Commit a3232d2fa2e3cbab3e76d91cdae5890fee8a4034
Committed by
James Morris
1 parent
5163b583a0
Exists in
master
and in
20 other branches
capabilities: delete all CAP_INIT macros
The CAP_INIT macros of INH, BSET, and EFF made sense at one point in time, but now days they aren't helping. Just open code the logic in the init_cred. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Showing 3 changed files with 3 additions and 13 deletions Side-by-side Diff
include/linux/capability.h
... | ... | @@ -421,9 +421,6 @@ |
421 | 421 | |
422 | 422 | #endif /* _KERNEL_CAPABILITY_U32S != 2 */ |
423 | 423 | |
424 | -#define CAP_INIT_INH_SET CAP_EMPTY_SET | |
425 | -#define CAP_INIT_EFF_SET CAP_FULL_SET | |
426 | - | |
427 | 424 | # define cap_clear(c) do { (c) = __cap_empty_set; } while (0) |
428 | 425 | |
429 | 426 | #define cap_raise(c, flag) ((c).cap[CAP_TO_INDEX(flag)] |= CAP_TO_MASK(flag)) |
include/linux/init_task.h
... | ... | @@ -83,13 +83,6 @@ |
83 | 83 | #define INIT_IDS |
84 | 84 | #endif |
85 | 85 | |
86 | -/* | |
87 | - * Because of the reduced scope of CAP_SETPCAP when filesystem | |
88 | - * capabilities are in effect, it is safe to allow CAP_SETPCAP to | |
89 | - * be available in the default configuration. | |
90 | - */ | |
91 | -# define CAP_INIT_BSET CAP_FULL_SET | |
92 | - | |
93 | 86 | #ifdef CONFIG_RCU_BOOST |
94 | 87 | #define INIT_TASK_RCU_BOOST() \ |
95 | 88 | .rcu_boost_mutex = NULL, |
kernel/cred.c
... | ... | @@ -49,10 +49,10 @@ |
49 | 49 | .magic = CRED_MAGIC, |
50 | 50 | #endif |
51 | 51 | .securebits = SECUREBITS_DEFAULT, |
52 | - .cap_inheritable = CAP_INIT_INH_SET, | |
52 | + .cap_inheritable = CAP_EMPTY_SET, | |
53 | 53 | .cap_permitted = CAP_FULL_SET, |
54 | - .cap_effective = CAP_INIT_EFF_SET, | |
55 | - .cap_bset = CAP_INIT_BSET, | |
54 | + .cap_effective = CAP_FULL_SET, | |
55 | + .cap_bset = CAP_FULL_SET, | |
56 | 56 | .user = INIT_USER, |
57 | 57 | .group_info = &init_groups, |
58 | 58 | #ifdef CONFIG_KEYS |