| Message ID | 20200811070020.6339-1-hsiangkao@redhat.com |
|---|---|
| State | Accepted |
| Commit | d578b46db69d125a654f509bdc9091d84e924dc8 |
| Headers | show |
| Series | erofs: avoid duplicated permission check for "trusted." xattrs | expand |
diff --git a/fs/erofs/xattr.c b/fs/erofs/xattr.c index 87e437e7b34f..f86e3247febc 100644 --- a/fs/erofs/xattr.c +++ b/fs/erofs/xattr.c @@ -473,8 +473,6 @@ static int erofs_xattr_generic_get(const struct xattr_handler *handler, return -EOPNOTSUPP; break; case EROFS_XATTR_INDEX_TRUSTED: - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; break; case EROFS_XATTR_INDEX_SECURITY: break;
Don't recheck it since xattr_permission() already checks CAP_SYS_ADMIN capability. Just follow 5d3ce4f70172 ("f2fs: avoid duplicated permission check for "trusted." xattrs") Reported-by: Hongyu Jin <hongyu.jin@unisoc.com> [ Gao Xiang: since it could cause some complex Android overlay permission issue as well on android-5.4+, so it'd be better to backport to 5.4+ rather than pure cleanup on mainline. ] Cc: <stable@vger.kernel.org> # 5.4+ Signed-off-by: Gao Xiang <hsiangkao@redhat.com> --- related commit: https://android-review.googlesource.com/c/kernel/common/+/1121623/6/fs/xattr.c#b284 fs/erofs/xattr.c | 2 -- 1 file changed, 2 deletions(-)