diff options
author | Kees Cook <keescook@chromium.org> | 2017-07-18 15:25:23 -0700 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2017-08-01 12:02:48 -0700 |
commit | ddb4a1442def2a78b91a85b4251fb712ef23662b (patch) | |
tree | 2e6ed1b1f5f92f463afe5480cd947273e1d43671 /include | |
parent | 520eccdfe187591a51ea9ab4c1a024ae4d0f68d9 (diff) |
exec: Rename bprm->cred_prepared to called_set_creds
The cred_prepared bprm flag has a misleading name. It has nothing to do
with the bprm_prepare_cred hook, and actually tracks if bprm_set_creds has
been called. Rename this flag and improve its comment.
Cc: David Howells <dhowells@redhat.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/binfmts.h | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h index 3ae9013eeaaa..9023e1d2d5cd 100644 --- a/include/linux/binfmts.h +++ b/include/linux/binfmts.h @@ -25,8 +25,12 @@ struct linux_binprm { struct mm_struct *mm; unsigned long p; /* current top of mem */ unsigned int - cred_prepared:1,/* true if creds already prepared (multiple - * preps happen for interpreters) */ + /* + * True after the bprm_set_creds hook has been called once + * (multiple calls can be made via prepare_binprm() for + * binfmt_script/misc). + */ + called_set_creds:1, cap_effective:1;/* true if has elevated effective capabilities, * false if not; except for init which inherits * its parent's caps anyway */ |