Silence the existing API for capability version compatibility check.
When libcap, or other libraries attempt to confirm/determine the supported capability version magic, they generally supply a NULL dataptr to capget(). In this case, while returning the supported/preferred magic (via a modified header content), the return code of this system call may be 0, -EINVAL, or -EFAULT. No libcap code depends on the previous -EINVAL etc. return code, and all of the above three return codes can accompany a valid (successful) attempt to determine the requested magic value. This patch cleans up the system call to return 0, if the call is successfully being used to determine the supported/preferred capability magic value. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> Acked-by: Steve Grubb <sgrubb@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
fe542cf59b
commit
c4a5af54c8
1 changed files with 2 additions and 2 deletions
|
@ -169,8 +169,8 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr)
|
|||
kernel_cap_t pE, pI, pP;
|
||||
|
||||
ret = cap_validate_magic(header, &tocopy);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
if ((dataptr == NULL) || (ret != 0))
|
||||
return ((dataptr == NULL) && (ret == -EINVAL)) ? 0 : ret;
|
||||
|
||||
if (get_user(pid, &header->pid))
|
||||
return -EFAULT;
|
||||
|
|
Loading…
Reference in a new issue