Re: [RFC PATCH 4/4] capability: unexport has_capability_noaudit

Next message: Nilay Shroff: "Re: [PATCHv2 11/17] nvme: add Clang context annotations for nvme_queue::sq_lock"
Previous message: Leo Yan: "Re: [PATCH v4 0/6] mm/vmalloc: Speed up ioremap, vmalloc and vmap with contiguous memory"
In reply to: cem: "[RFC PATCH 4/4] capability: unexport has_capability_noaudit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Darrick J. Wong

Date: Fri Jun 26 2026 - 11:22:30 EST

On Fri, Jun 26, 2026 at 01:45:23PM +0200, cem@xxxxxxxxxx wrote:
> From: Carlos Maiolino <cem@xxxxxxxxxx>
>
> This has been originally exported to be used in xfs. Givin we are not
> using it anymore, unexport for consistency.
>
> Signed-off-by: Carlos Maiolino <cmaiolino@xxxxxxxxxx>
> ---
> kernel/capability.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/kernel/capability.c b/kernel/capability.c
> index 2c2d1e8300bd..3d0387fb93a3 100644
> --- a/kernel/capability.c
> +++ b/kernel/capability.c
> @@ -326,7 +326,6 @@ bool has_capability_noaudit(struct task_struct *t, int cap)
> {
> return has_ns_capability_noaudit(t, &init_user_ns, cap);
> }
> -EXPORT_SYMBOL(has_capability_noaudit);

Please update the kerneldoc for this function to mention that it only
checks real capability, not effective capability. I'd like to prevent
someone else from making the same mistakes I did with these functions
that sound the same in documentation but have very different behaviors.

Reviewed-by: "Darrick J. Wong" <djwong@xxxxxxxxxx>

--D

>
> static bool ns_capable_common(struct user_namespace *ns,
> int cap,
> --
> 2.54.0
>
>