diff options
| author | Takashi Iwai <tiwai@suse.de> | 2009-12-21 05:21:15 -0500 |
|---|---|---|
| committer | Takashi Iwai <tiwai@suse.de> | 2009-12-21 05:21:15 -0500 |
| commit | de8853bc38ceab1fa7e7f723b21430d4aad60fea (patch) | |
| tree | 5084ef51866fd1767324f8dc8eb36e97c55350f5 /kernel/capability.c | |
| parent | f5de24b06aa46427500d0fdbe8616b73a71d8c28 (diff) | |
| parent | 440b004cf953bec2bc8cd91c64ae707fd7e25327 (diff) | |
Merge remote branch 'alsa/fixes' into fix/hda
Diffstat (limited to 'kernel/capability.c')
| -rw-r--r-- | kernel/capability.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index 4e17041963f5..7f876e60521f 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
| @@ -29,7 +29,6 @@ EXPORT_SYMBOL(__cap_empty_set); | |||
| 29 | EXPORT_SYMBOL(__cap_full_set); | 29 | EXPORT_SYMBOL(__cap_full_set); |
| 30 | EXPORT_SYMBOL(__cap_init_eff_set); | 30 | EXPORT_SYMBOL(__cap_init_eff_set); |
| 31 | 31 | ||
| 32 | #ifdef CONFIG_SECURITY_FILE_CAPABILITIES | ||
| 33 | int file_caps_enabled = 1; | 32 | int file_caps_enabled = 1; |
| 34 | 33 | ||
| 35 | static int __init file_caps_disable(char *str) | 34 | static int __init file_caps_disable(char *str) |
| @@ -38,7 +37,6 @@ static int __init file_caps_disable(char *str) | |||
| 38 | return 1; | 37 | return 1; |
| 39 | } | 38 | } |
| 40 | __setup("no_file_caps", file_caps_disable); | 39 | __setup("no_file_caps", file_caps_disable); |
| 41 | #endif | ||
| 42 | 40 | ||
| 43 | /* | 41 | /* |
| 44 | * More recent versions of libcap are available from: | 42 | * More recent versions of libcap are available from: |
| @@ -169,8 +167,8 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) | |||
| 169 | kernel_cap_t pE, pI, pP; | 167 | kernel_cap_t pE, pI, pP; |
| 170 | 168 | ||
| 171 | ret = cap_validate_magic(header, &tocopy); | 169 | ret = cap_validate_magic(header, &tocopy); |
| 172 | if (ret != 0) | 170 | if ((dataptr == NULL) || (ret != 0)) |
| 173 | return ret; | 171 | return ((dataptr == NULL) && (ret == -EINVAL)) ? 0 : ret; |
| 174 | 172 | ||
| 175 | if (get_user(pid, &header->pid)) | 173 | if (get_user(pid, &header->pid)) |
| 176 | return -EFAULT; | 174 | return -EFAULT; |
| @@ -238,7 +236,7 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) | |||
| 238 | SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data) | 236 | SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data) |
| 239 | { | 237 | { |
| 240 | struct __user_cap_data_struct kdata[_KERNEL_CAPABILITY_U32S]; | 238 | struct __user_cap_data_struct kdata[_KERNEL_CAPABILITY_U32S]; |
| 241 | unsigned i, tocopy; | 239 | unsigned i, tocopy, copybytes; |
| 242 | kernel_cap_t inheritable, permitted, effective; | 240 | kernel_cap_t inheritable, permitted, effective; |
| 243 | struct cred *new; | 241 | struct cred *new; |
| 244 | int ret; | 242 | int ret; |
| @@ -255,8 +253,11 @@ SYSCALL_DEFINE2(capset, cap_user_header_t, header, const cap_user_data_t, data) | |||
| 255 | if (pid != 0 && pid != task_pid_vnr(current)) | 253 | if (pid != 0 && pid != task_pid_vnr(current)) |
| 256 | return -EPERM; | 254 | return -EPERM; |
| 257 | 255 | ||
| 258 | if (copy_from_user(&kdata, data, | 256 | copybytes = tocopy * sizeof(struct __user_cap_data_struct); |
| 259 | tocopy * sizeof(struct __user_cap_data_struct))) | 257 | if (copybytes > sizeof(kdata)) |
| 258 | return -EFAULT; | ||
| 259 | |||
| 260 | if (copy_from_user(&kdata, data, copybytes)) | ||
| 260 | return -EFAULT; | 261 | return -EFAULT; |
| 261 | 262 | ||
| 262 | for (i = 0; i < tocopy; i++) { | 263 | for (i = 0; i < tocopy; i++) { |