From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Seth Forshee <sforshee@digitalocean.com>,
Christoph Hellwig <hch@lst.de>, Al Viro <viro@zeniv.linux.org.uk>,
linux-fsdevel@vger.kernel.org,
Amir Goldstein <amir73il@gmail.com>,
Christian Brauner <christian.brauner@ubuntu.com>,
"Christian Brauner (Microsoft)" <brauner@kernel.org>
Subject: [PATCH 5.15 20/28] fs: port higher-level mapping helpers
Date: Thu, 30 Jun 2022 15:47:16 +0200 [thread overview]
Message-ID: <20220630133233.523384488@linuxfoundation.org> (raw)
In-Reply-To: <20220630133232.926711493@linuxfoundation.org>
From: Christian Brauner <christian.brauner@ubuntu.com>
commit 209188ce75d0d357c292f6bb81d712acdd4e7db7 upstream.
Enable the mapped_fs{g,u}id() helpers to support filesystems mounted
with an idmapping. Apart from core mapping helpers that use
mapped_fs{g,u}id() to initialize struct inode's i_{g,u}id fields xfs is
the only place that uses these low-level helpers directly.
The patch only extends the helpers to be able to take the filesystem
idmapping into account. Since we don't actually yet pass the
filesystem's idmapping in no functional changes happen. This will happen
in a final patch.
Link: https://lore.kernel.org/r/20211123114227.3124056-9-brauner@kernel.org (v1)
Link: https://lore.kernel.org/r/20211130121032.3753852-9-brauner@kernel.org (v2)
Link: https://lore.kernel.org/r/20211203111707.3901969-9-brauner@kernel.org
Cc: Seth Forshee <sforshee@digitalocean.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Al Viro <viro@zeniv.linux.org.uk>
CC: linux-fsdevel@vger.kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Seth Forshee <sforshee@digitalocean.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/xfs/xfs_inode.c | 8 ++++----
fs/xfs/xfs_symlink.c | 4 ++--
include/linux/fs.h | 8 ++++----
include/linux/mnt_idmapping.h | 12 ++++++++----
4 files changed, 18 insertions(+), 14 deletions(-)
--- a/fs/xfs/xfs_inode.c
+++ b/fs/xfs/xfs_inode.c
@@ -994,8 +994,8 @@ xfs_create(
/*
* Make sure that we have allocated dquot(s) on disk.
*/
- error = xfs_qm_vop_dqalloc(dp, mapped_fsuid(mnt_userns),
- mapped_fsgid(mnt_userns), prid,
+ error = xfs_qm_vop_dqalloc(dp, mapped_fsuid(mnt_userns, &init_user_ns),
+ mapped_fsgid(mnt_userns, &init_user_ns), prid,
XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT,
&udqp, &gdqp, &pdqp);
if (error)
@@ -1148,8 +1148,8 @@ xfs_create_tmpfile(
/*
* Make sure that we have allocated dquot(s) on disk.
*/
- error = xfs_qm_vop_dqalloc(dp, mapped_fsuid(mnt_userns),
- mapped_fsgid(mnt_userns), prid,
+ error = xfs_qm_vop_dqalloc(dp, mapped_fsuid(mnt_userns, &init_user_ns),
+ mapped_fsgid(mnt_userns, &init_user_ns), prid,
XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT,
&udqp, &gdqp, &pdqp);
if (error)
--- a/fs/xfs/xfs_symlink.c
+++ b/fs/xfs/xfs_symlink.c
@@ -184,8 +184,8 @@ xfs_symlink(
/*
* Make sure that we have allocated dquot(s) on disk.
