summaryrefslogtreecommitdiff
path: root/security/smack
diff options
context:
space:
mode:
authorMiklos Szeredi <mszeredi@redhat.com>2021-01-28 10:22:48 +0100
committerMiklos Szeredi <mszeredi@redhat.com>2021-01-28 10:22:48 +0100
commitf2b00be488730522d0fb7a8a5de663febdcefe0a (patch)
treec343be25749cf1c5d809dbbbb56495fd7d652445 /security/smack
parent554677b97257b0b69378bd74e521edb7e94769ff (diff)
cap: fix conversions on getxattr
If a capability is stored on disk in v2 format cap_inode_getsecurity() will currently return in v2 format unconditionally. This is wrong: v2 cap should be equivalent to a v3 cap with zero rootid, and so the same conversions performed on it. If the rootid cannot be mapped, v3 is returned unconverted. Fix this so that both v2 and v3 return -EOVERFLOW if the rootid (or the owner of the fs user namespace in case of v2) cannot be mapped into the current user namespace. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'security/smack')
0 files changed, 0 insertions, 0 deletions