diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-09 22:24:21 +0300 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-09 22:24:21 +0300 |
commit | 9d22167f34305280c5dd57a74c21651da3c23015 (patch) | |
tree | 2cafd45c1ea48fc922c178260b508d68a6e909d8 /security | |
parent | 593c75463ab6d6985cdc9916f3d1c28b5f6340cd (diff) | |
parent | c5eaab1d131d0a6272df7d55a971a67400d63f56 (diff) | |
download | linux-9d22167f34305280c5dd57a74c21651da3c23015.tar.xz |
Merge branch 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull capabilities update from James Morris:
"Minor fixes for capabilities:
- Update the commoncap.c code to utilize XATTR_SECURITY_PREFIX_LEN,
from Carmeli tamir.
- Make the capability hooks static, from Yue Haibing"
* 'next-lsm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
security/commoncap: Use xattr security prefix len
security: Make capability_hooks static
Diffstat (limited to 'security')
-rw-r--r-- | security/commoncap.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index c0b9664ee49e..f4ee0ae106b2 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -915,7 +915,7 @@ int cap_inode_setxattr(struct dentry *dentry, const char *name, /* Ignore non-security xattrs */ if (strncmp(name, XATTR_SECURITY_PREFIX, - sizeof(XATTR_SECURITY_PREFIX) - 1) != 0) + XATTR_SECURITY_PREFIX_LEN) != 0) return 0; /* @@ -947,7 +947,7 @@ int cap_inode_removexattr(struct dentry *dentry, const char *name) /* Ignore non-security xattrs */ if (strncmp(name, XATTR_SECURITY_PREFIX, - sizeof(XATTR_SECURITY_PREFIX) - 1) != 0) + XATTR_SECURITY_PREFIX_LEN) != 0) return 0; if (strcmp(name, XATTR_NAME_CAPS) == 0) { @@ -1339,7 +1339,7 @@ int cap_mmap_file(struct file *file, unsigned long reqprot, #ifdef CONFIG_SECURITY -struct security_hook_list capability_hooks[] __lsm_ro_after_init = { +static struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(capable, cap_capable), LSM_HOOK_INIT(settime, cap_settime), LSM_HOOK_INIT(ptrace_access_check, cap_ptrace_access_check), |