netlink: kill eff_cap from struct netlink_skb_parms Netlink message processing in the kernel is synchronous these days, capabilities can be checked directly in security_netlink_recv() from the current process. Signed-off-by: Patrick McHardy <kaber@trash.net> Reviewed-by: James Morris <jmorris@namei.org> [chrisw: update to include pohmelfs and uvesafb] Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 01a16b21d6adf992aa863186c3c4e561a57c1714 [log] [tgz]
author: Patrick McHardy <kaber@trash.net> Thu Mar 03 13:32:07 2011 -0800
committer: David S. Miller <davem@davemloft.net> Thu Mar 03 13:32:07 2011 -0800
tree: a3b1c81e5a5e6a0e9069e4d3a15576741ed34776
parent: 63f97425166a1a16279c1a5720e9dfcb2c12ad1b [diff] [blame]
diff --git a/security/commoncap.c b/security/commoncap.c
index 64c2ed9c..a83e607 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c

@@ -52,13 +52,12 @@
 
 int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
 {
-	NETLINK_CB(skb).eff_cap = current_cap();
 	return 0;
 }
 
 int cap_netlink_recv(struct sk_buff *skb, int cap)
 {
-	if (!cap_raised(NETLINK_CB(skb).eff_cap, cap))
+	if (!cap_raised(current_cap(), cap))
 		return -EPERM;
 	return 0;
 }
commit	01a16b21d6adf992aa863186c3c4e561a57c1714	[log] [tgz]
author	Patrick McHardy <kaber@trash.net>	Thu Mar 03 13:32:07 2011 -0800
committer	David S. Miller <davem@davemloft.net>	Thu Mar 03 13:32:07 2011 -0800
tree	a3b1c81e5a5e6a0e9069e4d3a15576741ed34776
parent	63f97425166a1a16279c1a5720e9dfcb2c12ad1b [diff] [blame]