diff options
author | Andrew G. Morgan <morgan@kernel.org> | 2009-11-23 05:57:52 +0100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-11-23 22:53:29 +0100 |
commit | c4a5af54c8ef277a59189fc9358e190f3c1b8206 (patch) | |
tree | eab45631ca769f92f01276066ee58861ad494d18 /kernel/capability.c | |
parent | LSM: Move security_path_chmod()/security_path_chown() to after mutex_lock(). (diff) | |
download | linux-c4a5af54c8ef277a59189fc9358e190f3c1b8206.tar.xz linux-c4a5af54c8ef277a59189fc9358e190f3c1b8206.zip |
Silence the existing API for capability version compatibility check.
When libcap, or other libraries attempt to confirm/determine the supported
capability version magic, they generally supply a NULL dataptr to capget().
In this case, while returning the supported/preferred magic (via a
modified header content), the return code of this system call may be 0,
-EINVAL, or -EFAULT.
No libcap code depends on the previous -EINVAL etc. return code, and
all of the above three return codes can accompany a valid (successful)
attempt to determine the requested magic value.
This patch cleans up the system call to return 0, if the call is
successfully being used to determine the supported/preferred capability
magic value.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Acked-by: Steve Grubb <sgrubb@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to '')
-rw-r--r-- | kernel/capability.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index c2316d3fa094..c450375e855f 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -169,8 +169,8 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) kernel_cap_t pE, pI, pP; ret = cap_validate_magic(header, &tocopy); - if (ret != 0) - return ret; + if ((dataptr == NULL) || (ret != 0)) + return ((dataptr == NULL) && (ret == -EINVAL)) ? 0 : ret; if (get_user(pid, &header->pid)) return -EFAULT; |