177 	struct cred *cred = (struct cred *) current->real_cred;  in cred_init_security()  local
185 	cred->security = tsec;  in cred_init_security()
191 static inline u32 cred_sid(const struct cred *cred)  in cred_sid()  argument
195 	tsec = cred->security;  in cred_sid()
368 			const struct cred *cred)  in may_context_mount_sb_relabel()  argument
370 	const struct task_security_struct *tsec = cred->security;  in may_context_mount_sb_relabel()
385 			const struct cred *cred)  in may_context_mount_inode_relabel()  argument
387 	const struct task_security_struct *tsec = cred->security;  in may_context_mount_inode_relabel()
608 	const struct cred *cred = current_cred();  in selinux_set_mnt_opts()  local
745 		rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred);  in selinux_set_mnt_opts()
765 							  cred);  in selinux_set_mnt_opts()
771 							     cred);  in selinux_set_mnt_opts()
784 						     cred);  in selinux_set_mnt_opts()
803 							     sbsec, cred);  in selinux_set_mnt_opts()
1489 static int cred_has_perm(const struct cred *actor,  in cred_has_perm()
1490 			 const struct cred *target,  in cred_has_perm()
1539 static int cred_has_capability(const struct cred *cred,  in cred_has_capability()  argument
1545 	u32 sid = cred_sid(cred);  in cred_has_capability()
1588 static int inode_has_perm(const struct cred *cred,  in inode_has_perm()  argument
1596 	validate_creds(cred);  in inode_has_perm()
1601 	sid = cred_sid(cred);  in inode_has_perm()
1610 static inline int dentry_has_perm(const struct cred *cred,  in dentry_has_perm()  argument
1619 	return inode_has_perm(cred, inode, av, &ad);  in dentry_has_perm()
1625 static inline int path_has_perm(const struct cred *cred,  in path_has_perm()  argument
1634 	return inode_has_perm(cred, inode, av, &ad);  in path_has_perm()
1638 static inline int file_path_has_perm(const struct cred *cred,  in file_path_has_perm()  argument
1646 	return inode_has_perm(cred, file_inode(file), av, &ad);  in file_path_has_perm()
1657 static int file_has_perm(const struct cred *cred,  in file_has_perm()  argument
1664 	u32 sid = cred_sid(cred);  in file_has_perm()
1682 		rc = inode_has_perm(cred, inode, av, &ad);  in file_has_perm()
1844 static int superblock_has_perm(const struct cred *cred,  in superblock_has_perm()  argument
1850 	u32 sid = cred_sid(cred);  in superblock_has_perm()
2032 static int selinux_capset(struct cred *new, const struct cred *old,  in selinux_capset()
2057 static int selinux_capable(const struct cred *cred, struct user_namespace *ns,  in selinux_capable()  argument
2062 	rc = cap_capable(cred, ns, cap, audit);  in selinux_capable()
2066 	return cred_has_capability(cred, cap, audit);  in selinux_capable()
2071 	const struct cred *cred = current_cred();  in selinux_quotactl()  local
2083 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL);  in selinux_quotactl()
2088 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL);  in selinux_quotactl()
2099 	const struct cred *cred = current_cred();  in selinux_quota_on()  local
2101 	return dentry_has_perm(cred, dentry, FILE__QUOTAON);  in selinux_quota_on()
2207 	new_tsec = bprm->cred->security;  in selinux_bprm_set_creds()
2333 static inline void flush_unauthorized_files(const struct cred *cred,  in flush_unauthorized_files()  argument
2355 			if (file_path_has_perm(cred, file, FILE__READ | FILE__WRITE))  in flush_unauthorized_files()
2366 	n = iterate_fd(files, 0, match_file, cred);  in flush_unauthorized_files()
2370 	devnull = dentry_open(&selinux_null, O_RDWR, cred);  in flush_unauthorized_files()
2376 	} while ((n = iterate_fd(files, n, match_file, cred)) != 0);  in flush_unauthorized_files()
2390 	new_tsec = bprm->cred->security;  in selinux_bprm_committing_creds()
2395 	flush_unauthorized_files(bprm->cred, current->files);  in selinux_bprm_committing_creds()
2661 	const struct cred *cred = current_cred();  in selinux_sb_kern_mount()  local
2675 	return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);  in selinux_sb_kern_mount()
2680 	const struct cred *cred = current_cred();  in selinux_sb_statfs()  local
2685 	return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);  in selinux_sb_statfs()
2694 	const struct cred *cred = current_cred();  in selinux_mount()  local
2697 		return superblock_has_perm(cred, path->dentry->d_sb,  in selinux_mount()
2700 		return path_has_perm(cred, path, FILE__MOUNTON);  in selinux_mount()
2705 	const struct cred *cred = current_cred();  in selinux_umount()  local
2707 	return superblock_has_perm(cred, mnt->mnt_sb,  in selinux_umount()
2727 	const struct cred *cred = current_cred();  in selinux_dentry_init_security()  local
