aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/capability.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/capability.c')
-rw-r--r--kernel/capability.c20
1 files changed, 17 insertions, 3 deletions
diff --git a/kernel/capability.c b/kernel/capability.c
index 64db1ee820c2..8986a37a67ea 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -31,8 +31,14 @@ static DEFINE_SPINLOCK(task_capability_lock);
31 * uninteresting and/or not to be changed. 31 * uninteresting and/or not to be changed.
32 */ 32 */
33 33
34/* 34/**
35 * sys_capget - get the capabilities of a given process. 35 * sys_capget - get the capabilities of a given process.
36 * @header: pointer to struct that contains capability version and
37 * target pid data
38 * @dataptr: pointer to struct that contains the effective, permitted,
39 * and inheritable capabilities that are returned
40 *
41 * Returns 0 on success and < 0 on error.
36 */ 42 */
37asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr) 43asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr)
38{ 44{
@@ -141,8 +147,14 @@ static inline int cap_set_all(kernel_cap_t *effective,
141 return ret; 147 return ret;
142} 148}
143 149
144/* 150/**
145 * sys_capset - set capabilities for a given process, all processes, or all 151 * sys_capset - set capabilities for a process or a group of processes
152 * @header: pointer to struct that contains capability version and
153 * target pid data
154 * @data: pointer to struct that contains the effective, permitted,
155 * and inheritable capabilities
156 *
157 * Set capabilities for a given process, all processes, or all
146 * processes in a given process group. 158 * processes in a given process group.
147 * 159 *
148 * The restrictions on setting capabilities are specified as: 160 * The restrictions on setting capabilities are specified as:
@@ -152,6 +164,8 @@ static inline int cap_set_all(kernel_cap_t *effective,
152 * I: any raised capabilities must be a subset of the (old current) permitted 164 * I: any raised capabilities must be a subset of the (old current) permitted
153 * P: any raised capabilities must be a subset of the (old current) permitted 165 * P: any raised capabilities must be a subset of the (old current) permitted
154 * E: must be set to a subset of (new target) permitted 166 * E: must be set to a subset of (new target) permitted
167 *
168 * Returns 0 on success and < 0 on error.
155 */ 169 */
156asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data) 170asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
157{ 171{