diff options
author | Chris Wright <chrisw@sous-sol.org> | 2006-03-25 03:07:41 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 08:22:56 -0800 |
commit | 12b5989be10011387a9da5dee82e5c0d6f9d02e7 (patch) | |
tree | 74da71d407bf26bf97c639bb2b473de233a736ac /kernel | |
parent | 77d47582c2345e071df02afaf9191641009287c4 (diff) | |
download | kernel-crypto-12b5989be10011387a9da5dee82e5c0d6f9d02e7.tar.gz kernel-crypto-12b5989be10011387a9da5dee82e5c0d6f9d02e7.tar.xz kernel-crypto-12b5989be10011387a9da5dee82e5c0d6f9d02e7.zip |
[PATCH] refactor capable() to one implementation, add __capable() helper
Move capable() to kernel/capability.c and eliminate duplicate
implementations. Add __capable() function which can be used to check for
capabiilty of any process.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/capability.c | 16 | ||||
-rw-r--r-- | kernel/sys.c | 12 |
2 files changed, 16 insertions, 12 deletions
diff --git a/kernel/capability.c b/kernel/capability.c index bfa3c92e16f..1a4d8a40d3f 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -233,3 +233,19 @@ out: return ret; } + +int __capable(struct task_struct *t, int cap) +{ + if (security_capable(t, cap) == 0) { + t->flags |= PF_SUPERPRIV; + return 1; + } + return 0; +} +EXPORT_SYMBOL(__capable); + +int capable(int cap) +{ + return __capable(current, cap); +} +EXPORT_SYMBOL(capable); diff --git a/kernel/sys.c b/kernel/sys.c index 19d058be49d..421009cedb5 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -224,18 +224,6 @@ int unregister_reboot_notifier(struct notifier_block * nb) EXPORT_SYMBOL(unregister_reboot_notifier); -#ifndef CONFIG_SECURITY -int capable(int cap) -{ - if (cap_raised(current->cap_effective, cap)) { - current->flags |= PF_SUPERPRIV; - return 1; - } - return 0; -} -EXPORT_SYMBOL(capable); -#endif - static int set_one_prio(struct task_struct *p, int niceval, int error) { int no_nice; |