diff options
author | Eric Paris <eparis@redhat.com> | 2012-01-03 12:25:15 -0500 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2012-01-05 18:52:55 -0500 |
commit | 2920a8409de5a51575d03deca07e5bb2be6fc98d (patch) | |
tree | 1f16eba518068e7096b6ff200c09d3d31e285586 /kernel | |
parent | c7eba4a97563fd8b431787f7ad623444f2da80c6 (diff) |
capabilities: remove all _real_ interfaces
The name security_real_capable and security_real_capable_noaudit just don't
make much sense to me. Convert them to use security_capable and
security_capable_noaudit.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/capability.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index d98392719adb..ff50ab62cfca 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
@@ -298,7 +298,11 @@ error: | |||
298 | */ | 298 | */ |
299 | bool has_capability(struct task_struct *t, int cap) | 299 | bool has_capability(struct task_struct *t, int cap) |
300 | { | 300 | { |
301 | int ret = security_real_capable(t, &init_user_ns, cap); | 301 | int ret; |
302 | |||
303 | rcu_read_lock(); | ||
304 | ret = security_capable(__task_cred(t), &init_user_ns, cap); | ||
305 | rcu_read_unlock(); | ||
302 | 306 | ||
303 | return (ret == 0); | 307 | return (ret == 0); |
304 | } | 308 | } |
@@ -317,7 +321,11 @@ bool has_capability(struct task_struct *t, int cap) | |||
317 | bool has_ns_capability(struct task_struct *t, | 321 | bool has_ns_capability(struct task_struct *t, |
318 | struct user_namespace *ns, int cap) | 322 | struct user_namespace *ns, int cap) |
319 | { | 323 | { |
320 | int ret = security_real_capable(t, ns, cap); | 324 | int ret; |
325 | |||
326 | rcu_read_lock(); | ||
327 | ret = security_capable(__task_cred(t), ns, cap); | ||
328 | rcu_read_unlock(); | ||
321 | 329 | ||
322 | return (ret == 0); | 330 | return (ret == 0); |
323 | } | 331 | } |
@@ -335,7 +343,11 @@ bool has_ns_capability(struct task_struct *t, | |||
335 | */ | 343 | */ |
336 | bool has_capability_noaudit(struct task_struct *t, int cap) | 344 | bool has_capability_noaudit(struct task_struct *t, int cap) |
337 | { | 345 | { |
338 | int ret = security_real_capable_noaudit(t, &init_user_ns, cap); | 346 | int ret; |
347 | |||
348 | rcu_read_lock(); | ||
349 | ret = security_capable_noaudit(__task_cred(t), &init_user_ns, cap); | ||
350 | rcu_read_unlock(); | ||
339 | 351 | ||
340 | return (ret == 0); | 352 | return (ret == 0); |
341 | } | 353 | } |