security: clarify cap_inode_getsecctx description

Commit Message

J. Bruce Fields May 9, 2013, 3:41 p.m. UTC

From: "J. Bruce Fields" <bfields@redhat.com>

Make it clear that cap_inode_getsecctx shouldn't return success without
filling in the context data.

Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
---
 include/linux/security.h |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

James Morris May 12, 2013, 11:37 a.m. UTC | #1

On Thu, 9 May 2013, J. Bruce Fields wrote:

> From: "J. Bruce Fields" <bfields@redhat.com>
> 
> Make it clear that cap_inode_getsecctx shouldn't return success without
> filling in the context data.
> 
> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
> Signed-off-by: J. Bruce Fields <bfields@redhat.com>


Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next

Patch

diff --git a/include/linux/security.h b/include/linux/security.h
index 4686491..40560f4 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1392,7 +1392,8 @@  static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  * 	@ctxlen contains the length of @ctx.
  *
  * @inode_getsecctx:
- *	Returns a string containing all relevant security context information
+ *	On success, returns 0 and fills out @ctx and @ctxlen with the security
+ *	context for the given @inode.
  *
  * 	@inode we wish to get the security context of.
  *	@ctx is a pointer in which to place the allocated security context.