Commit 95c78cd5 authored by Robert Love's avatar Robert Love Committed by Linus Torvalds

[PATCH] remove suser()

Attached patch replaces the lone remaining suser() call with capable()
and then removes suser() itself in a triumphant celebration of the glory
of capable().  Or something. ;-)

Small cleanup of capable() and some comments, too.
parent a73f75e2
...@@ -2564,7 +2564,7 @@ int cpc_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) ...@@ -2564,7 +2564,7 @@ int cpc_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
return -EINVAL; return -EINVAL;
return 0; return 0;
case SIOCSPC300CONF: case SIOCSPC300CONF:
if (!suser()) if (!capable(CAP_NET_ADMIN))
return -EPERM; return -EPERM;
if (!arg || if (!arg ||
copy_from_user(&conf_aux.conf, arg, sizeof(pc300chconf_t))) copy_from_user(&conf_aux.conf, arg, sizeof(pc300chconf_t)))
......
...@@ -102,8 +102,6 @@ static inline void *ioremap(unsigned long base, long length) ...@@ -102,8 +102,6 @@ static inline void *ioremap(unsigned long base, long length)
#define my_iounmap(x, b) (((long)x<0x100000)?0:vfree ((void*)x)) #define my_iounmap(x, b) (((long)x<0x100000)?0:vfree ((void*)x))
#define capable(x) suser()
#define tty_flip_buffer_push(tty) queue_task(&tty->flip.tqueue, &tq_timer) #define tty_flip_buffer_push(tty) queue_task(&tty->flip.tqueue, &tq_timer)
#define signal_pending(current) (current->signal & ~current->blocked) #define signal_pending(current) (current->signal & ~current->blocked)
#define schedule_timeout(to) do {current->timeout = jiffies + (to);schedule ();} while (0) #define schedule_timeout(to) do {current->timeout = jiffies + (to);schedule ();} while (0)
......
...@@ -587,24 +587,10 @@ extern void free_irq(unsigned int, void *); ...@@ -587,24 +587,10 @@ extern void free_irq(unsigned int, void *);
* This has now become a routine instead of a macro, it sets a flag if * This has now become a routine instead of a macro, it sets a flag if
* it returns true (to do BSD-style accounting where the process is flagged * it returns true (to do BSD-style accounting where the process is flagged
* if it uses root privs). The implication of this is that you should do * if it uses root privs). The implication of this is that you should do
* normal permissions checks first, and check suser() last. * normal permissions checks first, and check fsuser() last.
* *
* [Dec 1997 -- Chris Evans] * suser() is gone, fsuser() should go soon too...
* For correctness, the above considerations need to be extended to
* fsuser(). This is done, along with moving fsuser() checks to be
* last.
*
* These will be removed, but in the mean time, when the SECURE_NOROOT
* flag is set, uids don't grant privilege.
*/ */
static inline int suser(void)
{
if (!issecure(SECURE_NOROOT) && current->euid == 0) {
current->flags |= PF_SUPERPRIV;
return 1;
}
return 0;
}
static inline int fsuser(void) static inline int fsuser(void)
{ {
...@@ -616,19 +602,12 @@ static inline int fsuser(void) ...@@ -616,19 +602,12 @@ static inline int fsuser(void)
} }
/* /*
* capable() checks for a particular capability. * capable() checks for a particular capability.
* New privilege checks should use this interface, rather than suser() or * See include/linux/capability.h for defined capabilities.
* fsuser(). See include/linux/capability.h for defined capabilities.
*/ */
static inline int capable(int cap) static inline int capable(int cap)
{ {
#if 1 /* ok now */ if (cap_raised(current->cap_effective, cap)) {
if (cap_raised(current->cap_effective, cap))
#else
if (cap_is_fs_cap(cap) ? current->fsuid == 0 : current->euid == 0)
#endif
{
current->flags |= PF_SUPERPRIV; current->flags |= PF_SUPERPRIV;
return 1; return 1;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment