[PATCH 05/12] docs: update mapping documentation

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Christian Brauner <brauner@kernel.org>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: Christian Brauner <christian.brauner@ubuntu.com>, stable@vger.kernel.org
Subject: [PATCH 05/12] docs: update mapping documentation
Date: Tue, 28 Jun 2022 14:16:13 +0200	[thread overview]
Message-ID: <20220628121620.188722-6-brauner@kernel.org> (raw)
In-Reply-To: <20220628102244.wymkrob3cfys2h7i@wittgenstein>

From: Christian Brauner <christian.brauner@ubuntu.com>

commit 8cc5c54de44c5e8e104d364a627ac4296845fc7f upstream.

Now that we implement the full remapping algorithms described in our
documentation remove the section about shortcircuting them.

Link: https://lore.kernel.org/r/20211123114227.3124056-6-brauner@kernel.org (v1)
Link: https://lore.kernel.org/r/20211130121032.3753852-6-brauner@kernel.org (v2)
Link: https://lore.kernel.org/r/20211203111707.3901969-6-brauner@kernel.org
Cc: Seth Forshee <sforshee@digitalocean.com>
Cc: Amir Goldstein <amir73il@gmail.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
CC: linux-fsdevel@vger.kernel.org
Reviewed-by: Seth Forshee <sforshee@digitalocean.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
---
 Documentation/filesystems/idmappings.rst | 72 ------------------------
 1 file changed, 72 deletions(-)

diff --git a/Documentation/filesystems/idmappings.rst b/Documentation/filesystems/idmappings.rst
index 1229a75ec75d..7a879ec3b6bf 100644
--- a/Documentation/filesystems/idmappings.rst
+++ b/Documentation/filesystems/idmappings.rst
@@ -952,75 +952,3 @@ The raw userspace id that is put on disk is ``u1000`` so when the user takes
 their home directory back to their home computer where they are assigned
 ``u1000`` using the initial idmapping and mount the filesystem with the initial
 idmapping they will see all those files owned by ``u1000``.
-
-Shortcircuting
---------------
-
-Currently, the implementation of idmapped mounts enforces that the filesystem
-is mounted with the initial idmapping. The reason is simply that none of the
-filesystems that we targeted were mountable with a non-initial idmapping. But
-that might change soon enough. As we've seen above, thanks to the properties of
-idmappings the translation works for both filesystems mounted with the initial
-idmapping and filesystem with non-initial idmappings.
-
-Based on this current restriction to filesystem mounted with the initial
-idmapping two noticeable shortcuts have been taken:
-
-1. We always stash a reference to the initial user namespace in ``struct
-   vfsmount``. Idmapped mounts are thus mounts that have a non-initial user
-   namespace attached to them.
-
-   In order to support idmapped mounts this needs to be changed. Instead of
-   stashing the initial user namespace the user namespace the filesystem was
-   mounted with must be stashed. An idmapped mount is then any mount that has
-   a different user namespace attached then the filesystem was mounted with.
-   This has no user-visible consequences.
-
-2. The translation algorithms in ``mapped_fs*id()`` and ``i_*id_into_mnt()``
-   are simplified.
-
-   Let's consider ``mapped_fs*id()`` first. This function translates the
-   caller's kernel id into a kernel id in the filesystem's idmapping via
-   a mount's idmapping. The full algorithm is::
-
-    mapped_fsuid(kid):
-      /* Map the kernel id up into a userspace id in the mount's idmapping. */
-      from_kuid(mount-idmapping, kid) = uid
-
-      /* Map the userspace id down into a kernel id in the filesystem's idmapping. */
-      make_kuid(filesystem-idmapping, uid) = kuid
-
-   We know that the filesystem is always mounted with the initial idmapping as
-   we enforce this in ``mount_setattr()``. So this can be shortened to::
-
-    mapped_fsuid(kid):
-      /* Map the kernel id up into a userspace id in the mount's idmapping. */
-      from_kuid(mount-idmapping, kid) = uid
-
-      /* Map the userspace id down into a kernel id in the filesystem's idmapping. */
-      KUIDT_INIT(uid) = kuid
-
-   Similarly, for ``i_*id_into_mnt()`` which translated the filesystem's kernel
-   id into a mount's kernel id::
-
-    i_uid_into_mnt(kid):
-      /* Map the kernel id up into a userspace id in the filesystem's idmapping. */
-      from_kuid(filesystem-idmapping, kid) = uid
-
-      /* Map the userspace id down into a kernel id in the mounts's idmapping. */
-      make_kuid(mount-idmapping, uid) = kuid
-
-   Again, we know that the filesystem is always mounted with the initial
-   idmapping as we enforce this in ``mount_setattr()``. So this can be
-   shortened to::
-
-    i_uid_into_mnt(kid):
-      /* Map the kernel id up into a userspace id in the filesystem's idmapping. */
-      __kuid_val(kid) = uid
-
-      /* Map the userspace id down into a kernel id in the mounts's idmapping. */
-      make_kuid(mount-idmapping, uid) = kuid
-
-Handling filesystems mounted with non-initial idmappings requires that the
-translation functions be converted to their full form. They can still be
-shortcircuited on non-idmapped mounts. This has no user-visible consequences.
-- 
2.34.1

next prev parent reply	other threads:[~2022-06-28 12:16 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-20  9:56 FAILED: patch "[PATCH] fs: account for group membership" failed to apply to 5.15-stable tree gregkh
2022-06-27 17:24 ` Christian Brauner
2022-06-28 10:22   ` Christian Brauner
2022-06-28 12:16     ` [PATCH 00/12] attr: group fix backport Christian Brauner
2022-06-30 11:37       ` Greg KH
2022-06-28 12:16     ` [PATCH 01/12] fs: add is_idmapped_mnt() helper Christian Brauner
2022-06-28 12:16     ` [PATCH 02/12] fs: move mapping helpers Christian Brauner
2022-06-28 12:16     ` [PATCH 03/12] fs: tweak fsuidgid_has_mapping() Christian Brauner
2022-06-28 12:16     ` [PATCH 04/12] fs: account for filesystem mappings Christian Brauner
2022-06-28 12:16     ` Christian Brauner [this message]
2022-06-28 12:16     ` [PATCH 06/12] fs: use low-level mapping helpers Christian Brauner
2022-06-28 12:16     ` [PATCH 07/12] fs: remove unused " Christian Brauner
2022-06-28 12:16     ` [PATCH 08/12] fs: port higher-level " Christian Brauner
2022-06-28 12:16     ` [PATCH 09/12] fs: add i_user_ns() helper Christian Brauner
2022-06-28 12:16     ` [PATCH 10/12] fs: support mapped mounts of mapped filesystems Christian Brauner
2022-06-28 12:16     ` [PATCH 11/12] fs: fix acl translation Christian Brauner
2022-06-30 11:36       ` Patch "fs: fix acl translation" has been added to the 5.15-stable tree gregkh
2022-06-28 12:16     ` [PATCH 12/12] fs: account for group membership Christian Brauner

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1229a75ec75 dfblob:7a879ec3b6b )
 OR (
bs:"[PATCH 05/12] docs: update mapping documentation" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220628121620.188722-6-brauner@kernel.org \
    --to=brauner@kernel.org \
    --cc=christian.brauner@ubuntu.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.