-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Looks like I goofed here. :*(

Andrew Morton wrote:
| Oh dear, there are so many things wrong with this...
|
| - if security_task_prctl() is returning "fail" then why on earth
|   isn't it setting the error code?

Its not failing, as Shi points out in their patch preamble, its simply
passing-through - security_task_prctl() doesn't implement the requested
PR_* code, so it expects something else (sys_prctl() proper) to set this
value.

| - cap_task_prctl() _does_ set `error' is if returns non-zero, so it
|   must be one of the other myriad backend implementations of
|   security_task_prctl() which is busted.  Which one is it?

None of them. In this case, none of the security modules implement the
requested PRCTL.

| - With the above patch applied, sys_prctl() will return zero (ie:
|   "success") even though it just failed.

Not sure what you mean here. The switch statement only sets a non-zero
value for error on a failing path. It assumes that the error value is
initially zero.

| - Can't we remove the sixth argument to security_task_prctl() and
|   just return the result code like a sane function would do?

A bunch of capability related prctl()s will cease to work.

I'd prefer the attached patch, but I don't object to Shi's. In which case:

~   Acked-by: Andrew G. Morgan <morgan@kernel.org>

Cheers

Andrew

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFINP4d+bHCR3gb8jsRAj9pAJ4g8WqzSOomhIirAdjt2nZ//mCAoACcDA+0
EKUYQcvgTgbPig1erxmglsA=
=n5ae
-----END PGP SIGNATURE-----