vfs: move cap_convert_nscap() call into vfs_setxattr()
Origin: https://git.kernel.org/linus/
7c03e2cda4a584cadc398e8f6641ca9988a39d52
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-3493
cap_convert_nscap() does permission checking as well as conversion of the
xattr value conditionally based on fs's user-ns.
This is needed by overlayfs and probably other layered fs (ecryptfs) and is
what vfs_foo() is supposed to do anyway.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Acked-by: James Morris <jamorris@linux.microsoft.com>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name vfs-move-cap_convert_nscap-call-into-vfs_setxattr.patch
projects / linux.git / commit