On Tue, 11 Feb 2025 at 11:50, Amir Goldstein <amir73il@xxxxxxxxx> wrote:
>
> On Mon, Feb 10, 2025 at 8:45 PM Miklos Szeredi <mszeredi@xxxxxxxxxx> wrote:
> >
> > Allow the "verity" mount option to be used with "userxattr" data-only
> > layer(s).
>
> This standalone sentence sounds like a security risk,
> because unpriv users could change the verity digest.
> I suggest explaining it better.
Same condition as in previous patch applies: if xattr is on a
read-only layer or modification is prevented in any other way, then
it's safe. Otherwise no.
> > @@ -986,10 +981,6 @@ int ovl_fs_params_verify(const struct ovl_fs_context *ctx,
> > pr_err("metacopy requires permission to access trusted xattrs\n");
> > return -EPERM;
> > }
> > - if (config->verity_mode) {
> > - pr_err("verity requires permission to access trusted xattrs\n");
> > - return -EPERM;
> > - }
>
> This looks wrong.
> I don't think you meant to change the case of
> (!config->userxattr && !capable(CAP_SYS_ADMIN))
Yep, good catch.
Thanks,
Miklos
