178 	struct cred *cred = (struct cred *) current->real_cred;  in cred_init_security()  local
186 	cred->security = tsec;  in cred_init_security()
192 static inline u32 cred_sid(const struct cred *cred)  in cred_sid()  argument
196 	tsec = cred->security;  in cred_sid()
380 			const struct cred *cred)  in may_context_mount_sb_relabel()  argument
382 	const struct task_security_struct *tsec = cred->security;  in may_context_mount_sb_relabel()
397 			const struct cred *cred)  in may_context_mount_inode_relabel()  argument
399 	const struct task_security_struct *tsec = cred->security;  in may_context_mount_inode_relabel()
620 	const struct cred *cred = current_cred();  in selinux_set_mnt_opts()  local
761 		rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred);  in selinux_set_mnt_opts()
781 							  cred);  in selinux_set_mnt_opts()
787 							     cred);  in selinux_set_mnt_opts()
800 						     cred);  in selinux_set_mnt_opts()
819 							     sbsec, cred);  in selinux_set_mnt_opts()
1513 static int cred_has_perm(const struct cred *actor,  in cred_has_perm()
1514 			 const struct cred *target,  in cred_has_perm()
1563 static int cred_has_capability(const struct cred *cred,  in cred_has_capability()  argument
1569 	u32 sid = cred_sid(cred);  in cred_has_capability()
1612 static int inode_has_perm(const struct cred *cred,  in inode_has_perm()  argument
1620 	validate_creds(cred);  in inode_has_perm()
1625 	sid = cred_sid(cred);  in inode_has_perm()
1634 static inline int dentry_has_perm(const struct cred *cred,  in dentry_has_perm()  argument
1643 	return inode_has_perm(cred, inode, av, &ad);  in dentry_has_perm()
1649 static inline int path_has_perm(const struct cred *cred,  in path_has_perm()  argument
1658 	return inode_has_perm(cred, inode, av, &ad);  in path_has_perm()
1662 static inline int file_path_has_perm(const struct cred *cred,  in file_path_has_perm()  argument
1670 	return inode_has_perm(cred, file_inode(file), av, &ad);  in file_path_has_perm()
1681 static int file_has_perm(const struct cred *cred,  in file_has_perm()  argument
1688 	u32 sid = cred_sid(cred);  in file_has_perm()
1706 		rc = inode_has_perm(cred, inode, av, &ad);  in file_has_perm()
1891 static int superblock_has_perm(const struct cred *cred,  in superblock_has_perm()  argument
1897 	u32 sid = cred_sid(cred);  in superblock_has_perm()
2061 static int selinux_capset(struct cred *new, const struct cred *old,  in selinux_capset()
2079 static int selinux_capable(const struct cred *cred, struct user_namespace *ns,  in selinux_capable()  argument
2082 	return cred_has_capability(cred, cap, audit);  in selinux_capable()
2087 	const struct cred *cred = current_cred();  in selinux_quotactl()  local
2099 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL);  in selinux_quotactl()
2104 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL);  in selinux_quotactl()
2115 	const struct cred *cred = current_cred();  in selinux_quota_on()  local
2117 	return dentry_has_perm(cred, dentry, FILE__QUOTAON);  in selinux_quota_on()
2219 	new_tsec = bprm->cred->security;  in selinux_bprm_set_creds()
2345 static inline void flush_unauthorized_files(const struct cred *cred,  in flush_unauthorized_files()  argument
2367 			if (file_path_has_perm(cred, file, FILE__READ | FILE__WRITE))  in flush_unauthorized_files()
2378 	n = iterate_fd(files, 0, match_file, cred);  in flush_unauthorized_files()
2382 	devnull = dentry_open(&selinux_null, O_RDWR, cred);  in flush_unauthorized_files()
2388 	} while ((n = iterate_fd(files, n, match_file, cred)) != 0);  in flush_unauthorized_files()
2402 	new_tsec = bprm->cred->security;  in selinux_bprm_committing_creds()
2407 	flush_unauthorized_files(bprm->cred, current->files);  in selinux_bprm_committing_creds()
2672 	const struct cred *cred = current_cred();  in selinux_sb_kern_mount()  local
2686 	return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);  in selinux_sb_kern_mount()
2691 	const struct cred *cred = current_cred();  in selinux_sb_statfs()  local
2696 	return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);  in selinux_sb_statfs()
2705 	const struct cred *cred = current_cred();  in selinux_mount()  local
2708 		return superblock_has_perm(cred, path->dentry->d_sb,  in selinux_mount()
2711 		return path_has_perm(cred, path, FILE__MOUNTON);  in selinux_mount()
2716 	const struct cred *cred = current_cred();  in selinux_umount()  local
2718 	return superblock_has_perm(cred, mnt->mnt_sb,  in selinux_umount()
2843 	const struct cred *cred = current_cred();  in selinux_inode_readlink()  local
2845 	return dentry_has_perm(cred, dentry, FILE__READ);  in selinux_inode_readlink()
