vfs: move cap_convert_nscap() call into vfs_setxattr()

cap_convert_nscap() does permission checking as well as conversion of the xattr value conditionally based on fs's user-ns. This is needed by overlayfs and probably other layered fs (ecryptfs) and is what vfs_foo() is supposed to do anyway. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com> Acked-by: James Morris <jamorris@linux.microsoft.com>
author: Miklos Szeredi <mszeredi@redhat.com> 2020-12-14 15:26:13 +0100
committer: Miklos Szeredi <mszeredi@redhat.com> 2020-12-14 15:26:13 +0100
commit: 7c03e2cda4a584cadc398e8f6641ca9988a39d52 (patch)
tree: fb00450cfbec40734c00495f1715fdf4d8b2d873 /include/linux/capability.h
parent: c11faf32599fee59f33896c8d59f9b3c17ca76fc (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h
index 1e7fe311cabe..b2f698915c0f 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -270,6 +270,6 @@ static inline bool checkpoint_restore_ns_capable(struct user_namespace *ns)
 /* audit system wants to get cap info from files as well */
 extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps);
 
-extern int cap_convert_nscap(struct dentry *dentry, void **ivalue, size_t size);
+extern int cap_convert_nscap(struct dentry *dentry, const void **ivalue, size_t size);
 
 #endif /* !_LINUX_CAPABILITY_H */
author	Miklos Szeredi <mszeredi@redhat.com>	2020-12-14 15:26:13 +0100
committer	Miklos Szeredi <mszeredi@redhat.com>	2020-12-14 15:26:13 +0100
commit	7c03e2cda4a584cadc398e8f6641ca9988a39d52 (patch)
tree	fb00450cfbec40734c00495f1715fdf4d8b2d873 /include/linux/capability.h
parent	c11faf32599fee59f33896c8d59f9b3c17ca76fc (diff)