From: Serge Hallyn <serge.hallyn@canonical.com>
To: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: James Morris <jmorris@namei.org>,
linux-next@vger.kernel.org, linux-kernel@vger.kernel.org,
Eric Paris <eparis@redhat.com>
Subject: Re: linux-next: manual merge of the security-testing tree with Linus' tree
Date: Mon, 16 May 2011 09:13:59 -0500 [thread overview]
Message-ID: <20110516141359.GA9430@mail.hallyn.com> (raw)
In-Reply-To: <20110516130209.0477a9e7.sfr@canb.auug.org.au>
Hi Stephen,
looking at commit ffa8e59df047, it also adds
+extern const kernel_cap_t __cap_full_set;
under __cap_empty_set. My trees are a bit screwed up so I'm not sure if
that gets later removed, but I just wanted to make sure you didn't
accidentally drop that.
Otherwise looks good, thanks and sorry for the noise.
thanks,
-serge
Quoting Stephen Rothwell (sfr@canb.auug.org.au):
> Hi James,
>
> Today's linux-next merge of the security-testing tree got a conflict in
> include/linux/capability.h between commit 47a150edc2ae ("Cache user_ns in
> struct cred") from Linus' tree and commit ffa8e59df047 ("capabilities: do
> not drop CAP_SETPCAP from the initial task") from the security-testing
> tree.
>
> Just context changes. I fixed it up (see below) and can carry the fix as
> necessary.
> --
> Cheers,
> Stephen Rothwell sfr@canb.auug.org.au
>
> diff --cc include/linux/capability.h
> index d4675af,04fed72..0000000
> --- a/include/linux/capability.h
> +++ b/include/linux/capability.h
> @@@ -546,8 -541,21 +541,10 @@@ extern bool has_capability_noaudit(stru
> extern bool capable(int cap);
> extern bool ns_capable(struct user_namespace *ns, int cap);
> extern bool task_ns_capable(struct task_struct *t, int cap);
> +extern bool nsown_capable(int cap);
>
> + extern const kernel_cap_t __cap_empty_set;
> +
> -/**
> - * nsown_capable - Check superior capability to one's own user_ns
> - * @cap: The capability in question
> - *
> - * Return true if the current task has the given superior capability
> - * targeted at its own user namespace.
> - */
> -static inline bool nsown_capable(int cap)
> -{
> - return ns_capable(current_user_ns(), cap);
> -}
> -
> /* audit system wants to get cap info from files as well */
> extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps);
>
next prev parent reply other threads:[~2011-05-16 14:14 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-16 3:02 linux-next: manual merge of the security-testing tree with Linus' tree Stephen Rothwell
2011-05-16 14:13 ` Serge Hallyn [this message]
2011-05-16 14:52 ` Stephen Rothwell
-- strict thread matches above, loose matches on Subject: below --
2010-05-06 2:30 Stephen Rothwell
2010-05-06 10:49 ` David Howells
2010-05-06 23:10 ` James Morris
2010-05-06 23:24 ` Justin P. Mattock
2009-05-22 5:29 Stephen Rothwell
2009-05-22 5:35 ` Al Viro
2009-05-22 9:04 ` James Morris
2009-02-06 7:23 Stephen Rothwell
2009-02-06 8:12 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110516141359.GA9430@mail.hallyn.com \
--to=serge.hallyn@canonical.com \
--cc=eparis@redhat.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-next@vger.kernel.org \
--cc=sfr@canb.auug.org.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox