Since commit 3bc1fa8a ("LSM: remove BSD secure level security module")
there is no user of cap_is_fs_cap any more, so remove it.
Signed-off-by: Yaowei Bai <[email protected]>
---
include/linux/capability.h | 6 ------
1 file changed, 6 deletions(-)
diff --git a/include/linux/capability.h b/include/linux/capability.h
index af9f0b9..b032003 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -171,12 +171,6 @@ static inline int cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
/* Used to decide between falling back on the old suser() or fsuser(). */
-static inline int cap_is_fs_cap(int cap)
-{
- const kernel_cap_t __cap_fs_set = CAP_FS_SET;
- return !!(CAP_TO_MASK(cap) & __cap_fs_set.cap[CAP_TO_INDEX(cap)]);
-}
-
static inline kernel_cap_t cap_drop_fs_set(const kernel_cap_t a)
{
const kernel_cap_t __cap_fs_set = CAP_FS_SET;
--
1.9.1
This patch makes cap_issubset/isclear return bool due to these
functions only using either one or zero as their return
value.
No functional change.
Signed-off-by: Yaowei Bai <[email protected]>
---
include/linux/capability.h | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/include/linux/capability.h b/include/linux/capability.h
index b032003..f314275 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -145,24 +145,24 @@ static inline kernel_cap_t cap_invert(const kernel_cap_t c)
return dest;
}
-static inline int cap_isclear(const kernel_cap_t a)
+static inline bool cap_isclear(const kernel_cap_t a)
{
unsigned __capi;
CAP_FOR_EACH_U32(__capi) {
if (a.cap[__capi] != 0)
- return 0;
+ return false;
}
- return 1;
+ return true;
}
/*
* Check if "a" is a subset of "set".
- * return 1 if ALL of the capabilities in "a" are also in "set"
- * cap_issubset(0101, 1111) will return 1
- * return 0 if ANY of the capabilities in "a" are not in "set"
- * cap_issubset(1111, 0101) will return 0
+ * return true if ALL of the capabilities in "a" are also in "set"
+ * cap_issubset(0101, 1111) will return true
+ * return false if ANY of the capabilities in "a" are not in "set"
+ * cap_issubset(1111, 0101) will return false
*/
-static inline int cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
+static inline bool cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
{
kernel_cap_t dest;
dest = cap_drop(a, set);
--
1.9.1
On Tue, Nov 17, 2015 at 03:25:23PM +0800, Yaowei Bai wrote:
> Since commit 3bc1fa8a ("LSM: remove BSD secure level security module")
> there is no user of cap_is_fs_cap any more, so remove it.
>
> Signed-off-by: Yaowei Bai <[email protected]>
Acked-by: Serge Hallyn <[email protected]>
> ---
> include/linux/capability.h | 6 ------
> 1 file changed, 6 deletions(-)
>
> diff --git a/include/linux/capability.h b/include/linux/capability.h
> index af9f0b9..b032003 100644
> --- a/include/linux/capability.h
> +++ b/include/linux/capability.h
> @@ -171,12 +171,6 @@ static inline int cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
>
> /* Used to decide between falling back on the old suser() or fsuser(). */
>
> -static inline int cap_is_fs_cap(int cap)
> -{
> - const kernel_cap_t __cap_fs_set = CAP_FS_SET;
> - return !!(CAP_TO_MASK(cap) & __cap_fs_set.cap[CAP_TO_INDEX(cap)]);
> -}
> -
> static inline kernel_cap_t cap_drop_fs_set(const kernel_cap_t a)
> {
> const kernel_cap_t __cap_fs_set = CAP_FS_SET;
> --
> 1.9.1
>
>
On Tue, Nov 17, 2015 at 03:25:24PM +0800, Yaowei Bai wrote:
> This patch makes cap_issubset/isclear return bool due to these
> functions only using either one or zero as their return
> value.
>
> No functional change.
>
> Signed-off-by: Yaowei Bai <[email protected]>
Acked-by: Serge Hallyn <[email protected]>
> ---
> include/linux/capability.h | 16 ++++++++--------
> 1 file changed, 8 insertions(+), 8 deletions(-)
>
> diff --git a/include/linux/capability.h b/include/linux/capability.h
> index b032003..f314275 100644
> --- a/include/linux/capability.h
> +++ b/include/linux/capability.h
> @@ -145,24 +145,24 @@ static inline kernel_cap_t cap_invert(const kernel_cap_t c)
> return dest;
> }
>
> -static inline int cap_isclear(const kernel_cap_t a)
> +static inline bool cap_isclear(const kernel_cap_t a)
> {
> unsigned __capi;
> CAP_FOR_EACH_U32(__capi) {
> if (a.cap[__capi] != 0)
> - return 0;
> + return false;
> }
> - return 1;
> + return true;
> }
>
> /*
> * Check if "a" is a subset of "set".
> - * return 1 if ALL of the capabilities in "a" are also in "set"
> - * cap_issubset(0101, 1111) will return 1
> - * return 0 if ANY of the capabilities in "a" are not in "set"
> - * cap_issubset(1111, 0101) will return 0
> + * return true if ALL of the capabilities in "a" are also in "set"
> + * cap_issubset(0101, 1111) will return true
> + * return false if ANY of the capabilities in "a" are not in "set"
> + * cap_issubset(1111, 0101) will return false
> */
> -static inline int cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
> +static inline bool cap_issubset(const kernel_cap_t a, const kernel_cap_t set)
> {
> kernel_cap_t dest;
> dest = cap_drop(a, set);
> --
> 1.9.1
>
>
On Tue, 17 Nov 2015, Yaowei Bai wrote:
> Since commit 3bc1fa8a ("LSM: remove BSD secure level security module")
> there is no user of cap_is_fs_cap any more, so remove it.
>
> Signed-off-by: Yaowei Bai <[email protected]>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<[email protected]>
On Tue, 17 Nov 2015, Yaowei Bai wrote:
> This patch makes cap_issubset/isclear return bool due to these
> functions only using either one or zero as their return
> value.
>
> No functional change.
>
> Signed-off-by: Yaowei Bai <[email protected]>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
--
James Morris
<[email protected]>