policy.c - OpenGrok cross reference for /freebsd-src/sys/contrib/openzfs/module/os/linux/zfs/policy.c

Lines Matching defs:cr
45 priv_policy_ns(const cred_t *cr, int capability, int err,
48 	if (cr != CRED() && (cr != kcred))
62 priv_policy(const cred_t *cr, int capability, int err)
64 	return (priv_policy_ns(cr, capability, err, cr->user_ns));
68 priv_policy_user(const cred_t *cr, int capability, int err)
77 	return (priv_policy_ns(cr, capability, err, cr->user_ns));
79 	return (priv_policy_ns(cr, capability, err, NULL));
88 secpolicy_nfs(const cred_t *cr)
90 	return (priv_policy(cr, CAP_SYS_ADMIN, EPERM));
97 secpolicy_sys_config(const cred_t *cr, boolean_t checkonly)
99 	return (priv_policy(cr, CAP_SYS_ADMIN, EPERM));
109 secpolicy_vnode_access2(const cred_t *cr, struct inode *ip, uid_t owner,
122 secpolicy_vnode_any_access(const cred_t *cr, struct inode *ip, uid_t owner)
124 	if (crgetuid(cr) == owner)
131 	if (!kuid_has_mapping(cr->user_ns, SUID_TO_KUID(owner)))
135 	if (priv_policy_user(cr, CAP_DAC_OVERRIDE, EPERM) == 0)
138 	if (priv_policy_user(cr, CAP_DAC_READ_SEARCH, EPERM) == 0)
148 secpolicy_vnode_chown(const cred_t *cr, uid_t owner)
150 	if (crgetuid(cr) == owner)
154 	if (!kuid_has_mapping(cr->user_ns, SUID_TO_KUID(owner)))
158 	return (priv_policy_user(cr, CAP_FOWNER, EPERM));
165 secpolicy_vnode_create_gid(const cred_t *cr)
167 	return (priv_policy(cr, CAP_SETGID, EPERM));
175 secpolicy_vnode_remove(const cred_t *cr)
177 	return (priv_policy(cr, CAP_FOWNER, EPERM));
185 secpolicy_vnode_setdac(const cred_t *cr, uid_t owner)
187 	if (crgetuid(cr) == owner)
191 	if (!kuid_has_mapping(cr->user_ns, SUID_TO_KUID(owner)))
195 	return (priv_policy_user(cr, CAP_FOWNER, EPERM));
207 secpolicy_vnode_setid_retain(struct znode *zp __maybe_unused, const cred_t *cr,
210 	return (priv_policy_user(cr, CAP_FSETID, EPERM));
217 secpolicy_vnode_setids_setgids(const cred_t *cr, gid_t gid, zidmap_t *mnt_ns,
222 	if (!kgid_has_mapping(cr->user_ns, SGID_TO_KGID(gid)))
225 	if (crgetgid(cr) != gid && !groupmember(gid, cr))
226 		return (priv_policy_user(cr, CAP_FSETID, EPERM));
236 secpolicy_zinject(const cred_t *cr)
238 	return (priv_policy(cr, CAP_SYS_ADMIN, EACCES));
246 secpolicy_zfs(const cred_t *cr)
248 	return (priv_policy(cr, CAP_SYS_ADMIN, EACCES));
257 secpolicy_zfs_proc(const cred_t *cr, proc_t *proc)
265 secpolicy_setid_clear(vattr_t *vap, cred_t *cr)
268 	    secpolicy_vnode_setid_retain(NULL, cr,
280 secpolicy_vnode_setid_modify(const cred_t *cr, uid_t owner, zidmap_t *mnt_ns,
285 	if (crgetuid(cr) == owner)
289 	if (!kuid_has_mapping(cr->user_ns, SUID_TO_KUID(owner)))
293 	return (priv_policy_user(cr, CAP_FSETID, EPERM));
302 secpolicy_vnode_stky_modify(const cred_t *cr)
309     const vattr_t *ovap, cred_t *cr, zidmap_t *mnt_ns,
315 	    (error = secpolicy_vnode_setid_modify(cr,
325 	    secpolicy_vnode_stky_modify(cr) != 0) {
334 	    secpolicy_vnode_setids_setgids(cr, ovap->va_gid,
346 secpolicy_xvattr(xvattr_t *xvap, uid_t owner, cred_t *cr, mode_t type)
348 	return (secpolicy_vnode_chown(cr, owner));
357 secpolicy_vnode_setattr(cred_t *cr, struct inode *ip, struct vattr *vap,
370 secpolicy_basic_link(const cred_t *cr)