (at v4.6), which is used up to in ef10_mcdi_feature_supported()
315 * introduction of change mac spoofing privilege (at v4.7) in ef10_mcdi_feature_supported()
324 * Admin privilege must be used prior to introduction of in ef10_mcdi_feature_supported()
325 * mac spoofing privilege (at v4.6), which is used up to in ef10_mcdi_feature_supported()
326 * introduction of mac spoofing TX privilege (at v4.7) in ef10_mcdi_feature_supported()
/freebsd/sys/contrib/device-tree/src/powerpc/
H A Dmicrowatt.dts44 usable-privilege = <2>;
49 usable-privilege = <3>;
55 usable-privilege = <2>;
60 usable-privilege = <3>;
65 usable-privilege = <2>;
71 usable-privilege = <3>;
/freebsd/sys/cddl/dev/dtrace/
H A Ddtrace_cddl.h154 * Test privilege. Audit success or failure, allow privilege debugging.
161 * Test privilege. Audit success only, no privilege debugging.
168 * Test privilege. No priv_debugging, no auditing.
/freebsd/sys/contrib/device-tree/Bindings/interrupt-controller/
H A Driscv,imsics.yaml18 for each privilege level (machine or supervisor). The configuration of
22 which is same for given privilege level across CPUs (or HARTs).
25 for each privilege level (machine or supervisor) which collectively describe
26 IMSIC interrupt files at that privilege level across CPUs (or HARTs).
33 privilege level (machine or supervisor) encodes group index, HART index,
/freebsd/tests/sys/cddl/zfs/tests/acl/cifs/
H A Dcifs_attr_001_pos.ksh38 # PRIV_FILE_OWNER privilege could set/clear DOS attributes.
45 # PRIV_FILE_OWNER privilege
207 # PRIV_FILE_OWNER privilege, it should log_must,
220 "write_attributes permission or PRIV_FILE_OWNER privilege"
257 "write_attributes permission or PRIV_FILE_OWNER privilege"
/freebsd/tools/regression/priv/
H A Dpriv_sched_rtprio.c32 * Test privilege associated with real time process settings. There are
33 * three relevant notions of privilege:
35 * - Privilege to set the real-time priority of the current process.
36 * - Privilege to set the real-time priority of another process.
37 * - Privilege to set the idle priority of another process.
38 * - No privilege to set the idle priority of the current process.
H A Dpriv_vfs_chown.c32 * Confirm that privilege is required in the cases using chown():
56 * Check that changing the uid of a file requires privilege.
86 * privilege as long as the gid matches the process.
120 * without privilege if the gid doesn't match the process.
H A Dpriv_proc_setrlimit.c33 * requires privilege. We test three cases:
81 * privilege.
108 * without privilege.
136 * privilege.
/freebsd/contrib/wpa/wpa_supplicant/doc/docbook/
H A Dwpa_priv.sgml15 <refpurpose>wpa_supplicant privilege separation helper</refpurpose>
31 <para><command>wpa_priv</command> is a privilege separation helper that
38 can be run as non-root user. Privilege separation restricts the effects
58 <command>wpa_supplicant</command> with privilege separation:</para>
/freebsd/sys/i386/include/
H A Dtss.h44 int tss_esp0; /* kernel stack pointer privilege level 0 */
46 int tss_esp1; /* kernel stack pointer privilege level 1 */
48 int tss_esp2; /* kernel stack pointer privilege level 2 */
/freebsd/sys/contrib/openzfs/tests/runfiles/
H A Dsunos.run38 [tests/functional/privilege]
40 tags = ['functional', 'privilege']
/freebsd/contrib/llvm-project/clang/lib/StaticAnalyzer/Checkers/
H A DSetgidSetuidOrderChecker.cpp1 //===-- SetgidSetuidOrderChecker.cpp - check privilege revocation calls ---===//
9 // This file defines a checker to detect possible reversed order of privilege
32 const BugType BT{this, "Possible wrong order of privilege revocation"};
67 /// followed by other different privilege-change functions.
/freebsd/contrib/llvm-project/llvm/lib/Target/LoongArch/
H A DLoongArch.td19 "LA64 Basic Integer and Privilege Instruction Set">;
22 "LA32 Basic Integer and Privilege Instruction Set">;
26 "LA64 Basic Integer and Privilege Instruction Set">;
30 "LA32 Basic Integer and Privilege Instruction Set">;
/freebsd/lib/libpmc/
H A Dpmc_disable.348 privilege to perform these operations.
88 The current process lacks sufficient privilege to perform this

12345678910>>...14