*/
- error = xfs_qm_vop_dqalloc(dp, mapped_fsuid(mnt_userns),
- mapped_fsgid(mnt_userns), prid,
+ error = xfs_qm_vop_dqalloc(dp, mapped_fsuid(mnt_userns, &init_user_ns),
+ mapped_fsgid(mnt_userns, &init_user_ns), prid,
XFS_QMOPT_QUOTALL | XFS_QMOPT_INHERIT,
&udqp, &gdqp, &pdqp);
if (error)
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1666,7 +1666,7 @@ static inline kgid_t i_gid_into_mnt(stru
static inline void inode_fsuid_set(struct inode *inode,
struct user_namespace *mnt_userns)
{
- inode->i_uid = mapped_fsuid(mnt_userns);
+ inode->i_uid = mapped_fsuid(mnt_userns, &init_user_ns);
}
/**
@@ -1680,7 +1680,7 @@ static inline void inode_fsuid_set(struc
static inline void inode_fsgid_set(struct inode *inode,
struct user_namespace *mnt_userns)
{
- inode->i_gid = mapped_fsgid(mnt_userns);
+ inode->i_gid = mapped_fsgid(mnt_userns, &init_user_ns);
}
/**
@@ -1701,10 +1701,10 @@ static inline bool fsuidgid_has_mapping(
kuid_t kuid;
kgid_t kgid;
- kuid = mapped_fsuid(mnt_userns);
+ kuid = mapped_fsuid(mnt_userns, &init_user_ns);
if (!uid_valid(kuid))
return false;
- kgid = mapped_fsgid(mnt_userns);
+ kgid = mapped_fsgid(mnt_userns, &init_user_ns);
if (!gid_valid(kgid))
return false;
return kuid_has_mapping(fs_userns, kuid) &&
--- a/include/linux/mnt_idmapping.h
+++ b/include/linux/mnt_idmapping.h
@@ -196,6 +196,7 @@ static inline kgid_t mapped_kgid_user(st
/**
* mapped_fsuid - return caller's fsuid mapped up into a mnt_userns
* @mnt_userns: the mount's idmapping
+ * @fs_userns: the filesystem's idmapping
*
* Use this helper to initialize a new vfs or filesystem object based on
* the caller's fsuid. A common example is initializing the i_uid field of
@@ -205,14 +206,16 @@ static inline kgid_t mapped_kgid_user(st
*
* Return: the caller's current fsuid mapped up according to @mnt_userns.
*/
-static inline kuid_t mapped_fsuid(struct user_namespace *mnt_userns)
+static inline kuid_t mapped_fsuid(struct user_namespace *mnt_userns,
+ struct user_namespace *fs_userns)
{
- return mapped_kuid_user(mnt_userns, &init_user_ns, current_fsuid());
+ return mapped_kuid_user(mnt_userns, fs_userns, current_fsuid());
}
/**
* mapped_fsgid - return caller's fsgid mapped up into a mnt_userns
* @mnt_userns: the mount's idmapping
+ * @fs_userns: the filesystem's idmapping
*
* Use this helper to initialize a new vfs or filesystem object based on
* the caller's fsgid. A common example is initializing the i_gid field of
@@ -222,9 +225,10 @@ static inline kuid_t mapped_fsuid(struct
*
* Return: the caller's current fsgid mapped up according to @mnt_userns.
*/
-static inline kgid_t mapped_fsgid(struct user_namespace *mnt_userns)
+static inline kgid_t mapped_fsgid(struct user_namespace *mnt_userns,
+ struct user_namespace *fs_userns)
{
- return mapped_kgid_user(mnt_userns, &init_user_ns, current_fsgid());
+ return mapped_kgid_user(mnt_userns, fs_userns, current_fsgid());
}
#endif /* _LINUX_MNT_IDMAPPING_H */
next prev parent reply other threads:[~2022-06-30 14:11 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20220630133232.926711493@linuxfoundation.org>
2022-06-30 13:47 ` [PATCH 5.15 13/28] fs: add is_idmapped_mnt() helper Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 14/28] fs: move mapping helpers Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 15/28] fs: tweak fsuidgid_has_mapping() Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 16/28] fs: account for filesystem mappings Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 17/28] docs: update mapping documentation Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 18/28] fs: use low-level mapping helpers Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 19/28] fs: remove unused " Greg Kroah-Hartman
2022-06-30 13:47 ` Greg Kroah-Hartman [this message]
2022-06-30 13:47 ` [PATCH 5.15 21/28] fs: add i_user_ns() helper Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 22/28] fs: support mapped mounts of mapped filesystems Greg Kroah-Hartman
2022-06-30 13:47 ` [PATCH 5.15 24/28] fs: account for group membership Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220630133233.523384488@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=christian.brauner@ubuntu.com \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sforshee@digitalocean.com \
--cc=stable@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).