1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #undef TRACE_SYSTEM 3 #define TRACE_SYSTEM capability 4 5 #if !defined(_TRACE_CAPABILITY_H) || defined(TRACE_HEADER_MULTI_READ) 6 #define _TRACE_CAPABILITY_H 7 8 #include <linux/cred.h> 9 #include <linux/tracepoint.h> 10 #include <linux/user_namespace.h> 11 12 /** 13 * cap_capable - called after it's determined if a task has a particular 14 * effective capability 15 * 16 * @cred: The credentials used 17 * @target_ns: The user namespace of the resource being accessed 18 * @capable_ns: The user namespace in which the credential provides the 19 * capability to access the targeted resource. 20 * This will be NULL if ret is not 0. 21 * @cap: The capability to check for 22 * @ret: The return value of the check: 0 if it does, -ve if it does not 23 * 24 * Allows to trace calls to cap_capable in commoncap.c 25 */ 26 TRACE_EVENT(cap_capable, 27 28 TP_PROTO(const struct cred *cred, struct user_namespace *target_ns, 29 const struct user_namespace *capable_ns, int cap, int ret), 30 31 TP_ARGS(cred, target_ns, capable_ns, cap, ret), 32 33 TP_STRUCT__entry( 34 __field(const struct cred *, cred) 35 __field(struct user_namespace *, target_ns) 36 __field(const struct user_namespace *, capable_ns) 37 __field(int, cap) 38 __field(int, ret) 39 ), 40 41 TP_fast_assign( 42 __entry->cred = cred; 43 __entry->target_ns = target_ns; 44 __entry->capable_ns = ret == 0 ? capable_ns : NULL; 45 __entry->cap = cap; 46 __entry->ret = ret; 47 ), 48 49 TP_printk("cred %p, target_ns %p, capable_ns %p, cap %d, ret %d", 50 __entry->cred, __entry->target_ns, __entry->capable_ns, __entry->cap, 51 __entry->ret) 52 ); 53 54 #endif /* _TRACE_CAPABILITY_H */ 55 56 /* This part must be outside protection */ 57 #include <trace/define_trace.h> 58