[resending with the right From:...]
Hi Luis,
@@ -556,20 +539,79 @@ capability::set_offset (uint64_t offset) ...
- (2) - If the top 64 bits are non-zero and the representation is
COMPACT, the capability has the following format:
You're missing documentation for this format.
...
/* Handle attributes. */
if (get_tag () == false)
- attr_str = "invalid ";
if (get_otype () == CAP_SEAL_TYPE_RB)
- attr_str = "sentry ";
if (is_sealed ())
- attr_str = "sealed ";
These are supposed to be comma-separated, with no trailing space.
Also sentries are not printed as sealed capabilities (but see below).
cap_str += "{";
There are no curly braces in the specification.
cap_str = val_str + " [" + perm_str + "," + range_str + "]";
if (!attr_str.empty ())
- cap_str += " ( " + attr_str + ")";
There should be no leading space.
I also couldn't help but notice you have the following:
inline bool is_sealed (void) { return check_permissions (CAP_PERM_SEAL); }
(in capability.h)
Whether a capability is sealed and whether a capability can be used to seal are not the same thing.
Jess
gnu-morello@op-lists.linaro.org