2 /* Common capabilities, needed by capability.o.
5 #include <linux/capability.h>
53  * cap_capable - Determine whether a task has a particular effective capability
55  * @targ_ns:  The user namespace in which we need the capability
56  * @cap: The capability to check for
59  * Determine whether the nominated task has the specified capability amongst
64  * cap_has_capability() returns 0 when a task has a capability, but the
72 	/* See if cred has the capability in the target user namespace
96 		 * If you have a capability in a parent user ns, then you have
128  * If we have the ptrace capability to the target user_ns, then ptrace
165  * If parent has the ptrace capability to current's user_ns, then ptrace
192  * cap_capget - Retrieve a task's capability sets
193  * @target: The task from which to retrieve the capability sets
206 	/* Derived from kernel/capability.c:sys_capget. */
223 	 * capability
240  * process's capability sets.  The changes are made to the proposed new
294  * Return: 1 if security.capability has a value, meaning inode_killpriv()
396 	if (strcmp(name, "capability") != 0)
460 	/* This comes from a parent namespace.  Return as a v2 capability */
519  * User requested a write of security.capability.  If needed, update the
584  * Calculate the new process capability sets from the capability sets attached
628  * Extract the on-exec-apply capability sets for an executable file.
720  * Attempt to get the on-exec apply capability sets for an executable file from
740 	 * explicit that capability bits are limited to s_user_ns and its
798 	 * If the legacy file capability is set, then don't set privs
809 	 * capability sets for the file.
1042 		/* security.capability gets namespaced */
1232  * Implement PR_CAPBSET_DROP.  Attempt to remove the specified capability from
1298 	 * capability-based-privilege environment.
1418  * capability security module.
1445 	.name = "capability",
1477 DEFINE_LSM(capability) = {
1478 	.name = "capability",

Indexes created Wed May 22 12:01:17 MDT 2024