linux/security/apparmor
Linus Torvalds f122a08b19 capability: just use a 'u64' instead of a 'u32[2]' array
Back in 2008 we extended the capability bits from 32 to 64, and we did
it by extending the single 32-bit capability word from one word to an
array of two words.  It was then obfuscated by hiding the "2" behind two
macro expansions, with the reasoning being that maybe it gets extended
further some day.

That reasoning may have been valid at the time, but the last thing we
want to do is to extend the capability set any more.  And the array of
values not only causes source code oddities (with loops to deal with
it), but also results in worse code generation.  It's a lose-lose
situation.

So just change the 'u32[2]' into a 'u64' and be done with it.

We still have to deal with the fact that the user space interface is
designed around an array of these 32-bit values, but that was the case
before too, since the array layouts were different (ie user space
doesn't use an array of 32-bit values for individual capability masks,
but an array of 32-bit slices of multiple masks).

So that marshalling of data is actually simplified too, even if it does
remain somewhat obscure and odd.

This was all triggered by my reaction to the new "cap_isidentical()"
introduced recently.  By just using a saner data structure, it went from

	unsigned __capi;
	CAP_FOR_EACH_U32(__capi) {
		if (a.cap[__capi] != b.cap[__capi])
			return false;
	}
	return true;

to just being

	return a.val == b.val;

instead.  Which is rather more obvious both to humans and to compilers.

Cc: Mateusz Guzik <mjguzik@gmail.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Paul Moore <paul@paul-moore.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2023-03-01 10:01:22 -08:00
..
include + Features 2022-12-14 13:42:09 -08:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
apparmorfs.c fs: port ->mkdir() to pass mnt_idmap 2023-01-19 09:24:26 +01:00
audit.c AppArmor: Fix kernel-doc 2022-10-25 00:15:18 -07:00
capability.c apparmor: rework profile->rules to be a list 2022-10-03 14:49:04 -07:00
crypto.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
domain.c fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap 2023-01-19 09:24:29 +01:00
file.c fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap 2023-01-19 09:24:29 +01:00
ipc.c AppArmor: Fix kernel-doc 2022-10-25 00:15:18 -07:00
Kconfig + Features 2022-12-14 13:42:09 -08:00
label.c apparmor: remove useless static inline functions 2022-10-24 22:35:11 -07:00
lib.c apparmor: rework profile->rules to be a list 2022-10-03 14:49:04 -07:00
lsm.c fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap 2023-01-19 09:24:29 +01:00
Makefile + Features 2022-12-14 13:42:09 -08:00
match.c apparmor: Add __init annotation to aa_{setup/teardown}_dfa_engine() 2022-11-01 21:17:26 -07:00
mount.c apparmor: rework profile->rules to be a list 2022-10-03 14:49:04 -07:00
net.c apparmor: rework profile->rules to be a list 2022-10-03 14:49:04 -07:00
nulldfa.in
path.c security: apparmor: delete repeated words in comments 2021-02-07 04:15:46 -08:00
policy_compat.c apparmor: Fix regression in compat permissions for getattr 2023-02-15 11:24:38 -08:00
policy_ns.c apparmor: Fix memleak in alloc_ns() 2022-11-01 05:32:13 -07:00
policy_unpack_test.c + Features 2022-12-14 13:42:09 -08:00
policy_unpack.c capability: just use a 'u64' instead of a 'u32[2]' array 2023-03-01 10:01:22 -08:00
policy.c apparmor: fix a memleak in free_ruleset() 2022-10-25 00:15:19 -07:00
procattr.c apparmor: fix obsoleted comments for aa_getprocattr() and audit_resource() 2022-10-24 22:35:23 -07:00
resource.c apparmor: Fix spelling of function name in comment block 2022-10-25 00:15:19 -07:00
secid.c apparmor: disable showing the mode as part of a secid to secctx 2022-07-13 17:18:29 -07:00
stacksplitdfa.in
task.c apparmor: Simplify obtain the newest label on a cred 2022-10-03 14:49:04 -07:00