[PATCH v2 01/10] vfs: move cap_convert_nscap() call into vfs_setxattr()
James Morris
jmorris at namei.org
Wed Dec 9 01:53:30 UTC 2020
On Mon, 7 Dec 2020, Miklos Szeredi wrote:
> cap_convert_nscap() does permission checking as well as conversion of the
> xattr value conditionally based on fs's user-ns.
>
> This is needed by overlayfs and probably other layered fs (ecryptfs) and is
> what vfs_foo() is supposed to do anyway.
>
> Signed-off-by: Miklos Szeredi <mszeredi at redhat.com>
Acked-by: James Morris <jamorris at linux.microsoft.com>
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list