From: Christian Brauner <brauner@kernel.org>
To: linux-fsdevel@vger.kernel.org
Cc: Christian Brauner <brauner@kernel.org>,
Al Viro <viro@zeniv.linux.org.uk>, Christoph Hellwig <hch@lst.de>,
Seth Forshee <sforshee@kernel.org>
Subject: [PATCH 2/2] acl: conver higher-level helpers to rely on mnt_idmap
Date: Fri, 28 Oct 2022 13:10:42 +0200 [thread overview]
Message-ID: <20221028111041.448001-2-brauner@kernel.org> (raw)
In-Reply-To: <20221028111041.448001-1-brauner@kernel.org>
Convert an initial portion to rely on struct mnt_idmap by converting the
high level xattr helpers.
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
---
fs/internal.h | 12 ++++++------
fs/posix_acl.c | 15 ++++++++-------
fs/xattr.c | 39 ++++++++++++++++++++-------------------
io_uring/xattr.c | 6 +++---
4 files changed, 37 insertions(+), 35 deletions(-)
diff --git a/fs/internal.h b/fs/internal.h
index 0c8812fe7ca4..a803cc3cf716 100644
--- a/fs/internal.h
+++ b/fs/internal.h
@@ -227,28 +227,28 @@ struct xattr_ctx {
};
-ssize_t do_getxattr(struct user_namespace *mnt_userns,
+ssize_t do_getxattr(struct mnt_idmap *idmap,
struct dentry *d,
struct xattr_ctx *ctx);
int setxattr_copy(const char __user *name, struct xattr_ctx *ctx);
-int do_setxattr(struct user_namespace *mnt_userns, struct dentry *dentry,
+int do_setxattr(struct mnt_idmap *idmap, struct dentry *dentry,
struct xattr_ctx *ctx);
int may_write_xattr(struct user_namespace *mnt_userns, struct inode *inode);
#ifdef CONFIG_FS_POSIX_ACL
-int do_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
+int do_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
const char *acl_name, const void *kvalue, size_t size);
-ssize_t do_get_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
+ssize_t do_get_acl(struct mnt_idmap *idmap, struct dentry *dentry,
const char *acl_name, void *kvalue, size_t size);
#else
-static inline int do_set_acl(struct user_namespace *mnt_userns,
+static inline int do_set_acl(struct mnt_idmap *idmap,
struct dentry *dentry, const char *acl_name,
const void *kvalue, size_t size)
{
return -EOPNOTSUPP;
}
-static inline ssize_t do_get_acl(struct user_namespace *mnt_userns,
+static inline ssize_t do_get_acl(struct mnt_idmap *idmap,
struct dentry *dentry, const char *acl_name,
void *kvalue, size_t size)
{
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 989bbf280bfe..47b5263ba92e 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -871,7 +871,7 @@ EXPORT_SYMBOL (posix_acl_to_xattr);
/**
* vfs_posix_acl_to_xattr - convert from kernel to userspace representation
- * @mnt_userns: user namespace of the mount
+ * @idmap: idmap of the mount
* @inode: inode the posix acls are set on
* @acl: the posix acls as represented by the vfs
* @buffer: the buffer into which to convert @acl
@@ -884,7 +884,7 @@ EXPORT_SYMBOL (posix_acl_to_xattr);
* Return: On success, the size of the stored uapi posix acls, on error a
* negative errno.
