diff options
Diffstat (limited to 'kernel/capability.c')
| -rw-r--r-- | kernel/capability.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index cfbe44299488..901e0fdc3fff 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
| @@ -121,6 +121,27 @@ static int cap_validate_magic(cap_user_header_t header, unsigned *tocopy) | |||
| 121 | * uninteresting and/or not to be changed. | 121 | * uninteresting and/or not to be changed. |
| 122 | */ | 122 | */ |
| 123 | 123 | ||
| 124 | /* | ||
| 125 | * Atomically modify the effective capabilities returning the original | ||
| 126 | * value. No permission check is performed here - it is assumed that the | ||
| 127 | * caller is permitted to set the desired effective capabilities. | ||
| 128 | */ | ||
| 129 | kernel_cap_t cap_set_effective(const kernel_cap_t pE_new) | ||
| 130 | { | ||
| 131 | kernel_cap_t pE_old; | ||
| 132 | |||
| 133 | spin_lock(&task_capability_lock); | ||
| 134 | |||
| 135 | pE_old = current->cap_effective; | ||
| 136 | current->cap_effective = pE_new; | ||
| 137 | |||
| 138 | spin_unlock(&task_capability_lock); | ||
| 139 | |||
| 140 | return pE_old; | ||
| 141 | } | ||
| 142 | |||
| 143 | EXPORT_SYMBOL(cap_set_effective); | ||
| 144 | |||
| 124 | /** | 145 | /** |
| 125 | * sys_capget - get the capabilities of a given process. | 146 | * sys_capget - get the capabilities of a given process. |
| 126 | * @header: pointer to struct that contains capability version and | 147 | * @header: pointer to struct that contains capability version and |