Contributors: 27
Author |
Tokens |
Token Proportion |
Commits |
Commit Proportion |
Serge E. Hallyn |
190 |
22.57% |
7 |
13.21% |
Andrew G. Morgan |
128 |
15.20% |
2 |
3.77% |
Linus Torvalds (pre-git) |
125 |
14.85% |
5 |
9.43% |
Linus Torvalds |
83 |
9.86% |
2 |
3.77% |
Eric Paris |
50 |
5.94% |
7 |
13.21% |
Alexey Budankov |
35 |
4.16% |
1 |
1.89% |
Iulia Manda |
34 |
4.04% |
1 |
1.89% |
Adrian Reber |
27 |
3.21% |
1 |
1.89% |
Randy Dunlap |
25 |
2.97% |
1 |
1.89% |
Eric W. Biedermann |
24 |
2.85% |
4 |
7.55% |
Christian Brauner |
23 |
2.73% |
5 |
9.43% |
Tyler Hicks |
18 |
2.14% |
1 |
1.89% |
David Howells |
18 |
2.14% |
2 |
3.77% |
Micah Morton |
15 |
1.78% |
1 |
1.89% |
Mateusz Guzik |
13 |
1.54% |
1 |
1.89% |
Chris Wright |
8 |
0.95% |
1 |
1.89% |
Alexei Starovoitov |
5 |
0.59% |
1 |
1.89% |
Richard Guy Briggs |
4 |
0.48% |
1 |
1.89% |
Yaowei Bai |
3 |
0.36% |
1 |
1.89% |
Dustin Kirkland |
3 |
0.36% |
1 |
1.89% |
Tim Schmielau |
3 |
0.36% |
1 |
1.89% |
Al Viro |
2 |
0.24% |
1 |
1.89% |
Casey Schaufler |
2 |
0.24% |
1 |
1.89% |
Miklos Szeredi |
1 |
0.12% |
1 |
1.89% |
Greg Kroah-Hartman |
1 |
0.12% |
1 |
1.89% |
Andrew Lutomirski |
1 |
0.12% |
1 |
1.89% |
GeunSik Lim |
1 |
0.12% |
1 |
1.89% |
Total |
842 |
|
53 |
|
/* SPDX-License-Identifier: GPL-2.0 */
/*
* This is <linux/capability.h>
*
* Andrew G. Morgan <morgan@kernel.org>
* Alexander Kjeldaas <astor@guardian.no>
* with help from Aleph1, Roland Buresund and Andrew Main.
*
* See here for the libcap library ("POSIX draft" compliance):
*
* ftp://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/
*/
#ifndef _LINUX_CAPABILITY_H
#define _LINUX_CAPABILITY_H
#include <uapi/linux/capability.h>
#include <linux/uidgid.h>
#include <linux/bits.h>
#define _KERNEL_CAPABILITY_VERSION _LINUX_CAPABILITY_VERSION_3
extern int file_caps_enabled;
typedef struct { u64 val; } kernel_cap_t;
/* same as vfs_ns_cap_data but in cpu endian and always filled completely */
struct cpu_vfs_cap_data {
__u32 magic_etc;
kuid_t rootid;
kernel_cap_t permitted;
kernel_cap_t inheritable;
};
#define _USER_CAP_HEADER_SIZE (sizeof(struct __user_cap_header_struct))
#define _KERNEL_CAP_T_SIZE (sizeof(kernel_cap_t))
struct file;
struct inode;
struct dentry;
struct task_struct;
struct user_namespace;
struct mnt_idmap;
/*
* CAP_FS_MASK and CAP_NFSD_MASKS:
*
* The fs mask is all the privileges that fsuid==0 historically meant.
* At one time in the past, that included CAP_MKNOD and CAP_LINUX_IMMUTABLE.
*
* It has never meant setting security.* and trusted.* xattrs.
