git://git.whamcloud.com - fs/lustre-release.git/commit

author	NeilBrown <neilb@suse.de>
	Mon, 1 Mar 2021 14:15:45 +0000 (09:15 -0500)
committer	Oleg Drokin <green@whamcloud.com>
	Sat, 10 Apr 2021 17:40:33 +0000 (17:40 +0000)
commit	ee06281d89871c46310ee4b0585ee4489d2c2f3f
tree	e031e87f8f4e8dba77b85fcf0405b558e5e1c218	tree \| snapshot
parent	b6882c8ae4f47e931cc7b49da1c6bffaaf31499b	commit \| diff

LU-9859 libcfs: simplify capability dropping.

Lustre has a 'squash credentials' concept similar to the "anon_uid"
for nfsd. When accessing a file with squashed credentials, we
need to also drop capabilities.
Linux has cap_drop_fs_set() and cap_drop_nfsd_set(). Rather than
taking a completely different approach, this patch changes lustre
to use this same cap_drop_*_set() approach.

With this change we also drop CAP_MKNOD and CAP_MAC_OVERRIDE
which are probably appropriate, and don't drop
CAP_SYS_ADMIN or CAP_SYS_BOOT which should be irrelevant for
file permission checking

Calling both cap_drop_*_set() seems a bit clumsy, but gets
the job done.

Linux-commit: f497115d4cf8a430c5d9902ce35716ba5f9c21ef

Change-Id: I2f4f691bc4ad090f6abaa4e13eb473bf8d904b23
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-on: https://review.whamcloud.com/41957
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

libcfs/include/libcfs/curproc.h		diff \| blob \| history
lustre/llite/file.c		diff \| blob \| history