On Thu, Aug 29, 2024 at 06:26:21PM +0200, hsimeliere.opensource@witekio.com wrote:
From: Miklos Szeredi mszeredi@redhat.com
commit 7c03e2cda4a584cadc398e8f6641ca9988a39d52 upstream.
cap_convert_nscap() does permission checking as well as conversion of the xattr value conditionally based on fs's user-ns.
This is needed by overlayfs and probably other layered fs (ecryptfs) and is what vfs_foo() is supposed to do anyway.
Signed-off-by: Miklos Szeredi mszeredi@redhat.com Acked-by: James Morris jamorris@linux.microsoft.com Signed-off-by: Hugo SIMELIERE hsimeliere.opensource@witekio.com
fs/xattr.c | 17 +++++++++++------ include/linux/capability.h | 2 +- security/commoncap.c | 3 +-- 3 files changed, 13 insertions(+), 9 deletions(-)
Again, we can not take chagnes for only older kernels and not newer ones. Please resend for all applicable releases.
thanks,
greg k-h