From mboxrd@z Thu Jan 1 00:00:00 1970 From: jmorris@namei.org (James Morris) Date: Fri, 25 Aug 2017 15:47:52 +1000 (AEST) Subject: [PATCH V3 08/10] capabilities: invert logic for clarity In-Reply-To: <6c9745800b15f096639297937ea53b0ec60c2183.1503459890.git.rgb@redhat.com> References: <6c9745800b15f096639297937ea53b0ec60c2183.1503459890.git.rgb@redhat.com> Message-ID: To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org On Wed, 23 Aug 2017, Richard Guy Briggs wrote: > The way the logic was presented, it was awkward to read and verify. Invert the > logic using DeMorgan's Law to be more easily able to read and understand. > > Signed-off-by: Richard Guy Briggs Acked-by: James Morris > --- > security/commoncap.c | 8 ++++---- > 1 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/security/commoncap.c b/security/commoncap.c > index ffcaff0..eb2da69 100644 > --- a/security/commoncap.c > +++ b/security/commoncap.c > @@ -552,10 +552,10 @@ static inline bool nonroot_raised_pE(struct cred *cred, kuid_t root) > bool ret = false; > > if (cap_grew(effective, ambient, cred) && > - (!cap_full(effective, cred) || > - !is_eff(root, cred) || > - !is_real(root, cred) || > - !root_privileged())) > + !(cap_full(effective, cred) && > + is_eff(root, cred) && > + is_real(root, cred) && > + root_privileged())) > ret = true; > return ret; > } > -- James Morris -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Morris Subject: Re: [PATCH V3 08/10] capabilities: invert logic for clarity Date: Fri, 25 Aug 2017 15:47:52 +1000 (AEST) Message-ID: References: <6c9745800b15f096639297937ea53b0ec60c2183.1503459890.git.rgb@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Return-path: In-Reply-To: <6c9745800b15f096639297937ea53b0ec60c2183.1503459890.git.rgb@redhat.com> Sender: owner-linux-security-module@vger.kernel.org To: Richard Guy Briggs Cc: linux-security-module@vger.kernel.org, linux-audit@redhat.com, Andy Lutomirski , "Serge E. Hallyn" , Kees Cook , James Morris , Eric Paris , Paul Moore , Steve Grubb List-Id: linux-audit@redhat.com On Wed, 23 Aug 2017, Richard Guy Briggs wrote: > The way the logic was presented, it was awkward to read and verify. Invert the > logic using DeMorgan's Law to be more easily able to read and understand. > > Signed-off-by: Richard Guy Briggs Acked-by: James Morris > --- > security/commoncap.c | 8 ++++---- > 1 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/security/commoncap.c b/security/commoncap.c > index ffcaff0..eb2da69 100644 > --- a/security/commoncap.c > +++ b/security/commoncap.c > @@ -552,10 +552,10 @@ static inline bool nonroot_raised_pE(struct cred *cred, kuid_t root) > bool ret = false; > > if (cap_grew(effective, ambient, cred) && > - (!cap_full(effective, cred) || > - !is_eff(root, cred) || > - !is_real(root, cred) || > - !root_privileged())) > + !(cap_full(effective, cred) && > + is_eff(root, cred) && > + is_real(root, cred) && > + root_privileged())) > ret = true; > return ret; > } > -- James Morris