From: Andrew Morton - coding style tweaks - Don't lose check_cap_sanity() retval - Make set_file_caps() stub inline (although modern gcc will dtrt here) Cc: Serge E. Hallyn Cc: Stephen Smalley Cc: James Morris Cc: Chris Wright Cc: KaiGai Kohei Cc: Chris Friedhoff Signed-off-by: Andrew Morton --- security/commoncap.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff -puN security/commoncap.c~security-introduce-file-caps-tweaks security/commoncap.c --- a/security/commoncap.c~security-introduce-file-caps-tweaks +++ a/security/commoncap.c @@ -126,15 +126,15 @@ static int check_cap_sanity(struct vfs_c if (cap->version != _LINUX_CAPABILITY_VERSION) return -EPERM; - for (i=CAP_NUMCAPS; i<8*sizeof(cap->effective); i++) { + for (i = CAP_NUMCAPS; i < 8*sizeof(cap->effective); i++) { if (cap->effective & CAP_TO_MASK(i)) return -EPERM; } - for (i=CAP_NUMCAPS; i<8*sizeof(cap->permitted); i++) { + for (i = CAP_NUMCAPS; i < 8*sizeof(cap->permitted); i++) { if (cap->permitted & CAP_TO_MASK(i)) return -EPERM; } - for (i=CAP_NUMCAPS; i<8*sizeof(cap->inheritable); i++) { + for (i = CAP_NUMCAPS; i < 8*sizeof(cap->inheritable); i++) { if (cap->inheritable & CAP_TO_MASK(i)) return -EPERM; } @@ -150,6 +150,7 @@ static int set_file_caps(struct linux_bi struct vfs_cap_data_disk dcaps; struct vfs_cap_data caps; struct inode *inode; + int err; dentry = dget(bprm->file->f_dentry); inode = dentry->d_inode; @@ -178,8 +179,9 @@ static int set_file_caps(struct linux_bi } cap_from_disk(&dcaps, &caps); - if (check_cap_sanity(&caps)) - return -EPERM; + err = check_cap_sanity(&caps); + if (err) + return err; bprm->cap_effective = caps.effective; bprm->cap_permitted = caps.permitted; @@ -188,7 +190,7 @@ static int set_file_caps(struct linux_bi return 0; } #else -static int set_file_caps(struct linux_binprm *bprm) +static inline int set_file_caps(struct linux_binprm *bprm) { return 0; } _