Lines Matching +full:keys +full:- +full:per +full:- +full:group
20 - Tasks
21 - Files/inodes
22 - Sockets
23 - Message queues
24 - Shared memory segments
25 - Semaphores
26 - Keys
44 the same set as in (2) - in standard UNIX files, for instance, this is the
71 group list for when it is acting upon a file - which are quite separate
102 'group' and 'other'), each of which may be granted certain privileges
103 ('read', 'write' and 'execute' - whatever those map to for the object
129 - Real User ID
130 - Real Group ID
137 - Effective, Saved and FS User ID
138 - Effective, Saved and FS Group ID
139 - Supplementary groups
148 - Set of permitted capabilities
149 - Set of inheritable capabilities
150 - Set of effective capabilities
151 - Capability bounding set
180 4. Keys and keyrings.
184 making such things as network filesystem keys available to the file
188 Keyrings are a special type of key. They carry sets of other keys and can
192 Per-thread keying
193 Per-process keyring
194 Per-session keyring
199 For more information on using keys, see ``Documentation/security/keys/*``.
213 This is a socket-based approach to credential management for networking
251 (groups, keys, LSM security) a refcounted structure of type 'struct cred'.
273 To alter anything in the cred struct, the copy-and-replace principle must be
282 longer permit attachment to process-specific keyrings in the requesting
287 ---------------------
305 --------------------------
309 -- which simplifies things greatly. It can just call::
358 ------------------------------------
376 f->uid = tcred->uid;
377 f->gid = tcred->gid;
378 f->groups = get_group_info(tcred->groups);
404 __task_cred(task)->uid
405 __task_cred(task)->euid
418 where 'member' is a non-pointer member of the cred struct. For instance::
428 --------------------
439 this locks current->cred_replace_mutex and then allocates and constructs a
453 When replacing the group list, the new list must be sorted before it
468 actually commit the new credentials to ``current->cred``, it will release
469 ``current->cred_replace_mutex`` to allow ``ptrace()`` to take place, and it
472 This function is guaranteed to return 0, so that it can be tail-called at the
488 This releases the lock on ``current->cred_replace_mutex`` that
501 return -ENOMEM;
503 new->suid = suid;
515 --------------------
519 - ``void put_cred(const struct cred *cred);``
525 - ``const struct cred *get_cred(const struct cred *cred);``
530 - ``struct cred *get_new_cred(struct cred *cred);``
541 ``f_uid`` and ``f_gid``. Code that used to access ``file->f_uid`` and
542 ``file->f_gid`` should now access ``file->f_cred->fsuid`` and
543 ``file->f_cred->fsgid``.