On Thu, Feb 24, 2022 at 05:57:38PM -0800, Darrick J. Wong wrote: > On Mon, Feb 21, 2022 at 09:22:18PM +0300, Andrey Zhadchenko wrote: > > xfs_fileattr_set() handles idmapped mounts correctly and do not drop this > > bits. > > Unfortunately chown syscall results in different callstask: > > i_op->xfs_vn_setattr()->...->xfs_setattr_nonsize() which checks if process > > has CAP_FSETID capable in init_user_ns rather than mntns userns. > > > > Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko@xxxxxxxxxxxxx> > > LGTM... > Reviewed-by: Darrick J. Wong <djwong@xxxxxxxxxx> Darrick, could I ask you to please wait with applying. The correct fix for this is either to simply remove the check here altogether as we figured out in the thread or to switch to a generic vfs helper setattr_copy(). Andrey will send a new patch in the not too distant future afaict including tests.
