Re: [PATCH] capabilities: Ambient capability set V1

From: Serge E. Hallyn
Date: Thu Feb 26 2015 - 16:13:31 EST

Next message: Felix Fietkau: "Re: [RFC PATCH v2] bridge: make it possible for packets to traverse the bridge without hitting netfilter"
Previous message: Christoph Lameter: "Re: [PATCH] capabilities: Ambient capability set V1"
In reply to: Christoph Lameter: "Re: [PATCH] capabilities: Ambient capability set V1"
Next in thread: Christoph Lameter: "Re: [PATCH] capabilities: Ambient capability set V1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 26, 2015 at 03:09:48PM -0600, Christoph Lameter wrote:
> On Thu, 26 Feb 2015, Serge E. Hallyn wrote:
>
> > > Same problem as before. The ambient bits will not be set in pE'.
> >
> > And what if I weren't scatterbrained and we did
> >
> > if (pA)
> > pE' = pP'
> > else
> > pE' = pP' & fE
> >
> > All pP' bits would be set in pE'.
>
> Ok and the non ambient case would break because fE is not available?
> Doesnt this reduce to
>
> pE' = pP'
>
> in either case?

No. fE is not "not available". If you set it with setcap, you *should*
(if i'm tinking right) find fE full when calculating the new capability
sets, because of magic_etc.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Felix Fietkau: "Re: [RFC PATCH v2] bridge: make it possible for packets to traverse the bridge without hitting netfilter"
Previous message: Christoph Lameter: "Re: [PATCH] capabilities: Ambient capability set V1"
In reply to: Christoph Lameter: "Re: [PATCH] capabilities: Ambient capability set V1"
Next in thread: Christoph Lameter: "Re: [PATCH] capabilities: Ambient capability set V1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]