| /linux/net/netfilter/ |
| H A D | xt_owner.c | 90 if ((uid_gte(filp->f_cred->fsuid, uid_min) && in owner_mt()
91 uid_lte(filp->f_cred->fsuid, uid_max)) ^ in owner_mt()
102 struct group_info *gi = filp->f_cred->group_info; in owner_mt()
104 if (gid_gte(filp->f_cred->fsgid, gid_min) && in owner_mt()
105 gid_lte(filp->f_cred->fsgid, gid_max)) in owner_mt()
|
| H A D | nft_meta.c | 150 sock->file->f_cred->fsuid); in nft_meta_get_eval_skugid()
154 sock->file->f_cred->fsgid); in nft_meta_get_eval_skugid()
|
| /linux/Documentation/translations/zh_CN/security/ |
| H A D | credentials.rst | 459 ``f_cred`` 字段中,替代原来的 ``f_uid`` 和 ``f_gid`` 。原来访问
460 ``file->f_uid`` 和 ``file->f_gid`` 的代码现在应访问 ``file->f_cred->fsuid``
461 和 ``file->f_cred->fsgid`` 。
463 安全访问 ``f_cred`` 的情况下可以不使用RCU或加锁,因为指向凭据的指针
|
| /linux/security/safesetid/ |
| H A D | securityfs.c | 54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
|
| /linux/fs/ |
| H A D | file_table.c | 74 put_cred(f->f_cred); in file_free()
158 f->f_cred = get_cred(cred); in init_file()
161 put_cred(f->f_cred); in init_file()
|
| /linux/include/rdma/ |
| H A D | ib.h | 78 return filp->f_cred == current_cred(); in ib_safe_file_access()
|
| /linux/kernel/ |
| H A D | acct.c | 502 ac->ac_uid = from_kuid_munged(file->f_cred->user_ns, current_uid()); in fill_ac()
503 ac->ac_gid = from_kgid_munged(file->f_cred->user_ns, current_gid()); in fill_ac()
526 scoped_with_creds(file->f_cred) { in acct_write_process()
|
| H A D | user_namespace.c | 896 const struct user_namespace *file_ns = file->f_cred->user_ns; in verify_root_map()
1177 const struct cred *cred = file->f_cred; in new_idmap_permitted()
|
| H A D | kallsyms.c | 864 iter->show_value = kallsyms_show_value(file->f_cred); in kallsyms_open()
|
| /linux/kernel/module/ |
| H A D | procfs.c | 133 m->private = kallsyms_show_value(file->f_cred) ? NULL : (void *)8ul; in modules_open()
|
| H A D | sysfs.c | 47 kallsyms_show_value(file->f_cred) in module_sect_read()
|
| /linux/fs/efivarfs/ |
| H A D | file.c | 89 while (!__ratelimit(&file->f_cred->user->ratelimit)) in efivarfs_file_read()
|
| /linux/security/landlock/ |
| H A D | task.c | 242 dom_other = landlock_cred(other->sk_socket->file->f_cred)->domain; in hook_unix_may_send()
|
| H A D | fs.c | 1639 landlock_get_applicable_subject(file->f_cred, any_fs, NULL); in hook_file_open()
1723 landlock_log_denial(landlock_cred(file->f_cred), &(struct landlock_request) { in hook_file_truncate()
1759 landlock_log_denial(landlock_cred(file->f_cred), &(struct landlock_request) { in hook_file_ioctl_common()
|
| /linux/rust/kernel/fs/ |
| H A D | file.rs | 325 let ptr = unsafe { (*self.as_ptr()).f_cred }; in cred()
|
| /linux/net/sched/ |
| H A D | cls_flow.c | 208 kuid_t skuid = sk->sk_socket->file->f_cred->fsuid; in flow_get_skuid()
220 kgid_t skgid = sk->sk_socket->file->f_cred->fsgid; in flow_get_skgid()
|
| /linux/fs/ecryptfs/ |
| H A D | messaging.c | 109 if (uid_eq((*daemon)->file->f_cred->euid, current_euid())) { in ecryptfs_find_daemon_by_euid()
|
| /linux/security/keys/ |
| H A D | proc.c | 167 .cred = m->file->f_cred, in proc_keys_show()
|
| /linux/Documentation/security/ |
| H A D | credentials.rst | 535 credentials and this is attached to the file struct as ``f_cred`` in place of
537 ``file->f_gid`` should now access ``file->f_cred->fsuid`` and
538 ``file->f_cred->fsgid``.
540 It is safe to access ``f_cred`` without the use of RCU or locking because the
|
| /linux/fs/coda/ |
| H A D | file.c | 272 coda_flags, coda_file->f_cred->fsuid); in coda_release()
|
| /linux/fs/nfs/ |
| H A D | localio.c | 637 scoped_with_creds(filp->f_cred) in nfs_local_call_read()
843 scoped_with_creds(filp->f_cred) in nfs_local_call_write()
|
| /linux/fs/autofs/ |
| H A D | waitq.c | 138 struct user_namespace *user_ns = sbi->pipe->f_cred->user_ns; in autofs_notify_daemon()
|
| /linux/fs/fuse/ |
| H A D | cuse.c | 516 fuse_conn_init(&cc->fc, &cc->fm, file->f_cred->user_ns, in cuse_channel_open()
|
| /linux/fs/nfsd/ |
| H A D | nfsctl.c | 421 rv = nfsd_svc(1, &newthreads, net, file->f_cred, NULL); in write_threads()
793 return __write_ports_addfd(buf, net, file->f_cred); in __write_ports()
796 return __write_ports_addxprt(buf, net, file->f_cred); in __write_ports()
|
| /linux/fs/orangefs/ |
| H A D | devorangefs-req.c | 126 if (file->f_cred->user_ns != &init_user_ns) { in orangefs_devreq_open()
|