Re: [PATCH 1/4] CAPABILITIES: add cpu endian vfs caps structure
On Mon, 2008-10-20 at 22:50 -0700, Andrew G. Morgan wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eric Paris wrote:
> This patch add a generic cpu endian caps structure and enternally available
> functions which retrieve fcaps information from disk. This information is
> necessary so fcaps information can be collected and recorded by the audit
> system.
>
[...]
> CAP_FOR_EACH_U32(i) {
> - __u32 value_cpu;
> -
> - if (i >= tocopy) {
> - /*
> - * Legacy capability sets have no upper bits
> - */
> - bprm->cap_post_exec_permitted.cap[i] = 0;
> + if (i > tocopy) {
Shouldn't the above still be (i >= tocopy) ?
just replaced this with
if (i >= tocopy)
break;
I'm already zero'ing out the cap data at the beginning so there isn't
really a need for me to zero the upper bits if they aren't set.
-Eric