Quoting Andrew Morgan (morgan@kernel.org):
quoted text
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> This looks good to me.
> 
> [As you anticipated, there is a potential merge issue with Casey's
> recent addition of MAC capabilities - which will make CAP_MAC_ADMIN the
> highest allocated capability: ie.,
> 
> #define CAP_LAST_CAP         CAP_MAC_ADMIN
> 
> ].
> 
> Signed-off-by: Andrew G. Morgan <morgan@kernel.org>

Thanks, Andrew.

Yes, the following patch will be needed on top of the previous one:

-serge

From 97ee046e8075a21b356fb93db0769d440437ef51 Mon Sep 17 00:00:00 2001
From: sergeh@us.ibm.com <hallyn@kernel.(none)>
Date: Tue, 27 Nov 2007 10:37:57 -0800
Subject: [PATCH 1/1] capabilities: fix CAP_LAST_CAP to CAP_MAC_ADMIN

A recent SMACK patch introduced two new capabilities.  The capability
bounding set patch defined CAP_LAST_CAP erroneously relative to that
patch.

Signed-off-by: Serge Hallyn <serue@us.ibm.com>
---
 include/linux/capability.h |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/include/linux/capability.h b/include/linux/capability.h
index 5fc3fea..7d50ff6 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -332,7 +332,7 @@ typedef struct kernel_cap_struct {
 
 #define CAP_MAC_ADMIN        33
 
-#define CAP_LAST_CAP         CAP_SETFCAP
+#define CAP_LAST_CAP         CAP_MAC_ADMIN
 
 #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
 
-- 
1.5.1

-
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/