* [GIT PULL] fs idmapped fixes for v6.0-rc3
@ 2022-08-22 12:11 Christian Brauner
2022-08-22 18:48 ` pr-tracker-bot
0 siblings, 1 reply; 2+ messages in thread
From: Christian Brauner @ 2022-08-22 12:11 UTC (permalink / raw)
To: Linus Torvalds; +Cc: linux-fsdevel, linux-kernel, Seth Forshee
Hey Linus,
/* Summary */
This contains a few fixes:
- Since Seth joined as co-maintainer for idmapped mounts we decided to use a
shared git tree. Konstantin suggested we use vfs/idmapping.git on kernel.org
under the vfs/ namespace. So this updates the tree in the maintainers file.
- Ensure that POSIX ACLs checking, getting, and setting works correctly
for filesystems mountable with a filesystem idmapping that want to support
idmapped mounts. Since no filesystems mountable with an fs_idmapping do yet
support idmapped mounts there is no problem. But this could change in the
future, so add a check to refuse to create idmapped mounts when the mounter
is not privileged over the mount's idmapping.
- Check that caller is privileged over the idmapping that will be attached to a
mount. Currently no FS_USERNS_MOUNT filesystems support idmapped mounts, thus
this is not a problem as only CAP_SYS_ADMIN in init_user_ns is allowed to set
up idmapped mounts. But this could change in the future, so add a check to
refuse to create idmapped mounts when the mounter is not privileged over the
mount's idmapping.
- Fix POSIX ACLs for ntfs3. While looking at our current POSIX ACL handling in
the context of some overlayfs work I went through a range of other
filesystems checking how they handle them currently and encountered a few
bugs in ntfs3. I've sent this some time ago and the fixes haven't been picked
up even though the pull request for other ntfs3 fixes got sent after. This
should really be fixed as right now POSIX ACLs are broken in certain
circumstances for ntfs3.
/* Testing */
All patches are based on v6.0-rc1 and have been sitting in linux-next. No build
failures or warnings were observed and fstests, selftests, and LTP have seen no
regressions.
/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with current
mainline.
The following changes since commit 568035b01cfb107af8d2e4bd2fb9aea22cf5b868:
Linux 6.0-rc1 (2022-08-14 15:50:18 -0700)
are available in the Git repository at:
ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.idmapped.fixes.v6.0-rc3
for you to fetch changes up to 0c3bc7899e6dfb52df1c46118a5a670ae619645f:
ntfs: fix acl handling (2022-08-22 12:52:23 +0200)
Please consider pulling these changes from the signed fs.idmapped.fixes.v6.0-rc3 tag.
Thanks!
Christian
----------------------------------------------------------------
fs.idmapped.fixes.v6.0-rc3
----------------------------------------------------------------
Christian Brauner (3):
acl: handle idmapped mounts for idmapped filesystems
MAINTAINERS: update idmapping tree
ntfs: fix acl handling
Seth Forshee (1):
fs: require CAP_SYS_ADMIN in target namespace for idmapped mounts
MAINTAINERS | 2 +-
fs/namespace.c | 7 +++++++
fs/ntfs3/xattr.c | 16 +++++++---------
fs/overlayfs/inode.c | 11 +++++++----
fs/posix_acl.c | 15 +++++++++------
5 files changed, 31 insertions(+), 20 deletions(-)
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-22 18:49 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-08-22 12:11 [GIT PULL] fs idmapped fixes for v6.0-rc3 Christian Brauner
2022-08-22 18:48 ` pr-tracker-bot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox