Date: Mon, 10 Mar 2008 15:57:20 -0500
From: "Serge E. Hallyn" <serue@us.ibm.com>
To: lkml <linux-kernel@vger.kernel.org>, Greg KH <greg@kroah.com>,
       Andrew Morgan <morgan@kernel.org>
Subject: root_plug: use cap_task_prctl
Message-ID: <20080310205720.GB13013@sergelap.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.16 (2007-06-09)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1199
Lines: 33

With the introduction of per-process securebits, the capabilities-related
prctl callbacks were moved into cap_task_prctl().  Have root_plug use
cap_task_prctl() so that PR_SET_KEEPCAPS is defined.

(Andrew, I didn't put patch numbers here, but there are only two of
these.  These are the LSMs which internalize capabilities.  The dummy
module will continue to not support PR_SET_KEEPCAPS).

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
---
 security/root_plug.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/security/root_plug.c b/security/root_plug.c
index 870f130..20d1c9c 100644
--- a/security/root_plug.c
+++ b/security/root_plug.c
@@ -86,6 +86,7 @@ static struct security_operations rootplug_security_ops = {
 
 	.task_post_setuid =		cap_task_post_setuid,
 	.task_reparent_to_init =	cap_task_reparent_to_init,
+	.task_prctl =			cap_task_prctl,
 
 	.bprm_check_security =		rootplug_bprm_check_security,
 };
-- 
1.5.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/