mirror of
https://github.com/containers/fuse-overlayfs.git
synced 2025-09-12 16:57:05 -04:00
Merge pull request #153 from giuseppe/drop-security-capability-handling
main: drop special handling for security.capability
This commit is contained in:
Daniel J Walsh
GitHub
commit
fe47dba184
@ -57,7 +57,6 @@ struct ovl_node
|
||||
unsigned int hidden : 1;
|
||||
unsigned int whiteout : 1;
|
||||
unsigned int loaded : 1;
|
||||
unsigned int no_security_capability : 1;
|
||||
};
|
||||
|
||||
struct ovl_mapping
|
||||
|
||||
18
main.c
18
main.c
@ -2253,7 +2253,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
|
||||
struct ovl_node *node;
|
||||
struct ovl_data *lo = ovl_data (req);
|
||||
cleanup_free char *buf = NULL;
|
||||
bool is_security_capability = false;
|
||||
int ret;
|
||||
|
||||
if (UNLIKELY (ovl_debug (req)))
|
||||
@ -2265,9 +2264,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
|
||||
return;
|
||||
}
|
||||
|
||||
if (get_timeout (lo) > 0)
|
||||
is_security_capability = has_prefix (name, "security.capability");
|
||||
|
||||
node = do_lookup_file (lo, ino, NULL);
|
||||
if (node == NULL)
|
||||
{
|
||||
@ -2275,12 +2271,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
|
||||
return;
|
||||
}
|
||||
|
||||
if (is_security_capability && node->no_security_capability)
|
||||
{
|
||||
fuse_reply_err (req, ENODATA);
|
||||
return;
|
||||
}
|
||||
|
||||
if (size > 0)
|
||||
{
|
||||
buf = malloc (size);
|
||||
@ -2300,9 +2290,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
|
||||
ret = getxattr (path, name, buf, size);
|
||||
}
|
||||
|
||||
if (get_timeout (lo) > 0 && is_security_capability && ret < 0 && errno == ENODATA)
|
||||
node->no_security_capability = 1;
|
||||
|
||||
if (ret < 0)
|
||||
{
|
||||
fuse_reply_err (req, errno);
|
||||
@ -3002,7 +2989,6 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
|
||||
{
|
||||
cleanup_lock int l = enter_big_lock ();
|
||||
struct ovl_data *lo = ovl_data (req);
|
||||
bool is_security_capability = false;
|
||||
struct ovl_node *node;
|
||||
int ret;
|
||||
|
||||
@ -3022,8 +3008,6 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
|
||||
return;
|
||||
}
|
||||
|
||||
is_security_capability = has_prefix (name, "security.capability");
|
||||
|
||||
node = do_lookup_file (lo, ino, NULL);
|
||||
if (node == NULL)
|
||||
{
|
||||
@ -3052,7 +3036,6 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
|
||||
return;
|
||||
}
|
||||
|
||||
node->no_security_capability = 1;
|
||||
fuse_reply_err (req, 0);
|
||||
}
|
||||
|
||||
@ -4543,7 +4526,6 @@ ovl_mkdir (fuse_req_t req, fuse_ino_t parent, const char *name, mode_t mode)
|
||||
node->last_layer = pnode->last_layer;
|
||||
if (get_timeout (lo) > 0)
|
||||
node->loaded = 1;
|
||||
node->no_security_capability = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user