linux-security-module November 2007 archive
Main Archive Page > Month Archives  > linux-security-module archives
linux-security-module: Re: [PATCH] 64 bit capabilities

Re: [PATCH] 64 bit capabilities

From: Andrew Morgan <morgan_at_nospam>
Date: Sat Nov 10 2007 - 04:15:21 GMT
To: Andrew Morton <akpm@linux-foundation.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Serge E. Hallyn wrote: >>> Note: to apply this patch against Linus' upstream kernel, you will first >>> have to undo this other patch from Serge: >>> >>> From b68680e4731abbd78863063aaa0dca2a6d8cc723 Mon Sep 17 00:00:00 2001 >>> From: Serge E. Hallyn <serue@us.ibm.com> >>> Date: Sun, 21 Oct 2007 16:41:38 -0700 >>> Subject: [PATCH] capabilities: clean up file capability reading >>> >>> It seems that this patch has made it into 2.6.24-rc1, but it is not >> Well I did that reversion, but I don't understand why. Was that patch >> wrong, or did it make this new patch impractical, or...?
>
> Andrew wanted to keep the vfs_cap_data.data[] structure, using two
> 'data's for 64-bit caps (and later three for 96-bit caps), whereas
> my patch had gotten rid of the 'data' struct made its members inline.
>
> His 64-bit caps patch keeps the stack abuse fix at get_file_caps(),
> which was the more important part of that patch.

Serge and I had diverged in what we considered a cleanup. I took his important stack abuse fix, but did not follow the path he was taking with the capability.h file changes.

So the higher order bit is "yes" to the "impractical" part of your question above.

Cheers

Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHNTBZmwytjiwfWMwRAp9xAJ9Ys7jGTKlnRoeIH6EeijhNoeBfuACeIEUF E3LC7BCk/zk4Ae/RlTgHMTE=
=9tu/
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html