diff options
author | Martin Borg <martin.borg@enea.com> | 2018-03-23 14:01:03 +0100 |
---|---|---|
committer | Adrian Dudau <adrian.dudau@enea.com> | 2018-03-26 09:57:31 +0200 |
commit | c4bd5f6e084a6ced2c7a2f76798d0a34947ffeb7 (patch) | |
tree | e46d5f9bceca1947817b7739d366aa44faea9be1 /patches/boot_time_opt/0109-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch | |
parent | dfc8946f58bbf4aa3a345c4fb5d5895502936edd (diff) | |
download | enea-kernel-cache-c4bd5f6e084a6ced2c7a2f76798d0a34947ffeb7.tar.gz |
boot_time_opt: update host boot time optimization patches for 4.14
The new patches are based on:
https://github.com/clearlinux-pkgs/linux-lts
commit 5595fe425a52af6734235a1a953b6b03210060ec
Signed-off-by: Martin Borg <martin.borg@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Diffstat (limited to 'patches/boot_time_opt/0109-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch')
-rw-r--r-- | patches/boot_time_opt/0109-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch | 56 |
1 files changed, 0 insertions, 56 deletions
diff --git a/patches/boot_time_opt/0109-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch b/patches/boot_time_opt/0109-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch deleted file mode 100644 index 70247a0..0000000 --- a/patches/boot_time_opt/0109-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch +++ /dev/null | |||
@@ -1,56 +0,0 @@ | |||
1 | From 4170571f7bb0897c90e13b2fcf3ee06990a9e774 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Cox <alan@linux.intel.com> | ||
3 | Date: Thu, 10 Mar 2016 15:11:28 +0000 | ||
4 | Subject: [PATCH 109/124] xattr: allow setting user.* attributes on symlinks by | ||
5 | owner | ||
6 | |||
7 | Kvmtool and clear containers supports using user attributes to label host | ||
8 | files with the virtual uid/guid of the file in the container. This allows an | ||
9 | end user to manage their files and a complete uid space without all the ugly | ||
10 | namespace stuff. | ||
11 | |||
12 | The one gap in the support is symlinks because an end user can change the | ||
13 | ownership of a symbolic link. We support attributes on these files as you | ||
14 | can already (as root) set security attributes on them. | ||
15 | |||
16 | The current rules seem slightly over-paranoid and as we have a use case this | ||
17 | patch enables updating the attributes on a symbolic link IFF you are the | ||
18 | owner of the synlink (as permissions are not usually meaningful on the link | ||
19 | itself). | ||
20 | |||
21 | Signed-off-by: Alan Cox <alan@linux.intel.com> | ||
22 | --- | ||
23 | fs/xattr.c | 14 ++++++++------ | ||
24 | 1 file changed, 8 insertions(+), 6 deletions(-) | ||
25 | |||
26 | diff --git a/fs/xattr.c b/fs/xattr.c | ||
27 | index 2d13b4e62fae..580a5aeddfd2 100644 | ||
28 | --- a/fs/xattr.c | ||
29 | +++ b/fs/xattr.c | ||
30 | @@ -118,15 +118,17 @@ xattr_permission(struct inode *inode, const char *name, int mask) | ||
31 | } | ||
32 | |||
33 | /* | ||
34 | - * In the user.* namespace, only regular files and directories can have | ||
35 | - * extended attributes. For sticky directories, only the owner and | ||
36 | - * privileged users can write attributes. | ||
37 | + * In the user.* namespace, only regular files, symbolic links, and | ||
38 | + * directories can have extended attributes. For symbolic links and | ||
39 | + * sticky directories, only the owner and privileged users can write | ||
40 | + * attributes. | ||
41 | */ | ||
42 | if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) { | ||
43 | - if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) | ||
44 | + if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) && !S_ISLNK(inode->i_mode)) | ||
45 | return (mask & MAY_WRITE) ? -EPERM : -ENODATA; | ||
46 | - if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && | ||
47 | - (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) | ||
48 | + if (((S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX)) | ||
49 | + || S_ISLNK(inode->i_mode)) && (mask & MAY_WRITE) | ||
50 | + && !inode_owner_or_capable(inode)) | ||
51 | return -EPERM; | ||
52 | } | ||
53 | |||
54 | -- | ||
55 | 2.11.1 | ||
56 | |||