Merge branch 'next' into for-linus

Prepare input updates for 4.14 merge window.
author: Dmitry Torokhov <dmitry.torokhov@gmail.com> 2017-09-04 12:22:54 -0400
committer: Dmitry Torokhov <dmitry.torokhov@gmail.com> 2017-09-04 12:22:54 -0400
commit: a6cbfa1e6d38c4b3ab0ce7e3aea4bb4e744f24b8 (patch)
tree: 8960e571a398b5d32e72bdb9c89ce965daa870ab /fs/overlayfs/inode.c
parent: f5308d1b83eba20e69df5e0926ba7257c8dd9074 (diff)
parent: 08d6ac9ee5fedd82040bc878705981b67a116a3f (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
index ad9547f82da5..d613e2c41242 100644
--- a/fs/overlayfs/inode.c
+++ b/fs/overlayfs/inode.c
@@ -240,6 +240,16 @@ int ovl_xattr_get(struct dentry *dentry, const char *name,
        return res;
 }
+static bool ovl_can_list(const char *s)
+{
+        /* List all non-trusted xatts */
+        if (strncmp(s, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) != 0)
+                return true;
+        /* Never list trusted.overlay, list other trusted for superuser only */
+        return !ovl_is_private_xattr(s) && capable(CAP_SYS_ADMIN);
+}
 ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
 {
        struct dentry *realdentry = ovl_dentry_real(dentry);
@@ -263,7 +273,7 @@ ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
                        return -EIO;
                len -= slen;
-                if (ovl_is_private_xattr(s)) {
+                if (!ovl_can_list(s)) {
                        res -= slen;
                        memmove(s, s + slen, len);
                } else {
author	Dmitry Torokhov <dmitry.torokhov@gmail.com>	2017-09-04 12:22:54 -0400
committer	Dmitry Torokhov <dmitry.torokhov@gmail.com>	2017-09-04 12:22:54 -0400
commit	a6cbfa1e6d38c4b3ab0ce7e3aea4bb4e744f24b8 (patch)
tree	8960e571a398b5d32e72bdb9c89ce965daa870ab /fs/overlayfs/inode.c
parent	f5308d1b83eba20e69df5e0926ba7257c8dd9074 (diff)
parent	08d6ac9ee5fedd82040bc878705981b67a116a3f (diff)