-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Serge E. Hallyn wrote: > + case PR_GET_CAPBSET: > + error = put_user(current->cap_bset, (unsigned long __user *)arg2); > + break; > + case PR_SET_CAPBSET: > + if (!capable(CAP_SYS_ADMIN)) > + return -EPERM; > + if (!cap_issubset(arg2, current->cap_bset)) > + return -EINVAL; > + current->cap_bset = arg2; > + break; You need to pass the capability magic value in both get and set directions... Otherwise, you'll not be able to tell what vintage of cap_bset you are manipulating. Cheers Andrew -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFG8fQ0QheEq9QabfIRApzJAKCUSxj72X4F++kNGy29oO6FE/OGAgCeIrBw dzyfE/XF2Fl71WQvIwu/E9s= =hkFZ -----END PGP SIGNATURE----- _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers