Re: [PATCH 2/2] netlink: kill eff_cap from struct netlink_skb_parms

From: David Miller <davem@davemloft.net>
Date: 2011-03-03 18:56:55
Also in: dm-devel

From: Chris Wright <redacted>
Date: Thu, 3 Mar 2011 09:32:30 -0800

* Patrick McHardy (kaber@trash.net) wrote:

quoted

commit 8ff259625f0ab295fa085b0718eed13093813fbc
Author: Patrick McHardy [off-list ref]
Date:   Thu Mar 3 10:17:31 2011 +0100

    netlink: kill eff_cap from struct netlink_skb_parms
    
    Netlink message processing in the kernel is synchronous these days,
    capabilities can be checked directly in security_netlink_recv() from
    the current process.
    
    Signed-off-by: Patrick McHardy [off-list ref]

Thanks for doing that Patrick.  I looked at this earlier and thought
there was still an async path, but I guess that's just to another
userspace process.

BTW, I think you missed a couple connector based callers:

drivers/staging/pohmelfs/config.c:      if (!cap_raised(nsp->eff_cap, CAP_SYS_AD
drivers/video/uvesafb.c:        if (!cap_raised(nsp->eff_cap, CAP_SYS_ADMIN))

Fix those and:

Acked-by: Chris Wright <redacted>

Patrick, I'll apply your first patch, please respin this second patch with
the changes mentioned here.

Thanks!

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help