[Devel] Re: [PATCH] CONFIG_SECURITY_FILE_CAPABILITIES has been gone awhile
Oren Laadan
orenl at cs.columbia.edu
Fri Apr 30 18:29:05 PDT 2010
Applied for v21.
Serge E. Hallyn wrote:
> Thanks Matt for noticing the sbits testcase was screaming at us
> about this being broken!
>
> Signed-off-by: Serge E. Hallyn <serue at us.ibm.com>
> ---
> kernel/capability.c | 16 ----------------
> 1 files changed, 0 insertions(+), 16 deletions(-)
>
> diff --git a/kernel/capability.c b/kernel/capability.c
> index ccb8907..c39d6b0 100644
> --- a/kernel/capability.c
> +++ b/kernel/capability.c
> @@ -316,7 +316,6 @@ SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data)
>
> }
>
> -#ifdef CONFIG_SECURITY_FILE_CAPABILITIES
> int apply_securebits(unsigned securebits, struct cred *new)
> {
> if ((((new->securebits & SECURE_ALL_LOCKS) >> 1)
> @@ -361,21 +360,6 @@ static inline int restore_cap_bset(kernel_cap_t bset, struct cred *cred)
> return 0;
> }
>
> -#else /* CONFIG_SECURITY_FILE_CAPABILITIES */
> -
> -int apply_securebits(unsigned securebits, struct cred *new)
> -{
> - /* settable securebits not supported */
> - return 0;
> -}
> -
> -static inline int restore_cap_bset(kernel_cap_t bset, struct cred *cred)
> -{
> - /* bounding sets not supported */
> - return 0;
> -}
> -#endif /* CONFIG_SECURITY_FILE_CAPABILITIES */
> -
> #ifdef CONFIG_CHECKPOINT
> static int do_restore_caps(struct ckpt_capabilities *h, struct cred *cred)
> {
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list