Re: [PATCH] security: protect legacy apps from insufficient privilege - Kernel

This is a discussion on Re: [PATCH] security: protect legacy apps from insufficient privilege - Kernel ; On Wed, 21 May 2008 08:50:25 -0700 "Andrew G. Morgan" wrote: > + CAP_FOR_EACH_U32(i) { > + if (i >= tocopy) { > + /* > + * Legacy capability sets have no upper bits > + */ > + ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: [PATCH] security: protect legacy apps from insufficient privilege

  1. Re: [PATCH] security: protect legacy apps from insufficient privilege

    On Wed, 21 May 2008 08:50:25 -0700 "Andrew G. Morgan" wrote:

    > + CAP_FOR_EACH_U32(i) {
    > + if (i >= tocopy) {
    > + /*
    > + * Legacy capability sets have no upper bits
    > + */
    > + bprm->cap_post_exec_permitted.cap[i] = 0;
    > + } else {
    > + __u32 value_cpu;
    > + /*
    > + * pP' = (X & fP) | (pI & fI)
    > + */
    > + value_cpu = le32_to_cpu(caps->data[i].permitted);
    > + bprm->cap_post_exec_permitted.cap[i] = (
    > + current->cap_bset.cap[i] & value_cpu
    > + ) | (
    > + current->cap_inheritable.cap[i] &
    > + le32_to_cpu(caps->data[i].inheritable)
    > + );
    > + if (value_cpu &
    > + ~bprm->cap_post_exec_permitted.cap[i]) {
    > + /*
    > + * insufficient to execute correctly
    > + */
    > + ret = -EPERM;
    > + }
    > + }
    > }


    That makes my eyes say ow. The 80-col thing is a pain.

    With a judiciously placed `continue' we can do this:

    CAP_FOR_EACH_U32(i) {
    __u32 value_cpu;

    if (i >= tocopy) {
    /*
    * Legacy capability sets have no upper bits
    */
    bprm->cap_post_exec_permitted.cap[i] = 0;
    continue;
    }
    /*
    * pP' = (X & fP) | (pI & fI)
    */
    value_cpu = le32_to_cpu(caps->data[i].permitted);
    bprm->cap_post_exec_permitted.cap[i] =
    (current->cap_bset.cap[i] & value_cpu) |
    (current->cap_inheritable.cap[i] &
    le32_to_cpu(caps->data[i].inheritable));
    if (value_cpu & ~bprm->cap_post_exec_permitted.cap[i]) {
    /*
    * insufficient to execute correctly
    */
    ret = -EPERM;
    }
    }

    OK?
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  2. Re: [PATCH] security: protect legacy apps from insufficient privilege

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Andrew Morton wrote:
    | With a judiciously placed `continue' we can do this:
    |
    | CAP_FOR_EACH_U32(i) {
    | __u32 value_cpu;
    |
    | if (i >= tocopy) {
    | /*
    | * Legacy capability sets have no upper bits
    | */
    | bprm->cap_post_exec_permitted.cap[i] = 0;
    | continue;
    | }
    | /*
    | * pP' = (X & fP) | (pI & fI)
    | */
    | value_cpu = le32_to_cpu(caps->data[i].permitted);
    | bprm->cap_post_exec_permitted.cap[i] =
    | (current->cap_bset.cap[i] & value_cpu) |
    | (current->cap_inheritable.cap[i] &
    | le32_to_cpu(caps->data[i].inheritable));
    | if (value_cpu & ~bprm->cap_post_exec_permitted.cap[i]) {
    | /*
    | * insufficient to execute correctly
    | */
    | ret = -EPERM;
    | }
    | }
    |
    | OK?

    Yes.

    Acked-by: Andrew G. Morgan

    Cheers

    Andrew
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.6 (GNU/Linux)

    iD8DBQFINXLL+bHCR3gb8jsRAiGUAJ49d61n7+uhc3M5vJjT53 98w9tRGgCgwLRe
    vXHOIIJAoHvlGNACagKSPes=
    =oPN0
    -----END PGP SIGNATURE-----
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread