ebiederm@xxxxxxxxxxxx (Eric W. Biederman) writes:
> So there is the basic question do we want to read the raw bytes on disk
> or do we want to return something meaningful to the reader. As the
> existing tools use the xattr interface to set/clear fscaps returning
> data to user space rather than raw bytes seems the perfered interface.
>
> My ideal semantics would be:
>
> - If current_user_ns() == sb->s_user_ns return the raw data.
>
> I don't know how to implement this first scenario while permitting
> stacked filesystems.
After a little more thought I do.
In getxattr if the get_cap method is not implemented by the
filesystem if current_user_ns() == sb->s_user_ns simply treat it as
an ordinary xattr read/write.
Otherwise call vfs_get_cap and translate the result as described
below.
The key point of this is it allows for seeing what is actually on
disk (when it is not confusing).
> - Calculate the cpu_vfs_cap_data as get_vfs_caps_from_disk does.
> That gives the meaning of the xattr.
>
> - If "from_kuid(current_userns(), krootid) == 0" return a v2 cap.
>
> - If "rootid_owns_currentns()" return a v2 cap.
>
> - Else return an error. Probably a permission error.
>
> The fscap simply can not make sense to the user if the rootid does not
> map. Return a v2 cap would imply that the caps are present on the
> executable (in the current context) which they are not.
Eric
