linux-security-module November 2007 archive
Main Archive Page > Month Archives  > linux-security-module archives
linux-security-module: Re: [PATCH] 64 bit capabilities

Re: [PATCH] 64 bit capabilities

From: Serge E. Hallyn <serue_at_nospam>
Date: Sat Nov 10 2007 - 23:17:26 GMT
To: Andrew Morgan <morgan@kernel.org>


Quoting Andrew Morgan (morgan@kernel.org):
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Serge,
>
> I guess I'm not sure what to do about this.
>
> In the caller there is an explicit check for negative rc in which case
> the modifed function is not called.

Yeah, and it's only used to compare to two constants anyway. (I was thinking it was used more directly to control # bytes copied, but it isn't.) It does seem to have the potential of confusing future coders, so from that point of view it might be safest to have if (rc < 0) goto out; unsigned size = (unsigned)rc; rc = cap_from_disk(v1caps, bprm, size);

But it sure looks like I'm being pedantic so please feel free to ignore me.

thanks,
-serge

> The argument really is an unsigned quantity and I felt this change was
> an improvement/fix.
>
> Can you suggest a change that would satisfy you here?
>
> Thanks
>
> Andrew
>
> Serge E. Hallyn wrote:
>
> > Other than the one comment below,
>
> > Acked-by: Serge Hallyn <serue@us.ibm.com>
>
>
> >>
> - -static inline int cap_from_disk(__le32 *caps, struct linux_binprm *bprm,
> - - int size)
> +static inline int cap_from_disk(struct vfs_cap_data *caps,
> + struct linux_binprm *bprm, unsigned size)
>
> > Note that you switched this to unsigned, but the caller is still sending
> > in an int (rc).
>
> [..]
>
> @@ -219,7 +245,7 @@ static int get_file_caps(struct linux_binprm *bprm)
> {
> struct dentry *dentry;
> int rc = 0;
> - - __le32 v1caps[XATTR_CAPS_SZ];
> + struct vfs_cap_data vcaps;
> struct inode *inode;
> >>
> if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID) {
> @@ -232,8 +258,8 @@ static int get_file_caps(struct linux_binprm *bprm)
> if (!inode->i_op || !inode->i_op->getxattr)
> goto out;
> >>
> - - rc = inode->i_op->getxattr(dentry, XATTR_NAME_CAPS, &v1caps,
> - - XATTR_CAPS_SZ);
> + rc = inode->i_op->getxattr(dentry, XATTR_NAME_CAPS, &vcaps,
> + XATTR_CAPS_SZ);
> if (rc == -ENODATA || rc == -EOPNOTSUPP) {
> /* no data, that's ok */
> rc = 0;
> @@ -242,7 +268,7 @@ static int get_file_caps(struct linux_binprm *bprm)
> if (rc < 0)
> goto out;
> >>
> - - rc = cap_from_disk(v1caps, bprm, rc);
> + rc = cap_from_disk(&vcaps, bprm, rc);
> if (rc)
> printk(KERN_NOTICE "%s: cap_from_disk returned %d for %s\n",
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHNTXnmwytjiwfWMwRAl+SAKCWzzeTd/5/gRA3wqE+cb9yfPS9cwCfVjC0
> w4D0isaFXnOCW77WcG+1d7o=
> =kRqk
> -----END PGP SIGNATURE-----

-
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html