path: root/security/commoncap.c
diff options
authorTycho Andersen <>2021-01-21 14:19:28 +0100
committerChristian Brauner <>2021-01-24 14:27:17 +0100
commitc7c7a1a18af4c3bb7749d33e3df3acdf0a95bbb5 (patch)
tree70987010043f447700ed119e1b05b8fb429af5dd /security/commoncap.c
parente65ce2a50cf6af216bea6fd80d771fcbb4c0aaa1 (diff)
xattr: handle idmapped mounts
When interacting with extended attributes the vfs verifies that the caller is privileged over the inode with which the extended attribute is associated. For posix access and posix default extended attributes a uid or gid can be stored on-disk. Let the functions handle posix extended attributes on idmapped mounts. If the inode is accessed through an idmapped mount we need to map it according to the mount's user namespace. Afterwards the checks are identical to non-idmapped mounts. This has no effect for e.g. security xattrs since they don't store uids or gids and don't perform permission checks on them like posix acls do. Link: Cc: Christoph Hellwig <> Cc: David Howells <> Cc: Al Viro <> Cc: Reviewed-by: Christoph Hellwig <> Reviewed-by: James Morris <> Signed-off-by: Tycho Andersen <> Signed-off-by: Christian Brauner <>
Diffstat (limited to 'security/commoncap.c')
1 files changed, 3 insertions, 3 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index c3fd9b86ea9a..745dc1f2c97f 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -313,7 +313,7 @@ int cap_inode_killpriv(struct dentry *dentry)
int error;
- error = __vfs_removexattr(dentry, XATTR_NAME_CAPS);
+ error = __vfs_removexattr(&init_user_ns, dentry, XATTR_NAME_CAPS);
if (error == -EOPNOTSUPP)
error = 0;
return error;
@@ -386,8 +386,8 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer,
return -EINVAL;
size = sizeof(struct vfs_ns_cap_data);
- ret = (int) vfs_getxattr_alloc(dentry, XATTR_NAME_CAPS,
- &tmpbuf, size, GFP_NOFS);
+ ret = (int)vfs_getxattr_alloc(&init_user_ns, dentry, XATTR_NAME_CAPS,
+ &tmpbuf, size, GFP_NOFS);
if (ret < 0)