diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-24 11:40:41 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-24 11:40:41 -0700 |
commit | a30282478271ea8e06d424f96c1537094b309c7c (patch) | |
tree | 2ca55dabb02982b05cc4a80df09ea285114fb071 /security | |
parent | 1436ab068d6b0309a73849dc239399399621decd (diff) | |
parent | ab5348c9c23cd253f5902980d2d8fe067dc24c82 (diff) | |
download | linux-a30282478271ea8e06d424f96c1537094b309c7c.tar.gz linux-a30282478271ea8e06d424f96c1537094b309c7c.tar.bz2 linux-a30282478271ea8e06d424f96c1537094b309c7c.zip |
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull misc security layer update from James Morris:
"This is the remaining 'general' change in the security tree for v4.14,
following the direct merging of SELinux (+ TOMOYO), AppArmor, and
seccomp.
That's everything now for the security tree except IMA, which will
follow shortly (I've been traveling for the past week with patchy
internet)"
* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
security: fix description of values returned by cap_inode_need_killpriv
Diffstat (limited to 'security')
-rw-r--r-- | security/commoncap.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index 6bf72b175b49..c25e0d27537f 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -294,10 +294,10 @@ int cap_capset(struct cred *new, * * Determine if an inode having a change applied that's marked ATTR_KILL_PRIV * affects the security markings on that inode, and if it is, should - * inode_killpriv() be invoked or the change rejected? + * inode_killpriv() be invoked or the change rejected. * - * Returns 0 if granted; +ve if granted, but inode_killpriv() is required; and - * -ve to deny the change. + * Returns 1 if security.capability has a value, meaning inode_killpriv() + * is required, 0 otherwise, meaning inode_killpriv() is not required. */ int cap_inode_need_killpriv(struct dentry *dentry) { |