*/
-static ssize_t vfs_posix_acl_to_xattr(struct user_namespace *mnt_userns,
+static ssize_t vfs_posix_acl_to_xattr(struct mnt_idmap *idmap,
struct inode *inode,
const struct posix_acl *acl, void *buffer,
size_t size)
@@ -893,6 +893,7 @@ static ssize_t vfs_posix_acl_to_xattr(struct user_namespace *mnt_userns,
struct posix_acl_xattr_header *ext_acl = buffer;
struct posix_acl_xattr_entry *ext_entry;
struct user_namespace *fs_userns, *caller_userns;
+ struct user_namespace *mnt_userns = idmap->owner;
ssize_t real_size, n;
vfsuid_t vfsuid;
vfsgid_t vfsgid;
@@ -1227,7 +1228,7 @@ int vfs_remove_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
}
EXPORT_SYMBOL_GPL(vfs_remove_acl);
-int do_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
+int do_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
const char *acl_name, const void *kvalue, size_t size)
{
int error;
@@ -1243,22 +1244,22 @@ int do_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
return PTR_ERR(acl);
}
- error = vfs_set_acl(mnt_userns, dentry, acl_name, acl);
+ error = vfs_set_acl(idmap->owner, dentry, acl_name, acl);
posix_acl_release(acl);
return error;
}
-ssize_t do_get_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
+ssize_t do_get_acl(struct mnt_idmap *idmap, struct dentry *dentry,
const char *acl_name, void *kvalue, size_t size)
{
ssize_t error;
struct posix_acl *acl;
- acl = vfs_get_acl(mnt_userns, dentry, acl_name);
+ acl = vfs_get_acl(idmap->owner, dentry, acl_name);
if (IS_ERR(acl))
return PTR_ERR(acl);
- error = vfs_posix_acl_to_xattr(mnt_userns, d_inode(dentry),
+ error = vfs_posix_acl_to_xattr(idmap, d_inode(dentry),
acl, kvalue, size);
posix_acl_release(acl);
return error;
diff --git a/fs/xattr.c b/fs/xattr.c
index df3af9fa8c77..1c01cca472ea 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -597,19 +597,19 @@ int setxattr_copy(const char __user *name, struct xattr_ctx *ctx)
return error;
}
-int do_setxattr(struct user_namespace *mnt_userns, struct dentry *dentry,
+int do_setxattr(struct mnt_idmap *idmap, struct dentry *dentry,
struct xattr_ctx *ctx)
{
if (is_posix_acl_xattr(ctx->kname->name))
- return do_set_acl(mnt_userns, dentry, ctx->kname->name,
+ return do_set_acl(idmap, dentry, ctx->kname->name,
ctx->kvalue, ctx->size);
- return vfs_setxattr(mnt_userns, dentry, ctx->kname->name,
+ return vfs_setxattr(idmap->owner, dentry, ctx->kname->name,
ctx->kvalue, ctx->size, ctx->flags);
}
static long
-setxattr(struct user_namespace *mnt_userns, struct dentry *d,
+setxattr(struct mnt_idmap *idmap, struct dentry *d,
const char __user *name, const void __user *value, size_t size,
int flags)
{
@@ -627,7 +627,7 @@ setxattr(struct user_namespace *mnt_userns, struct dentry *d,
if (error)
return error;
- error = do_setxattr(mnt_userns, d, &ctx);
+ error = do_setxattr(idmap, d, &ctx);
kvfree(ctx.kvalue);
return error;
@@ -646,7 +646,7 @@ static int path_setxattr(const char __user *pathname,
return error;
error = mnt_want_write(path.mnt);
if (!error) {
- error = setxattr(mnt_user_ns(path.mnt), path.dentry, name,
+ error = setxattr(mnt_idmapping(path.mnt), path.dentry, name,
value, size, flags);
mnt_drop_write(path.mnt);
}
@@ -683,7 +683,7 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
audit_file(f.file);
error = mnt_want_write_file(f.file);
if (!error) {
- error = setxattr(file_mnt_user_ns(f.file),
+ error = setxattr(file_mnt_idmap(f.file),
f.file->f_path.dentry, name,
value, size, flags);
mnt_drop_write_file(f.file);
@@ -696,7 +696,7 @@ SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
* Extended attribute GET operations
*/
ssize_t
-do_getxattr(struct user_namespace *mnt_userns, struct dentry *d,
+do_getxattr(struct mnt_idmap *idmap, struct dentry *d,
struct xattr_ctx *ctx)
{
ssize_t error;
@@ -711,9 +711,9 @@ do_getxattr(struct user_namespace *mnt_userns, struct dentry *d,
}
if (is_posix_acl_xattr(ctx->kname->name))
- error = do_get_acl(mnt_userns, d, kname, ctx->kvalue, ctx->size);
+ error = do_get_acl(idmap, d, kname, ctx->kvalue, ctx->size);
else
- error = vfs_getxattr(mnt_userns, d, kname, ctx->kvalue, ctx->size);
+ error = vfs_getxattr(idmap->owner, d, kname, ctx->kvalue, ctx->size);
if (error > 0) {
if (ctx->size && copy_to_user(ctx->value, ctx->kvalue, error))
error = -EFAULT;
