From 5d053201d1635deb30e1326704067f201472bf4c Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Fri, 29 Nov 2019 11:53:47 +0100
Subject: [PATCH] main: drop special handling for security.capability

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 fuse-overlayfs.h |  1 -
 main.c           | 18 ------------------
 2 files changed, 19 deletions(-)

diff --git a/fuse-overlayfs.h b/fuse-overlayfs.h
index 37673a9..9319808 100644
--- a/fuse-overlayfs.h
+++ b/fuse-overlayfs.h
@@ -57,7 +57,6 @@ struct ovl_node
   unsigned int hidden : 1;
   unsigned int whiteout : 1;
   unsigned int loaded : 1;
-  unsigned int no_security_capability : 1;
 };
 
 struct ovl_mapping
diff --git a/main.c b/main.c
index 8b98830..b1bdfa4 100644
--- a/main.c
+++ b/main.c
@@ -2253,7 +2253,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
   struct ovl_node *node;
   struct ovl_data *lo = ovl_data (req);
   cleanup_free char *buf = NULL;
-  bool is_security_capability = false;
   int ret;
 
   if (UNLIKELY (ovl_debug (req)))
@@ -2265,9 +2264,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
       return;
     }
 
-  if (get_timeout (lo) > 0)
-    is_security_capability = has_prefix (name, "security.capability");
-
   node = do_lookup_file (lo, ino, NULL);
   if (node == NULL)
     {
@@ -2275,12 +2271,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
       return;
     }
 
-  if (is_security_capability && node->no_security_capability)
-    {
-      fuse_reply_err (req, ENODATA);
-      return;
-    }
-
   if (size > 0)
     {
       buf = malloc (size);
@@ -2300,9 +2290,6 @@ ovl_getxattr (fuse_req_t req, fuse_ino_t ino, const char *name, size_t size)
       ret = getxattr (path, name, buf, size);
     }
 
-  if (get_timeout (lo) > 0 && is_security_capability && ret < 0 && errno == ENODATA)
-    node->no_security_capability = 1;
-
   if (ret < 0)
     {
       fuse_reply_err (req, errno);
@@ -3002,7 +2989,6 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
 {
   cleanup_lock int l = enter_big_lock ();
   struct ovl_data *lo = ovl_data (req);
-  bool is_security_capability = false;
   struct ovl_node *node;
   int ret;
 
@@ -3022,8 +3008,6 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
       return;
     }
 
-  is_security_capability = has_prefix (name, "security.capability");
-
   node = do_lookup_file (lo, ino, NULL);
   if (node == NULL)
     {
@@ -3052,7 +3036,6 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
       return;
     }
 
-  node->no_security_capability = 1;
   fuse_reply_err (req, 0);
 }
 
@@ -4543,7 +4526,6 @@ ovl_mkdir (fuse_req_t req, fuse_ino_t parent, const char *name, mode_t mode)
       node->last_layer = pnode->last_layer;
       if (get_timeout (lo) > 0)
         node->loaded = 1;
-      node->no_security_capability = 1;
     }
   else
     {