*
* We could also define fsmask as follows:
* 1. CAP_FS_MASK is the privilege to bypass all fs-related DAC permissions
* 2. The security.* and trusted.* xattrs are fs-related MAC permissions
*/
# define CAP_FS_MASK (BIT_ULL(CAP_CHOWN) \
| BIT_ULL(CAP_MKNOD) \
| BIT_ULL(CAP_DAC_OVERRIDE) \
| BIT_ULL(CAP_DAC_READ_SEARCH) \
| BIT_ULL(CAP_FOWNER) \
| BIT_ULL(CAP_FSETID) \
| BIT_ULL(CAP_MAC_OVERRIDE))
#define CAP_VALID_MASK (BIT_ULL(CAP_LAST_CAP+1)-1)
# define CAP_EMPTY_SET ((kernel_cap_t) { 0 })
# define CAP_FULL_SET ((kernel_cap_t) { CAP_VALID_MASK })
# define CAP_FS_SET ((kernel_cap_t) { CAP_FS_MASK | BIT_ULL(CAP_LINUX_IMMUTABLE) })
# define CAP_NFSD_SET ((kernel_cap_t) { CAP_FS_MASK | BIT_ULL(CAP_SYS_RESOURCE) })
# define cap_clear(c) do { (c).val = 0; } while (0)
#define cap_raise(c, flag) ((c).val |= BIT_ULL(flag))
#define cap_lower(c, flag) ((c).val &= ~BIT_ULL(flag))
#define cap_raised(c, flag) (((c).val & BIT_ULL(flag)) != 0)
static inline kernel_cap_t cap_combine(const kernel_cap_t a,
const kernel_cap_t b)
{
return (kernel_cap_t) { a.val | b.val };
}
static inline kernel_cap_t cap_intersect(const kernel_cap_t a,
const kernel_cap_t b)
{
return (kernel_cap_t) { a.val & b.val };
}
static inline kernel_cap_t cap_drop(const kernel_cap_t a,
const kernel_cap_t drop)
{
return (kernel_cap_t) { a.val &~ drop.val };
}
static inline bool cap_isclear(const kernel_cap_t a)
{
return !a.val;
}
static inline bool cap_isidentical(const kernel_cap_t a, const kernel_cap_t b)
{
return a.val == b.val;
}
/*
* Check if "a" is a subset of "set".
* return true if ALL of the capabilities in "a" are also in "set"
* cap_issubset(0101, 1111) will return true
* return false if ANY of the capabilities in "a" are not in "set"
* cap_issubset(1111, 0101) will return false
*/
static inline bool cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
{
return !(a.val & ~set.val);
}
/* Used to decide between falling back on the old suser() or fsuser(). */
static inline kernel_cap_t cap_drop_fs_set(const kernel_cap_t a)
{
return cap_drop(a, CAP_FS_SET);
}
static inline kernel_cap_t cap_raise_fs_set(const kernel_cap_t a,
const kernel_cap_t permitted)
{
return cap_combine(a, cap_intersect(permitted, CAP_FS_SET));
}
static inline kernel_cap_t cap_drop_nfsd_set(const kernel_cap_t a)
{
return cap_drop(a, CAP_NFSD_SET);
}
static inline kernel_cap_t cap_raise_nfsd_set(const kernel_cap_t a,
const kernel_cap_t permitted)
{
return cap_combine(a, cap_intersect(permitted, CAP_NFSD_SET));
}
#ifdef CONFIG_MULTIUSER
extern bool has_capability(struct task_struct *t, int cap);
extern bool has_ns_capability(struct task_struct *t,
struct user_namespace *ns, int cap);
extern bool has_capability_noaudit(struct task_struct *t, int cap);
extern bool has_ns_capability_noaudit(struct task_struct *t,
struct user_namespace *ns, int cap);
extern bool capable(int cap);
extern bool ns_capable(struct user_namespace *ns, int cap);
extern bool ns_capable_noaudit(struct user_namespace *ns, int cap);
extern bool ns_capable_setid(struct user_namespace *ns, int cap);
#else
static inline bool has_capability(struct task_struct *t, int cap)
{
return true;
}
static inline bool has_ns_capability(struct task_struct *t,
struct user_namespace *ns, int cap)
{
return true;
}
static inline bool has_capability_noaudit(struct task_struct *t, int cap)
{
return true;
}
static inline bool has_ns_capability_noaudit(struct task_struct *t,
struct user_namespace *ns, int cap)
{
return true;
}
static inline bool capable(int cap)
{
return true;
}
static inline bool ns_capable(struct user_namespace *ns, int cap)
{
return true;
}
static inline bool ns_capable_noaudit(struct user_namespace *ns, int cap)
{
return true;
}
static inline bool ns_capable_setid(struct user_namespace *ns, int cap)
{
return true;
}
#endif /* CONFIG_MULTIUSER */
bool privileged_wrt_inode_uidgid(struct user_namespace *ns,
struct mnt_idmap *idmap,
const struct inode *inode);
bool capable_wrt_inode_uidgid(struct mnt_idmap *idmap,
const struct inode *inode, int cap);
extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);
extern bool ptracer_capable(struct task_struct *tsk, struct user_namespace *ns);
static inline bool perfmon_capable(void)
{
return capable(CAP_PERFMON) || capable(CAP_SYS_ADMIN);
}
static inline bool bpf_capable(void)
{
return capable(CAP_BPF) || capable(CAP_SYS_ADMIN);
}
static inline bool checkpoint_restore_ns_capable(struct user_namespace *ns)
{
return ns_capable(ns, CAP_CHECKPOINT_RESTORE) ||
ns_capable(ns, CAP_SYS_ADMIN);
}
/* audit system wants to get cap info from files as well */
int get_vfs_caps_from_disk(struct mnt_idmap *idmap,
const struct dentry *dentry,
struct cpu_vfs_cap_data *cpu_caps);
int cap_convert_nscap(struct mnt_idmap *idmap, struct dentry *dentry,
const void **ivalue, size_t size);
#endif /* !_LINUX_CAPABILITY_H */