Re: [PATCH][LSM] Early init for security modules and various

Stephen Smalley (sds@epoch.ncsc.mil)
02 Jun 2003 08:50:23 -0400


On Mon, 2003-06-02 at 06:44, Andrew Morton wrote:
> Chris Wright <chris@wirex.com> wrote:
> >
> > security_capable() returns 0 if that capability bit is set.
>
> That's just bizarre. Is there any logic behind it?

The LSM access control hooks all return 0 on success (i.e. permission
granted) and negative error code on failure, like most of the rest of
the kernel interfaces (e.g. consider permission()). Hence, the
security_capable() hook returns 0 when the capability is granted to the
specified task. Naturally, the capable() function (which now internally
calls security_capable) preserves the old interface, and most callers
still invoke it rather than directly calling security_capable().
However, the oom killer code is performing a capability test for a task
other than current; hence, it makes a direct call to the
security_capable() hook that supports passing a particular task, unlike
the capable() function.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/