| /openbmc/linux/security/safesetid/ |
| H A D | lsm.c | 46 } else if (policy->type == GID) { in _setid_policy_lookup()
74 else if (new_type == GID) in setid_policy_lookup()
156 } else if (new_type == GID){ in id_permitted_for_cred()
175 } else if (new_type == GID) { in id_permitted_for_cred()
220 if (setid_policy_lookup((kid_t){.gid = old->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT) in safesetid_task_fix_setgid()
223 if (id_permitted_for_cred(old, (kid_t){.gid = new->gid}, GID) && in safesetid_task_fix_setgid()
224 id_permitted_for_cred(old, (kid_t){.gid = new->egid}, GID) && in safesetid_task_fix_setgid()
225 id_permitted_for_cred(old, (kid_t){.gid = new->sgid}, GID) && in safesetid_task_fix_setgid()
226 id_permitted_for_cred(old, (kid_t){.gid = new->fsgid}, GID)) in safesetid_task_fix_setgid()
243 if (setid_policy_lookup((kid_t){.gid = old->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT) in safesetid_task_fix_setgroups()
[all …]
|
| H A D | securityfs.c | 58 } else if (rule->type == GID){ in parse_policy_line()
92 else if (pol->type == GID) in insert_rule()
110 } else if (pol->type == GID) { in verify_ruleset()
131 nrule->type = GID; in verify_ruleset()
216 } else if (policy_type == GID) { in handle_policy_update()
260 return handle_policy_update(file, buf, len, GID); in safesetid_gid_file_write()
|
| H A D | Kconfig | 9 restrict UID/GID transitions from a given UID/GID to only those
|
| H A D | lsm.h | 37 GID enumerator
|
| /openbmc/openbmc/poky/scripts/ |
| H A D | runqemu-gen-tapdevs | 37 GID=$2
40 GID=$1
88 echo "Creating $COUNT tap devices for GID: $GID..."
91 if ! ifup=`$RUNQEMU_IFUP $GID 2>&1`; then
|
| /openbmc/openbmc/poky/scripts/esdk-tools/ |
| H A D | runqemu-gen-tapdevs | 37 GID=$2
40 GID=$1
88 echo "Creating $COUNT tap devices for GID: $GID..."
91 if ! ifup=`$RUNQEMU_IFUP $GID 2>&1`; then
|
| /openbmc/openbmc/poky/meta/recipes-extended/zip/zip-3.0/ |
| H A D | 0001-unix-configure-use-_Static_assert-to-do-correct-dete.patch | 33 echo -- UID/GID test failed on compile - disabling old 16-bit UID/GID support
40 - echo -- UID not 2 bytes - disabling old 16-bit UID/GID support
43 - echo -- GID not 2 bytes - disabling old 16-bit UID/GID support
46 - echo -- 16-bit UIDs and GIDs - keeping old 16-bit UID/GID support
48 - echo -- test failed - conftest returned $r - disabling old 16-bit UID/GID support
51 + echo -- 16-bit UIDs and GIDs - keeping old 16-bit UID/GID support
|
| /openbmc/linux/Documentation/admin-guide/LSM/ |
| H A D | SafeSetID.rst | 5 UID/GID transitions from a given UID/GID to only those approved by a
8 allowing a user to set up user namespace UID/GID mappings.
57 to do process spawning and UID/GID transitions). Unfortunately, there are a
70 programs in the tree could change to any desired UID/GID in the context of their
103 mounted. The format for adding a policy is '<UID>:<UID>' or '<GID>:<GID>',
106 for a UID/GID will prevent that UID/GID from obtaining auxiliary setid
107 privileges, such as allowing a user to set up user namespace UID/GID mappings.
