projects / profile / common / platform / kernel / linux-artik7.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b32436d) | patch
ovl: filter trusted xattr for non-admin
authorMiklos Szeredi <mszeredi@redhat.com>
Mon, 29 May 2017 13:15:27 +0000 (15:15 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 13 Apr 2018 17:50:14 +0000 (19:50 +0200)
commitd88cbbe7ba0c9d75846d82e0ad6d7d82ef246e31
tree763963baa3f0c1992a1e7066d694d40056bcab31tree | snapshot
parentb32436defcd0a531677700b93a3174619eb3f1e8commit | diff
ovl: filter trusted xattr for non-admin

[ Upstream commit a082c6f680da298cf075886ff032f32ccb7c5e1a ]

Filesystems filter out extended attributes in the "trusted." domain for
unprivlieged callers.

Overlay calls underlying filesystem's method with elevated privs, so need
to do the filtering in overlayfs too.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/overlayfs/inode.c diff | blob | history
Domain: System / Kernel;