LinuxLists.cc - [PATCH] f2fs: avoid duplicated permission check for "trusted." xattrs

2018-07-19 00:24:56

Subject: [PATCH] f2fs: avoid duplicated permission check for "trusted." xattrs

From: Hyunchul Lee <[email protected]>

Because xattr_permission already checks CAP_SYS_ADMIN
capability, we don't need to check it.

Signed-off-by: Hyunchul Lee <[email protected]>
---
fs/f2fs/xattr.c | 6 ------
1 file changed, 6 deletions(-)

diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c
index 708271871f94..4b34244dcc69 100644
--- a/fs/f2fs/xattr.c
+++ b/fs/f2fs/xattr.c
@@ -37,9 +37,6 @@ static int f2fs_xattr_generic_get(const struct xattr_handler *handler,
return -EOPNOTSUPP;
break;
case F2FS_XATTR_INDEX_TRUSTED:
- if (!capable(CAP_SYS_ADMIN))
- return -EPERM;
- break;
case F2FS_XATTR_INDEX_SECURITY:
break;
default:
@@ -62,9 +59,6 @@ static int f2fs_xattr_generic_set(const struct xattr_handler *handler,
return -EOPNOTSUPP;
break;
case F2FS_XATTR_INDEX_TRUSTED:
- if (!capable(CAP_SYS_ADMIN))
- return -EPERM;
- break;
case F2FS_XATTR_INDEX_SECURITY:
break;
default:
--
2.17.1

2018-07-19 01:57:07

by Chao Yu

[permalink] [raw]

Subject: Re: [PATCH] f2fs: avoid duplicated permission check for "trusted." xattrs

On 2018/7/19 8:23, Hyunchul Lee wrote:
> From: Hyunchul Lee <[email protected]>
>
> Because xattr_permission already checks CAP_SYS_ADMIN
> capability, we don't need to check it.
>
> Signed-off-by: Hyunchul Lee <[email protected]>

Reviewed-by: Chao Yu <[email protected]>

Thanks,