2851 	const struct cred *cred = current_cred();  in selinux_inode_follow_link()  local
2856 	validate_creds(cred);  in selinux_inode_follow_link()
2860 	sid = cred_sid(cred);  in selinux_inode_follow_link()
2888 	const struct cred *cred = current_cred();  in selinux_inode_permission()  local
2905 	validate_creds(cred);  in selinux_inode_permission()
2912 	sid = cred_sid(cred);  in selinux_inode_permission()
2930 	const struct cred *cred = current_cred();  in selinux_inode_setattr()  local
2944 		return dentry_has_perm(cred, dentry, FILE__SETATTR);  in selinux_inode_setattr()
2950 	return dentry_has_perm(cred, dentry, av);  in selinux_inode_setattr()
2960 	const struct cred *cred = current_cred();  in selinux_inode_setotherxattr()  local
2976 	return dentry_has_perm(cred, dentry, FILE__SETATTR);  in selinux_inode_setotherxattr()
3086 	const struct cred *cred = current_cred();  in selinux_inode_getxattr()  local
3088 	return dentry_has_perm(cred, dentry, FILE__GETATTR);  in selinux_inode_getxattr()
3093 	const struct cred *cred = current_cred();  in selinux_inode_listxattr()  local
3095 	return dentry_has_perm(cred, dentry, FILE__GETATTR);  in selinux_inode_listxattr()
3195 	const struct cred *cred = current_cred();  in selinux_revalidate_file_permission()  local
3202 	return file_has_perm(cred, file,  in selinux_revalidate_file_permission()
3239 static int ioctl_has_perm(const struct cred *cred, struct file *file,  in ioctl_has_perm()  argument
3247 	u32 ssid = cred_sid(cred);  in ioctl_has_perm()
3278 	const struct cred *cred = current_cred();  in selinux_file_ioctl()  local
3291 		error = file_has_perm(cred, file, FILE__GETATTR);  in selinux_file_ioctl()
3297 		error = file_has_perm(cred, file, FILE__SETATTR);  in selinux_file_ioctl()
3304 		error = file_has_perm(cred, file, 0);  in selinux_file_ioctl()
3309 		error = cred_has_capability(cred, CAP_SYS_TTY_CONFIG,  in selinux_file_ioctl()
3317 		error = ioctl_has_perm(cred, file, FILE__IOCTL, (u16) cmd);  in selinux_file_ioctl()
3326 	const struct cred *cred = current_cred();  in file_map_prot_check()  local
3337 		rc = cred_has_perm(cred, cred, PROCESS__EXECMEM);  in file_map_prot_check()
3353 		return file_has_perm(cred, file, av);  in file_map_prot_check()
3387 	const struct cred *cred = current_cred();  in selinux_file_mprotect()  local
3397 			rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP);  in selinux_file_mprotect()
3410 			rc = file_has_perm(cred, vma->vm_file, FILE__EXECMOD);  in selinux_file_mprotect()
3421 	const struct cred *cred = current_cred();  in selinux_file_lock()  local
3423 	return file_has_perm(cred, file, FILE__LOCK);  in selinux_file_lock()
3429 	const struct cred *cred = current_cred();  in selinux_file_fcntl()  local
3435 			err = file_has_perm(cred, file, FILE__WRITE);  in selinux_file_fcntl()
3446 		err = file_has_perm(cred, file, 0);  in selinux_file_fcntl()
3459 		err = file_has_perm(cred, file, FILE__LOCK);  in selinux_file_fcntl()
3498 	const struct cred *cred = current_cred();  in selinux_file_receive()  local
3500 	return file_has_perm(cred, file, file_to_av(file));  in selinux_file_receive()
3503 static int selinux_file_open(struct file *file, const struct cred *cred)  in selinux_file_open()  argument
3527 	return file_path_has_perm(cred, file, open_file_to_av(file));  in selinux_file_open()
3540 static int selinux_cred_alloc_blank(struct cred *cred, gfp_t gfp)  in selinux_cred_alloc_blank()  argument
3548 	cred->security = tsec;  in selinux_cred_alloc_blank()
3555 static void selinux_cred_free(struct cred *cred)  in selinux_cred_free()  argument
3557 	struct task_security_struct *tsec = cred->security;  in selinux_cred_free()
3563 	BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE);  in selinux_cred_free()
3564 	cred->security = (void *) 0x7UL;  in selinux_cred_free()
3571 static int selinux_cred_prepare(struct cred *new, const struct cred *old,  in selinux_cred_prepare()
3590 static void selinux_cred_transfer(struct cred *new, const struct cred *old)  in selinux_cred_transfer()
3602 static int selinux_kernel_act_as(struct cred *new, u32 secid)  in selinux_kernel_act_as()
3625 static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode)  in selinux_kernel_create_files_as()
5611 	struct cred *new;  in selinux_setprocattr()
5793 static int selinux_key_alloc(struct key *k, const struct cred *cred,  in selinux_key_alloc()  argument
5803 	tsec = cred->security;  in selinux_key_alloc()
5822 				  const struct cred *cred,  in selinux_key_permission()  argument
5835 	sid = cred_sid(cred);  in selinux_key_permission()