UBUNTU: Ubuntu-2.6.38-12.51

[linux-flexiantxendom0-natty.git] / security / commoncap.c

diff --git a/security/commoncap.c b/security/commoncap.c
index 677fad9..e58b5d8 100644 (file)
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -27,7 +27,6 @@
 #include <linux/sched.h>
 #include <linux/prctl.h>
 #include <linux/securebits.h>
-#include <linux/syslog.h>
 
 /*
  * If a non-root user executes a setuid-root binary in
@@ -40,7 +39,7 @@
  *
  * Warn if that happens, once per boot.
  */
-static void warn_setuid_and_fcaps_mixed(char *fname)
+static void warn_setuid_and_fcaps_mixed(const char *fname)
 {
        static int warned;
        if (!warned) {
@@ -570,7 +569,7 @@ int cap_inode_setxattr(struct dentry *dentry, const char *name,
        }
 
        if (!strncmp(name, XATTR_SECURITY_PREFIX,
-                    sizeof(XATTR_SECURITY_PREFIX) - 1)  &&
+                    sizeof(XATTR_SECURITY_PREFIX) - 1) &&
            !capable(CAP_SYS_ADMIN))
                return -EPERM;
        return 0;
@@ -596,7 +595,7 @@ int cap_inode_removexattr(struct dentry *dentry, const char *name)
        }
 
        if (!strncmp(name, XATTR_SECURITY_PREFIX,
-                    sizeof(XATTR_SECURITY_PREFIX) - 1)  &&
+                    sizeof(XATTR_SECURITY_PREFIX) - 1) &&
            !capable(CAP_SYS_ADMIN))
                return -EPERM;
        return 0;
@@ -719,14 +718,11 @@ static int cap_safe_nice(struct task_struct *p)
 /**
  * cap_task_setscheduler - Detemine if scheduler policy change is permitted
  * @p: The task to affect
- * @policy: The policy to effect
- * @lp: The parameters to the scheduling policy
  *
  * Detemine if the requested scheduler policy change is permitted for the
  * specified task, returning 0 if permission is granted, -ve if denied.
  */
-int cap_task_setscheduler(struct task_struct *p, int policy,
-                          struct sched_param *lp)
+int cap_task_setscheduler(struct task_struct *p)
 {
        return cap_safe_nice(p);
 }
@@ -887,24 +883,6 @@ error:
 }
 
 /**
- * cap_syslog - Determine whether syslog function is permitted
- * @type: Function requested
- * @from_file: Whether this request came from an open file (i.e. /proc)
- *
- * Determine whether the current process is permitted to use a particular
- * syslog function, returning 0 if permission is granted, -ve if not.
- */
-int cap_syslog(int type, bool from_file)
-{
-       /* /proc/kmsg can open be opened by CAP_SYS_ADMIN */
-       if (type != 1 && from_file)
-               return 0;
-       if ((type != 3 && type != 10) && !capable(CAP_SYS_ADMIN))
-               return -EPERM;
-       return 0;
-}
-
-/**
  * cap_vm_enough_memory - Determine whether a new virtual mapping is permitted
  * @mm: The VM space in which the new mapping is to be made
  * @pages: The size of the mapping
@@ -931,7 +909,7 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages)
  * @addr: address attempting to be mapped
  * @addr_only: unused
  *
- * If the process is attempting to map memory below mmap_min_addr they need
+ * If the process is attempting to map memory below dac_mmap_min_addr they need
  * CAP_SYS_RAWIO.  The other parameters to this function are unused by the
  * capability security module.  Returns 0 if this mapping should be allowed
  * -EPERM if not.
@@ -951,3 +929,4 @@ int cap_file_mmap(struct file *file, unsigned long reqprot,
        }
        return ret;
 }
+EXPORT_SYMBOL(cap_file_mmap);