On Wed, 23 Aug 2017, Richard Guy Briggs wrote:
> Remove a layer of conditional logic to make the use of conditions
> easier to read and analyse.
>
> Signed-off-by: Richard Guy Briggs <r...@redhat.com>
Acked-by: James Morris <james.l.mor...@oracle.com>
> ---
> security/commoncap.c | 13 ++++++-------
> 1 files changed, 6 insertions(+), 7 deletions(-)
>
> diff --git a/security/commoncap.c b/security/commoncap.c
> index 5d81354..ffcaff0 100644
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> @@ -551,13 +551,12 @@ static inline bool nonroot_raised_pE(struct cred *cred,
> kuid_t root)
> {
> bool ret = false;
>
> - if (cap_grew(effective, ambient, cred)) {
> - if (!cap_full(effective, cred) ||
> - !is_eff(root, cred) || !is_real(root, cred) ||
> - !root_privileged()) {
> - ret = true;
> - }
> - }
> + if (cap_grew(effective, ambient, cred) &&
> + (!cap_full(effective, cred) ||
> + !is_eff(root, cred) ||
> + !is_real(root, cred) ||
> + !root_privileged()))
> + ret = true;
> return ret;
> }
>
>
--
James Morris
<jmor...@namei.org>
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
