From: Christian Brauner <brauner@kernel.org>
To: Eric Sandeen <sandeen@redhat.com>
Cc: linux-fsdevel@vger.kernel.org, Miklos Greczi <mgreczi@redhat.com>,
Miklos Szeredi <miklos@szeredi.hu>,
Bernd Schubert <bschubert@ddn.com>,
Amir Goldstein <amir73il@gmail.com>,
Seth Forshee <sforshee@kernel.org>
Subject: Re: [PATCH 07/14] fuse: Convert to new uid/gid option parsing helpers
Date: Fri, 28 Jun 2024 14:07:40 +0200 [thread overview]
Message-ID: <20240628-anbrechen-warnschilder-c8607ec1c881@brauner> (raw)
In-Reply-To: <02670c04-2449-443f-bf44-68c927685a1c@redhat.com>
I think you accidently Cced the wrong Miklos. :)
On Thu, Jun 27, 2024 at 07:33:43PM GMT, Eric Sandeen wrote:
> Convert to new uid/gid option parsing helpers
>
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> ---
> fs/fuse/inode.c | 12 ++++--------
> 1 file changed, 4 insertions(+), 8 deletions(-)
>
> diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c
> index 99e44ea7d875..1ac528bcdb3c 100644
> --- a/fs/fuse/inode.c
> +++ b/fs/fuse/inode.c
> @@ -740,8 +740,8 @@ static const struct fs_parameter_spec fuse_fs_parameters[] = {
> fsparam_string ("source", OPT_SOURCE),
> fsparam_u32 ("fd", OPT_FD),
> fsparam_u32oct ("rootmode", OPT_ROOTMODE),
> - fsparam_u32 ("user_id", OPT_USER_ID),
> - fsparam_u32 ("group_id", OPT_GROUP_ID),
> + fsparam_uid ("user_id", OPT_USER_ID),
> + fsparam_gid ("group_id", OPT_GROUP_ID),
> fsparam_flag ("default_permissions", OPT_DEFAULT_PERMISSIONS),
> fsparam_flag ("allow_other", OPT_ALLOW_OTHER),
> fsparam_u32 ("max_read", OPT_MAX_READ),
> @@ -799,16 +799,12 @@ static int fuse_parse_param(struct fs_context *fsc, struct fs_parameter *param)
> break;
>
> case OPT_USER_ID:
> - ctx->user_id = make_kuid(fsc->user_ns, result.uint_32);
> - if (!uid_valid(ctx->user_id))
> - return invalfc(fsc, "Invalid user_id");
> + ctx->user_id = result.uid;
So fsc->user_ns will record the namespaces at fsopen() time which can be
different from the namespace used at fsconfig() time. This was done when
fuse was ported to the new mount api.
It has the same potential issues that Seth pointed out so I think your
patch is correct. But I also think we might need the same verification
that tmpfs is doing to verify that the uid/gid we're using can actually
be represented in the fsc->user_ns.
So maybe there should be a separate patch that converts fuse to rely on
make_k*id(current_user_ns()) + k*id_has_mapping() and then these patches
on top?
next prev parent reply other threads:[~2024-06-28 12:07 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-28 0:24 [PATCH 0/14] New uid & gid mount option parsing helpers Eric Sandeen
2024-06-28 0:26 ` [PATCH 01/14] fs_parse: add uid & gid option " Eric Sandeen
2024-06-28 9:45 ` Jan Kara
2024-06-28 12:23 ` Christian Brauner
2024-07-01 9:34 ` Jan Kara
2024-06-28 13:44 ` Eric Sandeen
2024-06-28 0:27 ` [PATCH 02/14] autofs: Convert to new uid/gid " Eric Sandeen
2024-07-01 3:05 ` Ian Kent
2024-06-28 0:29 ` [PATCH 03/14] debugfs: " Eric Sandeen
2024-06-28 0:30 ` [PATCH 04/14] efivarfs: " Eric Sandeen
2024-06-28 0:31 ` [PATCH 05/14] exfat: " Eric Sandeen
2024-06-28 0:32 ` [PATCH 06/14] ext4: " Eric Sandeen
2024-06-28 0:33 ` [PATCH 07/14] fuse: " Eric Sandeen
2024-06-28 12:07 ` Christian Brauner [this message]
2024-06-28 13:41 ` Eric Sandeen
2024-06-28 0:35 ` [PATCH 08/14] hugetlbfs: " Eric Sandeen
2024-06-28 0:36 ` [PATCH 09/14] isofs: " Eric Sandeen
2024-06-28 0:37 ` [PATCH 10/14] ntfs3: " Eric Sandeen
2024-06-28 0:38 ` [PATCH 11/14] tmpfs: " Eric Sandeen
2024-06-28 0:39 ` [PATCH 12/14] smb: client: " Eric Sandeen
2024-06-28 0:40 ` [PATCH 13/14] tracefs: " Eric Sandeen
2024-06-28 12:35 ` Steven Rostedt
2024-06-28 0:42 ` [PATCH 14/14] vboxsf: " Eric Sandeen
2024-06-28 6:43 ` Hans de Goede
2024-06-28 11:51 ` [PATCH 0/14] New uid & gid mount " Christian Brauner
2024-07-02 4:25 ` (subset) " Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240628-anbrechen-warnschilder-c8607ec1c881@brauner \
--to=brauner@kernel.org \
--cc=amir73il@gmail.com \
--cc=bschubert@ddn.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=mgreczi@redhat.com \
--cc=miklos@szeredi.hu \
--cc=sandeen@redhat.com \
--cc=sforshee@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).