Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp3630607pxu; Tue, 8 Dec 2020 17:58:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJxeF09EgoilGMb3NwWbTuFo3sT9K/6NYFLbSWN4vuy1Jz8rPOT6Z00RbEZBaPtytheWc54K X-Received: by 2002:a17:906:7fca:: with SMTP id r10mr200447ejs.24.1607479102517; Tue, 08 Dec 2020 17:58:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607479102; cv=none; d=google.com; s=arc-20160816; b=XbHpHIGQkn/PFGgOBnHz/9TG9ag+Wdc880vWNzwRFTNCdONVvDvdx6PUpv/0mg3YUU XHa09yNnIGNTFzrxB5cbQx1Kpv2NBSDIEavp5oJsMoLvKKVpaQoIPH5csecuwLdvsvr+ rEaKKr+gTixzzqHSRX3O1YRDS9NsUDZ9Xy4V5V9xOCJ5nQ/Lk2cKN5ClLZdeTU/ACYav OdgOAoTKj/6+2iSYNyNprKGHshzGYZr2hc+X8TuCr0Vk+M8FuP3/7f2/FgcS6ePXofrs Q9TFXzcr97nvs4+r8bt8iL+CRTGYSgMLd29DaLAEiSTQWLqC6N/sUyNqmea2LzUnrftR YAjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:message-id:in-reply-to :subject:cc:to:from:date; bh=ggrgU5UNh8l6Avjz7nX62cp6iFAGxWUIT9LPafuaO5M=; b=Phi1xPnbqwgu3SINUupMNbuFJ6Mqr/hTy65bMeO6IkBoyVq2FK8cZ810bd5WzbSCi2 E0Z7D811FfCLKpsoc0AQOUFUpiX+tKiwVv1lD/+Wd0cS1sSzkCjAhbO1Io4MV2OZjTYF XKt3wBsQ8ydZrNWCk63COrKj9Lu93vJ07mUOqDs6O4omiIHz+oQsl10h4/pJnPPR7dUL dW5ZrFPXyT+ohzOUU/9uVTezp0bzN9ks7zrl2FqSXtwvAuM3yQJo44CILo/FLX+zar4d 0a5YYCIuBECzMwFukSfDPWw88/GsAej/eubfZn6Zy5wgk3jwbvnCQ0611p85HUH4lZsk O+yA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b27si131431eje.466.2020.12.08.17.58.00; Tue, 08 Dec 2020 17:58:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726413AbgLIByR (ORCPT + 99 others); Tue, 8 Dec 2020 20:54:17 -0500 Received: from namei.org ([65.99.196.166]:59052 "EHLO mail.namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725808AbgLIByO (ORCPT ); Tue, 8 Dec 2020 20:54:14 -0500 Received: from localhost (localhost [127.0.0.1]) by mail.namei.org (Postfix) with ESMTPS id CBD5ADBF; Wed, 9 Dec 2020 01:53:30 +0000 (UTC) Date: Tue, 8 Dec 2020 17:53:30 -0800 (PST) From: James Morris To: Miklos Szeredi cc: "Eric W . Biederman" , linux-fsdevel@vger.kernel.org, linux-unionfs@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 01/10] vfs: move cap_convert_nscap() call into vfs_setxattr() In-Reply-To: <20201207163255.564116-2-mszeredi@redhat.com> Message-ID: References: <20201207163255.564116-1-mszeredi@redhat.com> <20201207163255.564116-2-mszeredi@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 7 Dec 2020, Miklos Szeredi wrote: > cap_convert_nscap() does permission checking as well as conversion of the > xattr value conditionally based on fs's user-ns. > > This is needed by overlayfs and probably other layered fs (ecryptfs) and is > what vfs_foo() is supposed to do anyway. > > Signed-off-by: Miklos Szeredi Acked-by: James Morris -- James Morris