@@ -727,7 +727,7 @@ do_getxattr(struct user_namespace *mnt_userns, struct dentry *d,
}
static ssize_t
-getxattr(struct user_namespace *mnt_userns, struct dentry *d,
+getxattr(struct mnt_idmap *idmap, struct dentry *d,
const char __user *name, void __user *value, size_t size)
{
ssize_t error;
@@ -746,7 +746,7 @@ getxattr(struct user_namespace *mnt_userns, struct dentry *d,
if (error < 0)
return error;
- error = do_getxattr(mnt_userns, d, &ctx);
+ error = do_getxattr(idmap, d, &ctx);
kvfree(ctx.kvalue);
return error;
@@ -762,7 +762,8 @@ static ssize_t path_getxattr(const char __user *pathname,
error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
if (error)
return error;
- error = getxattr(mnt_user_ns(path.mnt), path.dentry, name, value, size);
+ error = getxattr(mnt_idmapping(path.mnt), path.dentry,
+ name, value, size);
path_put(&path);
if (retry_estale(error, lookup_flags)) {
lookup_flags |= LOOKUP_REVAL;
@@ -792,7 +793,7 @@ SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
if (!f.file)
return error;
audit_file(f.file);
- error = getxattr(file_mnt_user_ns(f.file), f.file->f_path.dentry,
+ error = getxattr(file_mnt_idmap(f.file), f.file->f_path.dentry,
name, value, size);
fdput(f);
return error;
@@ -877,7 +878,7 @@ SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
* Extended attribute REMOVE operations
*/
static long
-removexattr(struct user_namespace *mnt_userns, struct dentry *d,
+removexattr(struct mnt_idmap *idmap, struct dentry *d,
const char __user *name)
{
int error;
@@ -890,9 +891,9 @@ removexattr(struct user_namespace *mnt_userns, struct dentry *d,
return error;
if (is_posix_acl_xattr(kname))
- return vfs_remove_acl(mnt_userns, d, kname);
+ return vfs_remove_acl(idmap->owner, d, kname);
- return vfs_removexattr(mnt_userns, d, kname);
+ return vfs_removexattr(idmap->owner, d, kname);
}
static int path_removexattr(const char __user *pathname,
@@ -906,7 +907,7 @@ static int path_removexattr(const char __user *pathname,
return error;
error = mnt_want_write(path.mnt);
if (!error) {
- error = removexattr(mnt_user_ns(path.mnt), path.dentry, name);
+ error = removexattr(mnt_idmapping(path.mnt), path.dentry, name);
mnt_drop_write(path.mnt);
}
path_put(&path);
@@ -939,7 +940,7 @@ SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
audit_file(f.file);
error = mnt_want_write_file(f.file);
if (!error) {
- error = removexattr(file_mnt_user_ns(f.file),
+ error = removexattr(file_mnt_idmap(f.file),
f.file->f_path.dentry, name);
mnt_drop_write_file(f.file);
}
diff --git a/io_uring/xattr.c b/io_uring/xattr.c
index 99df641594d7..1da0f06f3634 100644
--- a/io_uring/xattr.c
+++ b/io_uring/xattr.c
@@ -112,7 +112,7 @@ int io_fgetxattr(struct io_kiocb *req, unsigned int issue_flags)
if (issue_flags & IO_URING_F_NONBLOCK)
return -EAGAIN;
- ret = do_getxattr(mnt_user_ns(req->file->f_path.mnt),
+ ret = do_getxattr(mnt_idmapping(req->file->f_path.mnt),
req->file->f_path.dentry,
&ix->ctx);
@@ -133,7 +133,7 @@ int io_getxattr(struct io_kiocb *req, unsigned int issue_flags)
retry:
ret = filename_lookup(AT_FDCWD, ix->filename, lookup_flags, &path, NULL);
if (!ret) {
- ret = do_getxattr(mnt_user_ns(path.mnt),
+ ret = do_getxattr(mnt_idmapping(path.mnt),
path.dentry,
&ix->ctx);
@@ -213,7 +213,7 @@ static int __io_setxattr(struct io_kiocb *req, unsigned int issue_flags,
ret = mnt_want_write(path->mnt);
if (!ret) {
- ret = do_setxattr(mnt_user_ns(path->mnt), path->dentry, &ix->ctx);
+ ret = do_setxattr(mnt_idmapping(path->mnt), path->dentry, &ix->ctx);
mnt_drop_write(path->mnt);
}
--
2.34.1
next prev parent reply other threads:[~2022-10-28 11:11 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-28 11:10 [PATCH 1/2] fs: introduce dedicated idmap type for mounts Christian Brauner
2022-10-28 11:10 ` Christian Brauner [this message]
2022-10-31 14:33 ` [PATCH 2/2] acl: conver higher-level helpers to rely on mnt_idmap Seth Forshee
2022-10-28 17:42 ` [PATCH 1/2] fs: introduce dedicated idmap type for mounts kernel test robot
2022-10-31 14:32 ` Seth Forshee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221028111041.448001-2-brauner@kernel.org \
--to=brauner@kernel.org \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=sforshee@kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.