-
由 Olga Kornievskaia 提交于
stable inclusion from linux-4.19.164 commit 2cdde54b6099025db7e870d81ff6e4bb8c98e950 -------------------------------- [ Upstream commit 05ad9175 ] Currently, the client will always ask for security_labels if the server returns that it supports that feature regardless of any LSM modules (such as Selinux) enforcing security policy. This adds performance penalty to the READDIR operation. Client adjusts superblock's support of the security_label based on the server's support but also current client's configuration of the LSM modules. Thus, prior to using the default bitmask in READDIR, this patch checks the server's capabilities and then instructs READDIR to remove FATTR4_WORD2_SECURITY_LABEL from the bitmask. v5: fixing silly mistakes of the rushed v4 v4: simplifying logic v3: changing label's initialization per Ondrej's comment v2: dropping selinux hook and using the sb cap. Suggested-by: NOndrej Mosnacek <omosnace@redhat.com> Suggested-by: NScott Mayhew <smayhew@redhat.com> Signed-off-by: NOlga Kornievskaia <kolga@netapp.com> Fixes: 2b0143b5 ("VFS: normal filesystems (and lustre): d_inode() annotations") Signed-off-by: NTrond Myklebust <trond.myklebust@hammerspace.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NYang Yingliang <yangyingliang@huawei.com> Reviewed-by: NHou Tao <houtao1@huawei.com> Signed-off-by: NYang Yingliang <yangyingliang@huawei.com>
9edeed97