From: Andrew Morgan <morgan@kernel.org>

Legacy support requires that we don't return an error for previously
legitimate calls. Removing this check, we make a fail-safe best effort
to support legacy applications.

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Tested-by: Kevin Winchester <kjwinchester@gmail.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: James Morris <jmorris@namei.org>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 kernel/capability.c |   27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

diff -puN kernel/capability.c~64bit-capability-support-legacy-support-fix kernel/capability.c
--- a/kernel/capability.c~64bit-capability-support-legacy-support-fix
+++ a/kernel/capability.c
@@ -122,13 +122,26 @@ out:
 			kdata[i].permitted = pP.cap[i];
 			kdata[i].inheritable = pI.cap[i];
 		}
-		while (i < _LINUX_CAPABILITY_U32S) {
-			if (pE.cap[i] || pP.cap[i] || pP.cap[i]) {
-				/* Cannot represent w/ legacy structure */
-				return -ERANGE;
-			}
-			i++;
-		}
+
+		/*
+		 * Note, in the case, tocopy < _LINUX_CAPABILITY_U32S,
+		 * we silently drop the upper capabilities here. This
+		 * has the effect of making older libcap
+		 * implementations implicitly drop upper capability
+		 * bits when they perform a: capget/modify/capset
+		 * sequence.
+		 *
+		 * This behavior is considered fail-safe
+		 * behavior. Upgrading the application to a newer
+		 * version of libcap will enable access to the newer
+		 * capabilities.
+		 *
+		 * An alternative would be to return an error here
+		 * (-ERANGE), but that causes legacy applications to
+		 * unexpectidly fail; the capget/modify/capset aborts
+		 * before modification is attempted and the application
+		 * fails.
+		 */
 
 		if (copy_to_user(dataptr, kdata, tocopy
 				 * sizeof(struct __user_cap_data_struct))) {
_