Quoting Serge E. Hallyn ([EMAIL PROTECTED]): > From cd7c384f76d2c0f6b12a1c0936d54ae9c5e7cb4c Mon Sep 17 00:00:00 2001 > From: Serge E. Hallyn <[EMAIL PROTECTED]> > Date: Fri, 19 Oct 2007 15:39:10 -0400 > Subject: [PATCH RFC] capabilities: fix compilation with strict type checking > (v2) > > Since at least 1998 the code under STRICT_CAP_T_TYPECHECKS option has > not been used. (See > http://www.uwsg.iu.edu/hypermail/linux/kernel/9810.2/0705.html) > > There are two options - we can remove this option altogether > or, as this patch attempts to do, fix compilation with > STRICT_CAP_T_TYPECHECKS so it can be enabled.
Here is the second alternative, simply removing the STRICT_CAP_T_TYPECHECKS option. thanks, -serge >From 141626df6eaba12f5566f6bce7e72c1c3e627364 Mon Sep 17 00:00:00 2001 From: Serge E. Hallyn <[EMAIL PROTECTED]> Date: Wed, 17 Oct 2007 10:00:49 -0400 Subject: [PATCH 1/1] capabilities: remove STRICT_CAP_T_TYPECHECKS It appears STRICT_CAP_T_TYPECHECKS was introduced in 1998 - and always undefined since then - because the STRICT_CAP_T_TYPECHECKS behavior is broken. (See http://www.uwsg.iu.edu/hypermail/linux/kernel/9810.2/0705.html) Remove this code to simplify the capabilites code. Signed-off-by: Serge E. Hallyn <[EMAIL PROTECTED]> --- include/linux/capability.h | 21 --------------------- 1 files changed, 0 insertions(+), 21 deletions(-) diff --git a/include/linux/capability.h b/include/linux/capability.h index 7a8d7ad..8f7c7ed 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h @@ -64,20 +64,8 @@ struct vfs_cap_data { #ifdef __KERNEL__ -/* #define STRICT_CAP_T_TYPECHECKS */ - -#ifdef STRICT_CAP_T_TYPECHECKS - -typedef struct kernel_cap_struct { - __u32 cap; -} kernel_cap_t; - -#else - typedef __u32 kernel_cap_t; -#endif - #define _USER_CAP_HEADER_SIZE (2*sizeof(__u32)) #define _KERNEL_CAP_T_SIZE (sizeof(kernel_cap_t)) @@ -315,18 +303,9 @@ typedef __u32 kernel_cap_t; * Internal kernel functions only */ -#ifdef STRICT_CAP_T_TYPECHECKS - -#define to_cap_t(x) { x } -#define cap_t(x) (x).cap - -#else - #define to_cap_t(x) (x) #define cap_t(x) (x) -#endif - #define CAP_EMPTY_SET to_cap_t(0) #define CAP_FULL_SET to_cap_t(~0) #define CAP_INIT_EFF_SET to_cap_t(~0 & ~CAP_TO_MASK(CAP_SETPCAP)) -- 1.5.1.1.GIT - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html