[PATCH 1/4] CAPABILITIES: add cpu endian vfs caps structure
Eric Paris
eparis at redhat.com
Tue Oct 21 13:22:17 UTC 2008
On Mon, 2008-10-20 at 22:50 -0700, Andrew G. Morgan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Eric Paris wrote:
> > This patch add a generic cpu endian caps structure and enternally available
> > functions which retrieve fcaps information from disk. This information is
> > necessary so fcaps information can be collected and recorded by the audit
> > system.
> >
> [...]
> > CAP_FOR_EACH_U32(i) {
> > - __u32 value_cpu;
> > -
> > - if (i >= tocopy) {
> > - /*
> > - * Legacy capability sets have no upper bits
> > - */
> > - bprm->cap_post_exec_permitted.cap[i] = 0;
> > + if (i > tocopy) {
>
> Shouldn't the above still be (i >= tocopy) ?
just replaced this with
if (i >= tocopy)
break;
I'm already zero'ing out the cap data at the beginning so there isn't
really a need for me to zero the upper bits if they aren't set.
-Eric
More information about the Linux-audit
mailing list