diff options
| author |   Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-14 18:36:33 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-01-14 18:36:33 -0800 |
| commit | c49c41a4134679cecb77362e7f6b59acb6320aa7 (patch) | |
| tree | 45e690c036ca5846a48c8be67945d1d841b2d96d /include/linux/capability.h | |
| parent | Merge tag 'kmemleak' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux (diff) | |
| parent | capabilities: remove __cap_full_set definition (diff) | |
| download | linux-dev-c49c41a4134679cecb77362e7f6b59acb6320aa7.tar.xz linux-dev-c49c41a4134679cecb77362e7f6b59acb6320aa7.zip | |
Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security
* 'for-linus' of git://selinuxproject.org/~jmorris/linux-security:
capabilities: remove __cap_full_set definition
security: remove the security_netlink_recv hook as it is equivalent to capable()
ptrace: do not audit capability check when outputing /proc/pid/stat
capabilities: remove task_ns_* functions
capabitlies: ns_capable can use the cap helpers rather than lsm call
capabilities: style only - move capable below ns_capable
capabilites: introduce new has_ns_capabilities_noaudit
capabilities: call has_ns_capability from has_capability
capabilities: remove all _real_ interfaces
capabilities: introduce security_capable_noaudit
capabilities: reverse arguments to security_capable
capabilities: remove the task from capable LSM hook entirely
selinux: sparse fix: fix several warnings in the security server cod
selinux: sparse fix: fix warnings in netlink code
selinux: sparse fix: eliminate warnings for selinuxfs
selinux: sparse fix: declare selinux_disable() in security.h
selinux: sparse fix: move selinux_complete_init
selinux: sparse fix: make selinux_secmark_refcount static
SELinux: Fix RCU deref check warning in sel_netport_insert()
Manually fix up a semantic mis-merge wrt security_netlink_recv():
- the interface was removed in commit fd7784615248 ("security: remove
the security_netlink_recv hook as it is equivalent to capable()")
- a new user of it appeared in commit a38f7907b926 ("crypto: Add
userspace configuration API")
causing no automatic merge conflict, but Eric Paris pointed out the
issue.
Diffstat (limited to 'include/linux/capability.h')
| -rw-r--r-- | include/linux/capability.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h index a63d13d84ad8..12d52dedb229 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h @@ -380,7 +380,6 @@ struct user_namespace; struct user_namespace *current_user_ns(void); extern const kernel_cap_t __cap_empty_set; -extern const kernel_cap_t __cap_full_set; extern const kernel_cap_t __cap_init_eff_set; /* @@ -544,9 +543,10 @@ extern bool has_capability(struct task_struct *t, int cap); extern bool has_ns_capability(struct task_struct *t, struct user_namespace *ns, int cap); extern bool has_capability_noaudit(struct task_struct *t, int cap); +extern bool has_ns_capability_noaudit(struct task_struct *t, + struct user_namespace *ns, int cap); extern bool capable(int cap); extern bool ns_capable(struct user_namespace *ns, int cap); -extern bool task_ns_capable(struct task_struct *t, int cap); extern bool nsown_capable(int cap); /* audit system wants to get cap info from files as well */ |