[PATCH v2 01/10] vfs: move cap_convert_nscap() call into vfs_setxattr()

James Morris jmorris at namei.org
Wed Dec 9 01:53:30 UTC 2020

On Mon, 7 Dec 2020, Miklos Szeredi wrote:

> cap_convert_nscap() does permission checking as well as conversion of the
> xattr value conditionally based on fs's user-ns.
> This is needed by overlayfs and probably other layered fs (ecryptfs) and is
> what vfs_foo() is supposed to do anyway.
> Signed-off-by: Miklos Szeredi <mszeredi at redhat.com>

Acked-by: James Morris <jamorris at linux.microsoft.com>

James Morris
<jmorris at namei.org>

More information about the Linux-security-module-archive mailing list