public inbox for linux-xfs@vger.kernel.org
 help / color / mirror / Atom feed
From: Dave Chinner <david@fromorbit.com>
To: Andreas Gruenbacher <agruenba@redhat.com>
Cc: Brian Foster <bfoster@redhat.com>, xfs@oss.sgi.com
Subject: Re: [PATCH 3/4] xfs: SGI ACLs: Map uid/gid namespaces
Date: Wed, 28 Oct 2015 06:55:02 +1100	[thread overview]
Message-ID: <20151027195502.GN8773@dastard> (raw)
In-Reply-To: <CAHc6FU7YbdmH+S0HZUg1cL++NM4FXFot=GLBr1_6HPhJSP+dvA@mail.gmail.com>

On Tue, Oct 27, 2015 at 04:55:22PM +0100, Andreas Gruenbacher wrote:
> On Mon, Oct 26, 2015 at 10:46 PM, Dave Chinner <david@fromorbit.com> wrote:
> > On Sat, Oct 24, 2015 at 11:16:08PM +0200, Andreas Gruenbacher wrote:
> >> @@ -71,10 +72,10 @@ xfs_acl_from_disk(
> >>
> >>               switch (acl_e->e_tag) {
> >>               case ACL_USER:
> >> -                     acl_e->e_uid = xfs_uid_to_kuid(be32_to_cpu(ace->ae_id));
> >> +                     acl_e->e_uid = make_kuid(ns, be32_to_cpu(ace->ae_id));
> >
> > Please don't replace the xfs wrappers with the horribly named
> > generic functions. Pass the namespace to xfs_uid_to_kuid(), and
> > modify them, please. That way people who don't deal with namespaces
> > every day can tell exactly what format conversion is taking place
> > just by reading the code...
> 
> We would effectively end up with:
> 
>   #define xfs_kuid_to_uid from_kuid
>   #define xfs_kgid_to_gid from_kgid
>   #define xfs_uid_to_kuid make_kuid
>   #define xfs_gid_to_kgid make_kgid

No, you'd just add the namespace pointer to the static inline
functions we already have, and add a comment stating when the caller
should pass the init_ns vs user_ns.

But now that I've thought about this a bit more, I don't think that
the changes you've made are correct - we shouldn't be doing uid/gid
namespace conversion in disk formating functions. That is, the
conversion of user/group types should be done at the incoming layers
(i.e. at VFS/ioctl layers), not deep in the guts of the XFS code.

i.e. the disk formating functions should be passed uids/gids that
are already mapped to the init namespace, because there is no
guarantee that the formatting occurs in the same user context as the
syscall (e.g. low level disk formatting work gets deferred to a work
queue).

> Are you sure you really want that?

Why do you think we added the wrappers in the first place? It was
because the ns maintainer refused to follow standard, self
documenting type conversion naming conventions of <type>_to_<type>
so we added them ourselves. The user namespace code is horrible
enough without adding confusing type change functions everywhere...

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

  reply	other threads:[~2015-10-27 19:55 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-23 13:52 Inconsistencies with trusted.SGI_ACL_{FILE,DEFAULT} Andreas Gruenbacher
2015-10-24 12:57 ` Brian Foster
2015-10-24 13:58   ` Andreas Gruenbacher
2015-10-24 15:22     ` Brian Foster
2015-10-24 15:36       ` Brian Foster
2015-10-24 21:05       ` Andreas Gruenbacher
2015-10-24 21:16         ` [PATCH 0/4] xfs: SGI ACL Fixes Andreas Gruenbacher
2015-10-24 21:16           ` [PATCH 1/4] xfs: Validate the length of on-disk ACLs Andreas Gruenbacher
2015-10-24 21:16           ` [PATCH 2/4] xfs: SGI ACLs: Fix caching and mode setting Andreas Gruenbacher
2015-10-26 14:02             ` Brian Foster
2015-10-26 15:39               ` Andreas Gruenbacher
2015-10-26 19:00                 ` Brian Foster
2015-10-24 21:16           ` [PATCH 3/4] xfs: SGI ACLs: Map uid/gid namespaces Andreas Gruenbacher
2015-10-26 21:46             ` Dave Chinner
2015-10-27 15:55               ` Andreas Gruenbacher
2015-10-27 19:55                 ` Dave Chinner [this message]
2015-10-27 21:10                   ` Andreas Gruenbacher
2015-10-27 22:37                     ` Dave Chinner
2015-10-27 23:38                       ` Andreas Gruenbacher
2015-10-24 21:16           ` [PATCH 4/4] xfs: SGI ACLs: Prepare for richacls Andreas Gruenbacher
2015-10-26 20:15             ` Andreas Gruenbacher
2015-10-26 14:02           ` [PATCH 0/4] xfs: SGI ACL Fixes Brian Foster
2015-10-26 21:32       ` Inconsistencies with trusted.SGI_ACL_{FILE,DEFAULT} Dave Chinner
2015-10-26 23:52         ` Andreas Gruenbacher
2015-10-27  5:30           ` Dave Chinner
2015-10-27 10:56             ` Andreas Gruenbacher
2015-10-27 20:18               ` Dave Chinner
2015-10-27 21:39                 ` Andreas Gruenbacher
2015-10-27 22:38                   ` Dave Chinner
2015-10-27 11:31             ` Brian Foster

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151027195502.GN8773@dastard \
    --to=david@fromorbit.com \
    --cc=agruenba@redhat.com \
    --cc=bfoster@redhat.com \
    --cc=xfs@oss.sgi.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox