On 2/28/23, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > On Tue, Feb 28, 2023 at 11:39 AM Linus Torvalds > <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: >> >> Call me crazy. > Hello crazy, > I had to go through the patch with a find comb, because everything > worked except for some reason network name resolution failed: > systemd-resolved got a permission error on > > Failed to listen on UDP socket 127.0.0.53:53: Permission denied > > Spot the insufficient fixup in my cut-and-paste capget() patch: > > kdata[0].effective = pE.val; > kdata[1].effective = pE.val >> 32; > kdata[0].permitted = pP.val; > kdata[1].permitted = pP.val >> 32; > kdata[0].inheritable = pI.val; > kdata[0].inheritable = pI.val >> 32; > > Oops. > > But with that fixed, that patch actually does seem to work. > This is part of the crap which made me unwilling to do the clean up. Unless there is a test suite (which I'm guessing there is not), I think this warrants a prog which iterates over all methods with a bunch of randomly generated capsets (+ maybe handpicked corner cases?) and compares results new vs old. Otherwise I would feel very uneasy signing off on the patch. That said, nice cleanup if it works out :) -- Mateusz Guzik <mjguzik gmail.com>
