Lines Matching refs:uid
40 hash_for_each_possible(policy->rules, rule, next, __kuid_val(src.uid)) {
41 if (!uid_eq(rule->src_id.uid, src.uid))
43 if (uid_eq(rule->dst_id.uid, dst.uid))
114 if (setid_policy_lookup((kid_t){.uid = cred->uid}, INVALID_ID, UID) == SIDPOL_DEFAULT)
118 * set*uid() (e.g. setting up userns uid mappings).
120 pr_warn("Operation requires CAP_SETUID, which is not available to UID %u for operations besides approved set*uid transitions\n",
121 __kuid_val(cred->uid));
154 if (uid_eq(new_id.uid, old->uid) || uid_eq(new_id.uid, old->euid) ||
155 uid_eq(new_id.uid, old->suid))
169 setid_policy_lookup((kid_t){.uid = old->uid}, new_id, new_type) != SIDPOL_CONSTRAINED;
174 __kuid_val(old->uid), __kuid_val(old->euid),
175 __kuid_val(old->suid), __kuid_val(new_id.uid));
188 * set*uid to user under new cred struct, or the UID transition is allowed (by
189 * Linux set*uid rules) even without CAP_SETUID.
197 if (setid_policy_lookup((kid_t){.uid = old->uid}, INVALID_ID, UID) == SIDPOL_DEFAULT)
200 if (id_permitted_for_cred(old, (kid_t){.uid = new->uid}, UID) &&
201 id_permitted_for_cred(old, (kid_t){.uid = new->euid}, UID) &&
202 id_permitted_for_cred(old, (kid_t){.uid = new->suid}, UID) &&
203 id_permitted_for_cred(old, (kid_t){.uid = new->fsuid}, UID))