On Wed, Nov 29, 2023 at 11:51 PM Seth Forshee (DigitalOcean) <sforshee@xxxxxxxxxx> wrote: > > Now that the new vfs-level interfaces are fully supported and all code > has been converted to use them, stop permitting use of the top-level vfs > xattr interfaces for capabilities xattrs. Unlike with ACLs we still need > to be able to work with fscaps xattrs using lower-level interfaces in a > handful of places, so only use of the top-level xattr interfaces is > restricted. Can you explain why? Is there an inherent difference between ACLs and fscaps in that respect or is it just a matter of more work that needs to be done? > > Signed-off-by: Seth Forshee (DigitalOcean) <sforshee@xxxxxxxxxx> > --- > fs/xattr.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/fs/xattr.c b/fs/xattr.c > index 372644b15457..4b779779ad8c 100644 > --- a/fs/xattr.c > +++ b/fs/xattr.c > @@ -540,6 +540,9 @@ vfs_setxattr(struct mnt_idmap *idmap, struct dentry *dentry, > const void *orig_value = value; > int error; > > + if (!strcmp(name, XATTR_NAME_CAPS)) > + return -EOPNOTSUPP; > + It this is really not expected, then it should be an assert and please use an inline helper like is_posix_acl_xattr(): if (WARN_ON_ONCE(is_fscaps_xattr(name))) It wouldn't hurt to add those assertions to is_posix_acl_xattr() cases as well, but that is unrelated to your change. Thanks, Amir.
