Received: by 2002:a05:6a10:2785:0:0:0:0 with SMTP id ia5csp3025858pxb; Tue, 12 Jan 2021 04:39:48 -0800 (PST) X-Google-Smtp-Source: ABdhPJyYrcTqorPSX7aKzVETCBp/P3a3eqeLQBbg3lOBNPNm1yat1xBmApLqeO10mcQtp13mnFPB X-Received: by 2002:a05:6402:1352:: with SMTP id y18mr3254316edw.178.1610455188561; Tue, 12 Jan 2021 04:39:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610455188; cv=none; d=google.com; s=arc-20160816; b=wHPhc/zILwFenkP9F2X0SikifiagHgyJGUUQt6OWnNCSesbcNi/dgt+CMth/b0e1gm gvcAdpQNJ42ioqUWq8QrIdE/+b5qNhRe9+bkGW/zQprfwCmepbRJmH8L46UpCZeKfU9G HFxSXPSgoQ23g59zSfMGHhARKFDO0QIavAUMptFWJiNlrjUvWbNrOU9Hy2NvMTX7QUqQ BGwrroR99WW9i7glUcaH22YNOW98wjdwhSEdJIzw0uSaGghzvJq3kqI0O5mia0UK2Pm2 uCJ3k/VvYRkQbJFlfi3VH5q5dmNbXYLG+QAOjbNSkmYfZfF7aHu3rxrXRe5h1m89LQ+9 aqRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=rS4sdXVHr4l3vGRPMuRvaL1eabkA37lCE2nh9ri+8DA=; b=kU3kkW2J1flIpvoKmDvtLiSdjI+pjwjsfg4U7VJ406Jtk5EXOSR1xXDsBXKPg3F6DN UswCnF16lvucgJM2ew/QBdNmdpG6GoRA0Ite0nGaraS0LiIVREs98WtBnAYRu11C/clG 1NLScK55ry/xo+zCq4AIgOPFbQfImdhuqldcHcpEKbjoXXuIEwbIJYwYfJwouImDTx4+ TtaeIqHDahLT4gQgwA26xw9zlDG1HQHCNt0Jnk96pgTcX67MhylvKF1MtJQkCUxmRxGy bTMgtofUpjQi+cMHI9X27HprqrZj1lVNao/fPMZ7OPAhoiNuo/u8WB1tlJ3Is41XECxe VJPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=f6Llr2Ei; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q16si1092894ejd.199.2021.01.12.04.39.24; Tue, 12 Jan 2021 04:39:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=temperror (no key for signature) header.i=@szeredi.hu header.s=google header.b=f6Llr2Ei; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390643AbhALKFj (ORCPT + 99 others); Tue, 12 Jan 2021 05:05:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36520 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390352AbhALKFi (ORCPT ); Tue, 12 Jan 2021 05:05:38 -0500 Received: from mail-vk1-xa2f.google.com (mail-vk1-xa2f.google.com [IPv6:2607:f8b0:4864:20::a2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7E752C061575 for ; Tue, 12 Jan 2021 02:04:58 -0800 (PST) Received: by mail-vk1-xa2f.google.com with SMTP id e27so475110vkn.2 for ; Tue, 12 Jan 2021 02:04:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=szeredi.hu; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=rS4sdXVHr4l3vGRPMuRvaL1eabkA37lCE2nh9ri+8DA=; b=f6Llr2Ei6o9IxbS05Jb89UXoWPqSI2kibVhcgOSycNIT9BHPBbZWtGxXn+WN4i5WCB AJOaz8a1xnVBZLXTssdcpIgtFblHkyYiljyiuxZ638ZbcdCEUWce4loVsjZ0tXWMhxu6 AmEclYLBi87TEBoqp95L0D4aYhWwzlVJWZkj8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rS4sdXVHr4l3vGRPMuRvaL1eabkA37lCE2nh9ri+8DA=; b=ROYI7l6CCLreBvswrPaaMd5/puIZY+HnFEn1wziRWqvtR57io7JxsE5mxrKrcSDBv/ 5Cpieh0mI2z1yqbhggj7t2fu+b1cPF+Vvmr8OxKTWuQEzPeFWnVgc4goalVeEQFK914z t2sBYshHZi7n3au/KxpXF+PYj2Rh9DOl/sMdjsPa9vxBuKk1BXZMSczOyh5hmOX62Sqs j2dNu5KqbXkfUf0ze4byaJ3Ig/30wpvLLNyfyM9xqkvO0uDBNewd+EO87OsNGI1vZkOl 1Wjk/pEVYWUAl4RX5JG8XdBamSTDNSthOXKi3jNggdGZK5F/CDSVKC97LusOzlkntuIm nxdA== X-Gm-Message-State: AOAM531PciKQWe9VocgXz5/Fnor0uwG1CacC6hhCzKoNILTL8Sh+RDPS BB8QfDG1D/FrFkE1KA82rPI+wPtdBXlICFyGumLnXw== X-Received: by 2002:ac5:c284:: with SMTP id h4mr3303695vkk.14.1610445897639; Tue, 12 Jan 2021 02:04:57 -0800 (PST) MIME-Version: 1.0 References: <20201207163255.564116-1-mszeredi@redhat.com> <20201207163255.564116-2-mszeredi@redhat.com> <87czyoimqz.fsf@x220.int.ebiederm.org> <20210111134916.GC1236412@miu.piliscsaba.redhat.com> <874kjnm2p2.fsf@x220.int.ebiederm.org> In-Reply-To: From: Miklos Szeredi Date: Tue, 12 Jan 2021 11:04:46 +0100 Message-ID: Subject: Re: [PATCH v2 01/10] vfs: move cap_convert_nscap() call into vfs_setxattr() To: "Eric W. Biederman" Cc: Miklos Szeredi , linux-fsdevel@vger.kernel.org, overlayfs , LSM , linux-kernel@vger.kernel.org, "Serge E. Hallyn" Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 12, 2021 at 10:43 AM Miklos Szeredi wrote: > The following semantics would make a ton more sense, since getting a > v2 would indicate that rootid is unknown: > > - if cap is v2 convert to v3 with zero rootid > - after this, check if rootid needs to be translated, if not return v3 > - if yes, try to translate to current ns, if succeeds return translated v3 > - if not mappable, return v2 > > Hmm? Actually, it would make even more sense to simply skip unconvertible caps and return -ENODATA. In fact that's what I thought would happen until I looked at the -EOPNOTSUPP fallback code in vfs_getxattr(). Serge, do you remember what was the reason for the unconverted fallback? Thanks, Miklos