It is after all 2.5-time, and hence time for a spring-cleaning.
This patch removes suser/fsuser, and while at it,
fixes ufs/balloc.c to use capable instead.
I figured that the only way to get people to fix their files was
to break them ;-P
These files are still naughty (feel free to fix!):
arch/i386/kernel/mtrr.c
arch/sparc64/kernel/ioctl32.c
drivers/net/wan/lmc/lmc_main.c
drivers/net/fealnx.c
drivers/block/cciss.c
drivers/block/cpqarray.c
drivers/block/swim3.c
drivers/block/swim_iop.c
drivers/char/tty_io.c
drivers/char/vt.c
drivers/char/mxser.c
drivers/char/serial167.c
drivers/char/ip2main.c
drivers/char/rio/rio_linux.c
drivers/char/moxa.c
drivers/scsi/cpqfcTSinit.c
drivers/pcmcia/ds.c
drivers/s390/char/tubtty.c
I hope I didn't miss anything.
Regards: David Weinehall
_ _
// David Weinehall <[email protected]> /> Northern lights wander \\
// Maintainer of the v2.0 kernel // Dance across the winter sky //
\> http://www.acc.umu.se/~tao/ </ Full colour fire </
--- linux-2.5.3-pre1/fs/ufs/balloc.c.old Thu Jan 17 08:44:17 2002
+++ linux-2.5.3-pre1/fs/ufs/balloc.c Thu Jan 17 08:45:37 2002
@@ -284,16 +284,16 @@
return 0;
}
}
-
+
/*
* There is not enough space for user on the device
*/
- if (!fsuser() && ufs_freespace(usb1, UFS_MINFREE) <= 0) {
+ if (!capable(CAP_SYS_RESOURCE) && ufs_freespace(usb1, UFS_MINFREE) <= 0) {
unlock_super (sb);
UFSD(("EXIT (FAILED)\n"))
return 0;
- }
-
+ }
+
if (goal >= uspi->s_size)
goal = 0;
if (goal == 0)
--- linux-2.5.3-pre1/include/linux/sched.h.old Thu Jan 17 08:35:21 2002
+++ linux-2.5.3-pre1/include/linux/sched.h Thu Jan 17 08:37:53 2002
@@ -727,52 +727,15 @@
unsigned long, const char *, void *);
extern void free_irq(unsigned int, void *);
-/*
- * This has now become a routine instead of a macro, it sets a flag if
- * it returns true (to do BSD-style accounting where the process is flagged
- * if it uses root privs). The implication of this is that you should do
- * normal permissions checks first, and check suser() last.
- *
- * [Dec 1997 -- Chris Evans]
- * For correctness, the above considerations need to be extended to
- * fsuser(). This is done, along with moving fsuser() checks to be
- * last.
- *
- * These will be removed, but in the mean time, when the SECURE_NOROOT
- * flag is set, uids don't grant privilege.
- */
-static inline int suser(void)
-{
- if (!issecure(SECURE_NOROOT) && current->euid == 0) {
- current->flags |= PF_SUPERPRIV;
- return 1;
- }
- return 0;
-}
-
-static inline int fsuser(void)
-{
- if (!issecure(SECURE_NOROOT) && current->fsuid == 0) {
- current->flags |= PF_SUPERPRIV;
- return 1;
- }
- return 0;
-}
/*
- * capable() checks for a particular capability.
- * New privilege checks should use this interface, rather than suser() or
- * fsuser(). See include/linux/capability.h for defined capabilities.
+ * capable() checks for a particular capability.
+ * See include/linux/capability.h for defined capabilities.
*/
static inline int capable(int cap)
{
-#if 1 /* ok now */
- if (cap_raised(current->cap_effective, cap))
-#else
- if (cap_is_fs_cap(cap) ? current->fsuid == 0 : current->euid == 0)
-#endif
- {
+ if (cap_raised(current->cap_effective, cap)) {
current->flags |= PF_SUPERPRIV;
return 1;
}
--- linux-2.5.3-pre1/include/linux/capability.h.old Thu Jan 17 08:40:59 2002
+++ linux-2.5.3-pre1/include/linux/capability.h Thu Jan 17 08:41:05 2002
@@ -99,10 +99,6 @@
#define CAP_FSETID 4
-/* Used to decide between falling back on the old suser() or fsuser(). */
-
-#define CAP_FS_MASK 0x1f
-
/* Overrides the restriction that the real or effective user ID of a
process sending a signal must match the real or effective user ID
of the process receiving the signal. */
@@ -345,8 +341,6 @@
#define cap_clear(c) do { cap_t(c) = 0; } while(0)
#define cap_set_full(c) do { cap_t(c) = ~0; } while(0)
#define cap_mask(c,mask) do { cap_t(c) &= cap_t(mask); } while(0)
-
-#define cap_is_fs_cap(c) (CAP_TO_MASK(c) & CAP_FS_MASK)
#endif /* __KERNEL__ */
On Thu, Jan 17, 2002 at 09:12:03AM +0100, David Weinehall wrote:
> It is after all 2.5-time, and hence time for a spring-cleaning.
> These files are still naughty (feel free to fix!):
>
> arch/i386/kernel/mtrr.c
This file in particular needs more than just a spring clean imo.
As extra support was added for the different MTRR lookalikes,
it got messier and messier until it turned into the goop we
have now. Doing a real cleanup on this has been on my TODO for
months now. Hopefully I'll get around to it in the 2.5 timeframe.
--
| Dave Jones. http://www.codemonkey.org.uk
| SuSE Labs
On Thu, Jan 17, 2002 at 12:27:04PM +0100, Dave Jones wrote:
> On Thu, Jan 17, 2002 at 09:12:03AM +0100, David Weinehall wrote:
> > It is after all 2.5-time, and hence time for a spring-cleaning.
> > These files are still naughty (feel free to fix!):
> >
> > arch/i386/kernel/mtrr.c
>
> This file in particular needs more than just a spring clean imo.
> As extra support was added for the different MTRR lookalikes,
> it got messier and messier until it turned into the goop we
> have now. Doing a real cleanup on this has been on my TODO for
> months now. Hopefully I'll get around to it in the 2.5 timeframe.
Agreed. I had a look in it, and it looked like a horrible mess.
/David
_ _
// David Weinehall <[email protected]> /> Northern lights wander \\
// Maintainer of the v2.0 kernel // Dance across the winter sky //
\> http://www.acc.umu.se/~tao/ </ Full colour fire </