The goal of these patches is to avoid calling capable() unconditionally in simple_xattr_list(), which causes issues under SELinux (see explanation in the second patch). The first patch tries to make this change safer by converting simple_xattrs to use the RCU mechanism, so that capable() is not called while the xattrs->lock is held. I didn't find evidence that this is an issue in the current code, but it can't hurt to make that change either way (and it was quite straightforward). Ondrej Mosnacek (2): fs: convert simple_xattrs to RCU list fs: don't call capable() prematurely in simple_xattr_list() fs/xattr.c | 39 +++++++++++++++++++++++---------------- include/linux/xattr.h | 1 + 2 files changed, 24 insertions(+), 16 deletions(-) -- 2.37.2
