From: Dave Chinner <david@fromorbit.com>
To: Dwight Engen <dwight.engen@oracle.com>
Cc: "Eric W. Biederman" <ebiederm@gmail.com>, xfs@oss.sgi.com
Subject: Re: [PATCH] userns: Convert xfs to use kuid/kgid where appropriate
Date: Fri, 21 Jun 2013 07:10:39 +1000 [thread overview]
Message-ID: <20130620211039.GS29376@dastard> (raw)
In-Reply-To: <20130620095419.0976a3a3@oracle.com>
On Thu, Jun 20, 2013 at 09:54:19AM -0400, Dwight Engen wrote:
> On Thu, 20 Jun 2013 11:41:33 +1000
> Dave Chinner <david@fromorbit.com> wrote:
>
> > On Wed, Jun 19, 2013 at 01:35:30PM -0700, Eric W. Biederman wrote:
> > >
> > > I am copying my gmail address so I have a chance of seeing replies
> > > from Dave Chiner. So far the only way I have been able to read his
> > > replies has been to read mailling lists. Which has not be
> > > conductive to having this code discussed properly. Hopefully
> > > copying my gmail address will allow us to have a reasonable and
> > > timely conversation.
> > >
> > >
> > > Dwight Engen <dwight.engen@oracle.com> writes:
> > >
> > > > Use uint32 from init_user_ns for xfs internal uid/gid
> > > > representation in acl, xfs_icdinode.
> > >
> > > From my review of the code earlier that just isn't safe. It allows
> > > all kinds of things to slip through.
> >
> > Such as?
>
> Maybe saying "at the vfs boundary" is misleading, I guess I don't see
> how this is all that different from what you did in the other
> filesystems. Using ext4 as the example the conversions are done between:
> struct inode <-> struct ext4_inode
> struct posix_acl <-> ext4_acle_entry
>
> which in xfs is analogous to
> struct inode <-> struct xfs_icdinode
> struct posix acl <-> struct xfs_acl_entry
>
> which is where I did the conversions.
Yup, that's where they should occur for XFS.
> > The kuid_t/kgid_t is actually pushed down this far - it's in the
> > struct inode - the code currently uses the on-disk XFS uid/gid,
> > not the struct inode's kuid_t/kgid_t. That's easily fixable.
>
> Yep, I'll go through the code and switch to the inode where possible.
Cool. We'll need to be careful, though - there are some code paths
that XFS inodes can pass through where the VFS(ip) hasn't been
initialised. Let me worry about this during review, though ;)
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2013-06-20 21:10 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-19 15:09 [PATCH] userns: Convert xfs to use kuid/kgid where appropriate Dwight Engen
2013-06-19 20:35 ` Eric W. Biederman
2013-06-20 1:41 ` Dave Chinner
2013-06-20 13:54 ` Dwight Engen
2013-06-20 21:10 ` Dave Chinner [this message]
2013-06-20 0:13 ` Dave Chinner
2013-06-20 13:54 ` Dwight Engen
2013-06-20 15:27 ` Brian Foster
2013-06-20 17:39 ` Dwight Engen
2013-06-20 19:12 ` Brian Foster
2013-06-20 22:12 ` Dave Chinner
2013-06-20 22:45 ` Eric W. Biederman
2013-06-20 23:35 ` Dave Chinner
2013-06-20 22:03 ` Dave Chinner
2013-06-21 15:14 ` Dwight Engen
2013-06-24 0:33 ` Dave Chinner
2013-06-24 13:10 ` [PATCH v2 RFC] " Dwight Engen
2013-06-25 16:46 ` Brian Foster
2013-06-25 20:08 ` Dwight Engen
2013-06-25 21:04 ` Brian Foster
2013-06-26 2:09 ` Dave Chinner
2013-06-26 21:30 ` Dwight Engen
2013-06-26 22:44 ` Dave Chinner
2013-06-27 13:02 ` Serge Hallyn
2013-06-28 1:54 ` Dave Chinner
2013-06-28 15:25 ` Serge Hallyn
2013-06-28 16:16 ` Dwight Engen
2013-06-27 20:57 ` Ben Myers
2013-06-28 1:46 ` Dave Chinner
2013-06-28 15:15 ` Serge Hallyn
2013-06-28 14:23 ` Dwight Engen
2013-06-28 15:11 ` [PATCH v3 0/6] " Dwight Engen
2013-06-28 15:11 ` [PATCH 1/6] create wrappers for converting kuid_t to/from uid_t Dwight Engen
2013-06-28 15:11 ` [PATCH 2/6] convert kuid_t to/from uid_t in ACLs Dwight Engen
2013-06-28 15:11 ` [PATCH 3/6] ioctl: check for capabilities in the current user namespace Dwight Engen
2013-06-28 15:11 ` [PATCH 4/6] convert kuid_t to/from uid_t for xfs internal structures Dwight Engen
2013-06-28 15:11 ` [PATCH 5/6] create internal eofblocks structure with kuid_t types Dwight Engen
2013-06-28 18:09 ` Brian Foster
2013-06-28 15:11 ` [PATCH 6/6] ioctl eofblocks: require non-privileged users to specify uid/gid match Dwight Engen
2013-06-28 18:50 ` Brian Foster
2013-06-28 20:28 ` Dwight Engen
2013-06-28 21:39 ` Brian Foster
2013-06-28 23:22 ` Dwight Engen
2013-07-01 12:21 ` Brian Foster
2013-07-06 4:44 ` [PATCH 1/1] export inode_capable Serge Hallyn
2013-07-08 13:09 ` [PATCH v2 RFC] userns: Convert xfs to use kuid/kgid where appropriate Serge Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130620211039.GS29376@dastard \
--to=david@fromorbit.com \
--cc=dwight.engen@oracle.com \
--cc=ebiederm@gmail.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.