2735 	tsec = cred->security;  in selinux_dentry_init_security()
2860 	const struct cred *cred = current_cred();  in selinux_inode_readlink()  local
2862 	return dentry_has_perm(cred, dentry, FILE__READ);  in selinux_inode_readlink()
2867 	const struct cred *cred = current_cred();  in selinux_inode_follow_link()  local
2869 	return dentry_has_perm(cred, dentry, FILE__READ);  in selinux_inode_follow_link()
2893 	const struct cred *cred = current_cred();  in selinux_inode_permission()  local
2910 	validate_creds(cred);  in selinux_inode_permission()
2917 	sid = cred_sid(cred);  in selinux_inode_permission()
2935 	const struct cred *cred = current_cred();  in selinux_inode_setattr()  local
2949 		return dentry_has_perm(cred, dentry, FILE__SETATTR);  in selinux_inode_setattr()
2954 	return dentry_has_perm(cred, dentry, av);  in selinux_inode_setattr()
2964 	const struct cred *cred = current_cred();  in selinux_inode_setotherxattr()  local
2980 	return dentry_has_perm(cred, dentry, FILE__SETATTR);  in selinux_inode_setotherxattr()
3090 	const struct cred *cred = current_cred();  in selinux_inode_getxattr()  local
3092 	return dentry_has_perm(cred, dentry, FILE__GETATTR);  in selinux_inode_getxattr()
3097 	const struct cred *cred = current_cred();  in selinux_inode_listxattr()  local
3099 	return dentry_has_perm(cred, dentry, FILE__GETATTR);  in selinux_inode_listxattr()
3196 	const struct cred *cred = current_cred();  in selinux_revalidate_file_permission()  local
3203 	return file_has_perm(cred, file,  in selinux_revalidate_file_permission()
3239 	const struct cred *cred = current_cred();  in selinux_file_ioctl()  local
3252 		error = file_has_perm(cred, file, FILE__GETATTR);  in selinux_file_ioctl()
3258 		error = file_has_perm(cred, file, FILE__SETATTR);  in selinux_file_ioctl()
3265 		error = file_has_perm(cred, file, 0);  in selinux_file_ioctl()
3270 		error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG,  in selinux_file_ioctl()
3278 		error = file_has_perm(cred, file, FILE__IOCTL);  in selinux_file_ioctl()
3287 	const struct cred *cred = current_cred();  in file_map_prot_check()  local
3298 		rc = cred_has_perm(cred, cred, PROCESS__EXECMEM);  in file_map_prot_check()
3314 		return file_has_perm(cred, file, av);  in file_map_prot_check()
3353 	const struct cred *cred = current_cred();  in selinux_file_mprotect()  local
3363 			rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP);  in selinux_file_mprotect()
3376 			rc = file_has_perm(cred, vma->vm_file, FILE__EXECMOD);  in selinux_file_mprotect()
3387 	const struct cred *cred = current_cred();  in selinux_file_lock()  local
3389 	return file_has_perm(cred, file, FILE__LOCK);  in selinux_file_lock()
3395 	const struct cred *cred = current_cred();  in selinux_file_fcntl()  local
3401 			err = file_has_perm(cred, file, FILE__WRITE);  in selinux_file_fcntl()
3412 		err = file_has_perm(cred, file, 0);  in selinux_file_fcntl()
3425 		err = file_has_perm(cred, file, FILE__LOCK);  in selinux_file_fcntl()
3464 	const struct cred *cred = current_cred();  in selinux_file_receive()  local
3466 	return file_has_perm(cred, file, file_to_av(file));  in selinux_file_receive()
3469 static int selinux_file_open(struct file *file, const struct cred *cred)  in selinux_file_open()  argument
3493 	return file_path_has_perm(cred, file, open_file_to_av(file));  in selinux_file_open()
3506 static int selinux_cred_alloc_blank(struct cred *cred, gfp_t gfp)  in selinux_cred_alloc_blank()  argument
3514 	cred->security = tsec;  in selinux_cred_alloc_blank()
3521 static void selinux_cred_free(struct cred *cred)  in selinux_cred_free()  argument
3523 	struct task_security_struct *tsec = cred->security;  in selinux_cred_free()
3529 	BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);  in selinux_cred_free()
3530 	cred->security = (void *) 0x7UL;  in selinux_cred_free()
3537 static int selinux_cred_prepare(struct cred *new, const struct cred *old,  in selinux_cred_prepare()
3556 static void selinux_cred_transfer(struct cred *new, const struct cred *old)  in selinux_cred_transfer()
3568 static int selinux_kernel_act_as(struct cred *new, u32 secid)  in selinux_kernel_act_as()
3591 static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode)  in selinux_kernel_create_files_as()
5597 	struct cred *new;  in selinux_setprocattr()
5779 static int selinux_key_alloc(struct key *k, const struct cred *cred,  in selinux_key_alloc()  argument
5789 	tsec = cred->security;  in selinux_key_alloc()
5808 				  const struct cred *cred,  in selinux_key_permission()  argument
5821 	sid = cred_sid(cred);  in selinux_key_permission()