On Wed, Sep 05, 2012 at 05:13:49PM -0400, Mimi Zohar wrote: > Normally capabilities provide additional permissions. So if you don't > have the capability, an errno is returned. CAP_SYS_BOOT is a good > example. With CAP_SECURE_FIRMWARE, it reads backwards - if not > CAP_SECURE_FIRMWARE, return error. I think you want to invert the name > to CAP_NOT_SECURE_FIRMWARE, CAP_NOT_SECURE_BOOT or perhaps > CAP_UNSECURED_BOOT.
Yeah, I think renaming the cap is a given. -- Matthew Garrett | [email protected] -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
