38 	short access;
118 		walk->access |= ex->access;
146 		walk->access &= ~ex->access;
147 		if (!walk->access) {
250 static void set_access(char *acc, short access)
254 	if (access & DEVCG_ACC_READ)
256 	if (access & DEVCG_ACC_WRITE)
258 	if (access & DEVCG_ACC_MKNOD)
302 			set_access(acc, ex->access);
320  * @access: permission mask (DEVCG_ACC_READ, DEVCG_ACC_WRITE, DEVCG_ACC_MKNOD)
328 			    u32 major, u32 minor, short access)
341 		/* provided access cannot have more than the exception rule */
342 		if (access & (~ex->access))
355  * @access: permission mask (DEVCG_ACC_READ, DEVCG_ACC_WRITE, DEVCG_ACC_MKNOD)
359  * used to make sure no extra access is being granted that is forbidden by
365 				    u32 major, u32 minor, short access)
385 		 * an exception, all its access bits shouldn't match the
386 		 * exception's access bits
388 		if (!(access & ex->access))
431 							refex->access);
440 		 * the new exception will add access to more devices and must
446 					refex->access);
478  * be checked if removing it will give the child cgroup more access than the
491 	/* It's always allowed to remove access to devices */
500 					ex->major, ex->minor, ex->access);
562 		 * methods), and online ones are safe to access outside RCU
607  * new access is only allowed if you're in the top-level cgroup, or your
608  * parent cgroup has the access you're asking for.
726 			ex.access |= DEVCG_ACC_READ;
729 			ex.access |= DEVCG_ACC_WRITE;
732 			ex.access |= DEVCG_ACC_MKNOD;
828  * @access: combination of DEVCG_ACC_WRITE, DEVCG_ACC_READ and DEVCG_ACC_MKNOD
833 					short access)
843 					      type, major, minor, access);
847 				     minor, access);
860 int devcgroup_check_permission(short type, u32 major, u32 minor, short access)
862 	int rc = BPF_CGROUP_RUN_PROG_DEVICE_CGROUP(type, major, minor, access);
868 	return devcgroup_legacy_check_permission(type, major, minor, access);

Indexes created Sat May 04 09:44:38 MDT 2024