109 Note on GID policies and setgroups()
115 support in a future release for restricting setgroups() calls, these GID
117 once we have the policy checking code in place, which will rely on GID policy
|
| /openbmc/qemu/tests/qemu-iotests/ |
| H A D | 149.out | 9 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
15 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
45 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
51 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
67 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
73 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
103 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
109 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-xts-plain64-sha1
482 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-cbc-plain-sha1
488 sudo chown UID:GID /dev/mapper/qiotest-145-aes-256-cbc-plain-sha1
[all …]
|
| /openbmc/linux/Documentation/admin-guide/ |
| H A D | highuid.rst | 18 maximum UID/GID. They are limited by the maximum file size on the
27 (currently, the old 16-bit UID and GID are still written to disk, and
29 GID)
|
| /openbmc/openbmc/meta-security/recipes-ids/suricata/files/ |
| H A D | tmpfiles.suricata | 1 #Type Path Mode UID GID Age Argument
|
| /openbmc/openbmc/poky/meta/recipes-core/initscripts/initscripts-1.0/ |
| H A D | devpts | 1 # GID of the `tty' group
|
| /openbmc/openbmc/meta-security/recipes-scanners/clamav/files/ |
| H A D | tmpfiles.clamav | 1 #Type Path Mode UID GID Age Argument
|
| /openbmc/linux/Documentation/ABI/stable/ |
| H A D | sysfs-driver-ib_srp | 18 destination GID.
118 Description: InfiniBand destination GID used for communication with the SRP
153 Description: InfiniBand destination GID specified in the parameters
182 Description: InfiniBand GID of the source port used for communication with
|
| /openbmc/linux/tools/perf/trace/beauty/ |
| H A D | statx.c | 60 P_FLAG(GID); in syscall_arg__scnprintf_statx_mask()
|
| /openbmc/linux/Documentation/admin-guide/nfs/ |
| H A D | nfs-idmapper.rst | 42 gid: Find the GID for the given group
44 group: Find the group name for the given GID
|
| /openbmc/linux/drivers/net/ethernet/renesas/ |
| H A D | ravb_ptp.c | 199 ravb_write(ndev, GID_PTCD, GID); in ravb_ptp_extts()
265 ravb_write(ndev, GID_PTMD0, GID); in ravb_ptp_perout()
|
| /openbmc/linux/Documentation/security/ |
| H A D | credentials.rst | 45 defined by the UID and the GID marked on the inode.
72 from the real UID and GID that normally form the objective context of the
132 The UID and GID are carried by most, if not all, Linux objects, even if in
142 EUID/EGID/GROUPS will be used as the subjective context, and real UID/GID
234 * UNIX UID, GID, mode;
320 gid_t current_gid(void) Current's real GID
322 gid_t current_egid(void) Current's effective GID
324 gid_t current_fsgid(void) Current's file access GID
|
| H A D | IMA-templates.rst | 15 the inode UID/GID or the LSM labels either of the inode and of the process
80 - 'igid': the inode GID;
|
| /openbmc/qemu/docs/tools/ |
| H A D | virtfs-proxy-helper.rst | 69 .. option:: -g, --gid GID
|
| /openbmc/linux/Documentation/admin-guide/perf/ |
| H A D | cxl.rst | 64 $# perf stat -a -e cxl_pmu_mem0.0/vid=VID,gid=GID,mask=MASK/
|
| /openbmc/linux/Documentation/filesystems/ext4/ |
| H A D | inodes.rst | 79 - Lower 16-bits of GID.
206 - S_ISGID (Set GID)
395 - Upper 16-bits of the GID.
430 - Upper 16-bits of the GID.
|
| /openbmc/linux/Documentation/filesystems/ |
| H A D | quota.rst | 48 - UID/GID (depends on quota type) of user / group whose limit
|
| /openbmc/linux/drivers/infiniband/ |
| H A D | Kconfig | 74 This allows the user to config the default GID type that the CM
|
| /openbmc/linux/Documentation/security/keys/ |
| H A D | request-key.rst | 108 UID, GID, groups and security info of process A as if it was process A,
129 of them, and (b) it requires the same UID/GID/Groups all the way through.
|