diff mbox

[V3,08/10] capabilities: invert logic for clarity

Message ID 6c9745800b15f096639297937ea53b0ec60c2183.1503459890.git.rgb@redhat.com (mailing list archive)
State New, archived
Headers show

Commit Message

Richard Guy Briggs Aug. 23, 2017, 10:12 a.m. UTC
The way the logic was presented, it was awkward to read and verify.  Invert the
logic using DeMorgan's Law to be more easily able to read and understand.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
---
 security/commoncap.c |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

Comments

Serge E. Hallyn Aug. 24, 2017, 4:23 p.m. UTC | #1
Quoting Richard Guy Briggs (rgb@redhat.com):
> The way the logic was presented, it was awkward to read and verify.  Invert the
> logic using DeMorgan's Law to be more easily able to read and understand.
> 
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>

Reviewed-by: Serge Hallyn <serge@hallyn.com>

> ---
>  security/commoncap.c |    8 ++++----
>  1 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/security/commoncap.c b/security/commoncap.c
> index ffcaff0..eb2da69 100644
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> @@ -552,10 +552,10 @@ static inline bool nonroot_raised_pE(struct cred *cred, kuid_t root)
>  	bool ret = false;
>  
>  	if (cap_grew(effective, ambient, cred) &&
> -	    (!cap_full(effective, cred) ||
> -	     !is_eff(root, cred) ||
> -	     !is_real(root, cred) ||
> -	     !root_privileged()))
> +	    !(cap_full(effective, cred) &&
> +	      is_eff(root, cred) &&
> +	      is_real(root, cred) &&
> +	      root_privileged()))
>  		ret = true;
>  	return ret;
>  }
> -- 
> 1.7.1
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
James Morris Aug. 25, 2017, 5:47 a.m. UTC | #2
On Wed, 23 Aug 2017, Richard Guy Briggs wrote:

> The way the logic was presented, it was awkward to read and verify.  Invert the
> logic using DeMorgan's Law to be more easily able to read and understand.
> 
> Signed-off-by: Richard Guy Briggs <rgb@redhat.com>


Acked-by: James Morris <james.l.morris@oracle.com>

> ---
>  security/commoncap.c |    8 ++++----
>  1 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/security/commoncap.c b/security/commoncap.c
> index ffcaff0..eb2da69 100644
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> @@ -552,10 +552,10 @@ static inline bool nonroot_raised_pE(struct cred *cred, kuid_t root)
>  	bool ret = false;
>  
>  	if (cap_grew(effective, ambient, cred) &&
> -	    (!cap_full(effective, cred) ||
> -	     !is_eff(root, cred) ||
> -	     !is_real(root, cred) ||
> -	     !root_privileged()))
> +	    !(cap_full(effective, cred) &&
> +	      is_eff(root, cred) &&
> +	      is_real(root, cred) &&
> +	      root_privileged()))
>  		ret = true;
>  	return ret;
>  }
>
diff mbox

Patch

diff --git a/security/commoncap.c b/security/commoncap.c
index ffcaff0..eb2da69 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -552,10 +552,10 @@  static inline bool nonroot_raised_pE(struct cred *cred, kuid_t root)
 	bool ret = false;
 
 	if (cap_grew(effective, ambient, cred) &&
-	    (!cap_full(effective, cred) ||
-	     !is_eff(root, cred) ||
-	     !is_real(root, cred) ||
-	     !root_privileged()))
+	    !(cap_full(effective, cred) &&
+	      is_eff(root, cred) &&
+	      is_real(root, cred) &&
+	      root_privileged()))
 		ret = true;
 	return ret;
 }