linux/fs/ecryptfs
Miklos Szeredi 0b964446c6 ecryptfs: fix uid translation for setxattr on security.capability
Prior to commit 7c03e2cda4 ("vfs: move cap_convert_nscap() call into
vfs_setxattr()") the translation of nscap->rootid did not take stacked
filesystems (overlayfs and ecryptfs) into account.

That patch fixed the overlay case, but made the ecryptfs case worse.

Restore old the behavior for ecryptfs that existed before the overlayfs
fix.  This does not fix ecryptfs's handling of complex user namespace
setups, but it does make sure existing setups don't regress.

Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Cc: Tyler Hicks <code@tyhicks.com>
Fixes: 7c03e2cda4 ("vfs: move cap_convert_nscap() call into vfs_setxattr()")
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Tyler Hicks <code@tyhicks.com>
2021-01-26 01:47:14 +00:00
..
Kconfig docs: filesystems: fix renamed references 2020-04-20 15:45:22 -06:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
crypto.c ecryptfs: use crypto_shash_tfm_digest() 2020-05-08 15:32:15 +10:00
debug.c - Fix error handling when ecryptfs_read_lower() encounters an error 2019-07-14 19:29:04 -07:00
dentry.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
ecryptfs_kernel.h eCryptfs: Replace deactivated email address 2020-02-14 20:07:31 +00:00
file.c fs: compat_ioctl: move FITRIM emulation into file systems 2019-10-23 17:23:46 +02:00
inode.c ecryptfs: fix uid translation for setxattr on security.capability 2021-01-26 01:47:14 +00:00
keystore.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
kthread.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
main.c eCryptfs: Replace deactivated email address 2020-02-14 20:07:31 +00:00
messaging.c mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
miscdev.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333 2019-06-05 17:37:06 +02:00
mmap.c ecryptfs: drop direct calls to ->bmap 2020-02-03 08:05:57 -05:00
read_write.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
super.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00