From: Oren Laadan <orenl-eQaUEPhvms7ENvBUuze7eA@public.gmane.org>
To: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Cc: Linux Containers <containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>
Subject: Re: [PATCH] CONFIG_SECURITY_FILE_CAPABILITIES has been gone awhile
Date: Fri, 30 Apr 2010 21:29:05 -0400 [thread overview]
Message-ID: <4BDB83E1.10308@cs.columbia.edu> (raw)
In-Reply-To: <20100430234224.GA19790-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Applied for v21.
Serge E. Hallyn wrote:
> Thanks Matt for noticing the sbits testcase was screaming at us
> about this being broken!
>
> Signed-off-by: Serge E. Hallyn <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> ---
> kernel/capability.c | 16 ----------------
> 1 files changed, 0 insertions(+), 16 deletions(-)
>
> diff --git a/kernel/capability.c b/kernel/capability.c
> index ccb8907..c39d6b0 100644
> --- a/kernel/capability.c
> +++ b/kernel/capability.c
> @@ -316,7 +316,6 @@ SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data)
>
> }
>
> -#ifdef CONFIG_SECURITY_FILE_CAPABILITIES
> int apply_securebits(unsigned securebits, struct cred *new)
> {
> if ((((new->securebits & SECURE_ALL_LOCKS) >> 1)
> @@ -361,21 +360,6 @@ static inline int restore_cap_bset(kernel_cap_t bset, struct cred *cred)
> return 0;
> }
>
> -#else /* CONFIG_SECURITY_FILE_CAPABILITIES */
> -
> -int apply_securebits(unsigned securebits, struct cred *new)
> -{
> - /* settable securebits not supported */
> - return 0;
> -}
> -
> -static inline int restore_cap_bset(kernel_cap_t bset, struct cred *cred)
> -{
> - /* bounding sets not supported */
> - return 0;
> -}
> -#endif /* CONFIG_SECURITY_FILE_CAPABILITIES */
> -
> #ifdef CONFIG_CHECKPOINT
> static int do_restore_caps(struct ckpt_capabilities *h, struct cred *cred)
> {
prev parent reply other threads:[~2010-05-01 1:29 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-30 23:42 [PATCH] CONFIG_SECURITY_FILE_CAPABILITIES has been gone awhile Serge E. Hallyn
[not found] ` <20100430234224.GA19790-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2010-05-01 1:29 ` Oren Laadan [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BDB83E1.10308@cs.columbia.edu \
--to=orenl-eqauephvms7envbuuze7ea@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox