On Wed, 23 Aug 2017, Richard Guy Briggs wrote: > Remove a layer of conditional logic to make the use of conditions > easier to read and analyse. > > Signed-off-by: Richard Guy Briggs <r...@redhat.com>
Acked-by: James Morris <james.l.mor...@oracle.com> > --- > security/commoncap.c | 13 ++++++------- > 1 files changed, 6 insertions(+), 7 deletions(-) > > diff --git a/security/commoncap.c b/security/commoncap.c > index 5d81354..ffcaff0 100644 > --- a/security/commoncap.c > +++ b/security/commoncap.c > @@ -551,13 +551,12 @@ static inline bool nonroot_raised_pE(struct cred *cred, > kuid_t root) > { > bool ret = false; > > - if (cap_grew(effective, ambient, cred)) { > - if (!cap_full(effective, cred) || > - !is_eff(root, cred) || !is_real(root, cred) || > - !root_privileged()) { > - ret = true; > - } > - } > + if (cap_grew(effective, ambient, cred) && > + (!cap_full(effective, cred) || > + !is_eff(root, cred) || > + !is_real(root, cred) || > + !root_privileged())) > + ret = true; > return ret; > } > > -- James Morris <jmor...@namei.org> -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit