76 int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,  in cap_capable()  argument
87 		if (ns == cred->user_ns)  in cap_capable()
88 			return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM;  in cap_capable()
98 		if ((ns->parent == cred->user_ns) && uid_eq(ns->owner, cred->euid))  in cap_capable()
144 	const struct cred *cred, *child_cred;  in cap_ptrace_access_check()  local
148 	cred = current_cred();  in cap_ptrace_access_check()
151 		caller_caps = &cred->cap_effective;  in cap_ptrace_access_check()
153 		caller_caps = &cred->cap_permitted;  in cap_ptrace_access_check()
154 	if (cred->user_ns == child_cred->user_ns &&  in cap_ptrace_access_check()
181 	const struct cred *cred, *child_cred;  in cap_ptrace_traceme()  local
184 	cred = __task_cred(parent);  in cap_ptrace_traceme()
186 	if (cred->user_ns == child_cred->user_ns &&  in cap_ptrace_traceme()
187 	    cap_issubset(child_cred->cap_permitted, cred->cap_permitted))  in cap_ptrace_traceme()
210 	const struct cred *cred;  in cap_capget()  local
214 	cred = __task_cred(target);  in cap_capget()
215 	*effective   = cred->cap_effective;  in cap_capget()
216 	*inheritable = cred->cap_inheritable;  in cap_capget()
217 	*permitted   = cred->cap_permitted;  in cap_capget()
250 int cap_capset(struct cred *new,  in cap_capset()
251 	       const struct cred *old,  in cap_capset()
288 	cap_clear(bprm->cred->cap_permitted);  in bprm_clear_caps()
344 	struct cred *new = bprm->cred;  in bprm_caps_from_vfs_caps()
485 	const struct cred *old = current_cred();  in cap_bprm_set_creds()
486 	struct cred *new = bprm->cred;  in cap_bprm_set_creds()
596 	const struct cred *cred = current_cred();  in cap_bprm_secureexec()  local
597 	kuid_t root_uid = make_kuid(cred->user_ns, 0);  in cap_bprm_secureexec()
599 	if (!uid_eq(cred->uid, root_uid)) {  in cap_bprm_secureexec()
602 		if (!cap_isclear(cred->cap_permitted))  in cap_bprm_secureexec()
606 	return (!uid_eq(cred->euid, cred->uid) ||  in cap_bprm_secureexec()
607 		!gid_eq(cred->egid, cred->gid));  in cap_bprm_secureexec()
695 static inline void cap_emulate_setxuid(struct cred *new, const struct cred *old)  in cap_emulate_setxuid()
724 int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags)  in cap_task_fix_setuid()
831 	struct cred *new;  in cap_prctl_drop()
860 	const struct cred *old = current_cred();  in cap_task_prctl()
861 	struct cred *new;  in cap_task_prctl()