| Message ID | 20200719100418.2112740-7-areber@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | capabilities: Introduce CAP_CHECKPOINT_RESTORE | expand |
On Sun, Jul 19, 2020 at 12:04:16PM +0200, Adrian Reber wrote: > From: Nicolas Viennot <Nicolas.Viennot@twosigma.com> > > This brings consistency with the rest of the prctl() syscall where > -EPERM is returned when failing a capability check. > > Signed-off-by: Nicolas Viennot <Nicolas.Viennot@twosigma.com> > Signed-off-by: Adrian Reber <areber@redhat.com> Ok, i see how EINVAL snuck its way in there through validate_prctl_map()s evolution :) Reviewed-by: Serge Hallyn <serge@hallyn.com> > --- > kernel/sys.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/sys.c b/kernel/sys.c > index a3f4ef0bbda3..ca11af9d815d 100644 > --- a/kernel/sys.c > +++ b/kernel/sys.c > @@ -2015,7 +2015,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data > * This may have implications in the tomoyo subsystem. > */ > if (!checkpoint_restore_ns_capable(current_user_ns())) > - return -EINVAL; > + return -EPERM; > > error = prctl_set_mm_exe_file(mm, prctl_map.exe_fd); > if (error) > -- > 2.26.2
diff --git a/kernel/sys.c b/kernel/sys.c index a3f4ef0bbda3..ca11af9d815d 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -2015,7 +2015,7 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data * This may have implications in the tomoyo subsystem. */ if (!checkpoint_restore_ns_capable(current_user_ns())) - return -EINVAL; + return -EPERM; error = prctl_set_mm_exe_file(mm, prctl_map.exe_fd); if (error)