From: Nicholas Hans Simmonds <nhstux@gmail.com>
To: Horst von Brand <vonbrand@inf.utfsm.cl>
Cc: Nathan Scott <nathans@sgi.com>,
linux-kernel@vger.kernel.org,
"Andrew G. Morgan" <morgan@transmeta.com>,
Alexey Dobriyan <adobriyan@gmail.com>
Subject: Re: [PATCH] Filesystem capabilities support
Date: Thu, 14 Jul 2005 05:29:34 +0100 [thread overview]
Message-ID: <20050714042934.GA25447@laptop> (raw)
In-Reply-To: <200507131751.j6DHpkBE016946@laptop11.inf.utfsm.cl>
On Wed, Jul 13, 2005 at 01:51:46PM -0400, Horst von Brand wrote:
> Nicholas Hans Simmonds <nhstux@gmail.com> wrote:
> > Sorry, my earlier reply seems to have gotten lost somewhere. I've been
> > pondering this issue for some time and am still not sure what's the best
> > answer. I've attached a small patch which handles this by detecting byte
> > swapping of the version code. I'm not convinced it's necessary but
> > shouldn't hurt.
> >
> > diff --git a/security/commoncap.c b/security/commoncap.c
> > --- a/security/commoncap.c
> > +++ b/security/commoncap.c
> > @@ -153,6 +153,15 @@ int cap_bprm_set_security (struct linux_
> > down(&bprm_dentry->d_inode->i_sem);
> > ret = bprm_getxattr(bprm_dentry,XATTR_CAP_SET,&caps,sizeof(caps));
> > if(ret == sizeof(caps)) {
> > + if(caps.version = swab32(_LINUX_CAPABILITY_VERSION)) {
> ^
> |
> +-- Surely wrong?!
>
True, just noticed that. Amazing how even the simplest patches provide
such ample opportunity to shoot oneself in the foot.
> > + swab32s(&caps.version);
> > + swab32s(&caps.effective);
> > + swab32s(&caps.mask_effective);
> > + swab32s(&caps.permitted);
> > + swab32s(&caps.mask_permitted);
> > + swab32s(&caps.inheritable);
> > + swab32s(&caps.mask_inheritable);
> > + }
> > if(caps.version == _LINUX_CAPABILITY_VERSION) {
> > cap_t(bprm->cap_effective) &= caps.mask_effective;
> > cap_t(bprm->cap_effective) |= caps.effective;
> --
> Dr. Horst H. von Brand User #22616 counter.li.org
> Departamento de Informatica Fono: +56 32 654431
> Universidad Tecnica Federico Santa Maria +56 32 654239
> Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513
Other than this, what are the general thoughts about this method as
opposed to just using a well defined byte order?
Thanks,
Nicholas
next prev parent reply other threads:[~2005-07-14 4:31 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-02 21:41 [PATCH] Filesystem capabilities support Nicholas Hans Simmonds
2005-07-02 23:01 ` Alexey Dobriyan
2005-07-03 0:14 ` Nicholas Hans Simmonds
2005-07-06 4:56 ` Nathan Scott
2005-07-04 14:27 ` Nicholas Hans Simmonds
2005-07-13 6:29 ` Nicholas Hans Simmonds
2005-07-13 17:51 ` Horst von Brand
2005-07-14 4:29 ` Nicholas Hans Simmonds [this message]
2005-07-14 20:05 ` Horst von Brand
2005-07-16 14:23 ` Nicholas Hans Simmonds
2005-07-15 3:45 ` Jesper Juhl
2005-07-16 15:42 ` Nicholas Hans Simmonds
-- strict thread matches above, loose matches on Subject: below --
2005-07-24 13:36 Arnout Engelen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050714042934.GA25447@laptop \
--to=nhstux@gmail.com \
--cc=adobriyan@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=morgan@transmeta.com \
--cc=nathans@sgi.com \
--cc=vonbrand@inf.utfsm.cl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.