From: Christian Brauner <brauner@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Christian Brauner <brauner@kernel.org>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [GIT PULL] vfsuid updates for v6.2
Date: Mon, 12 Dec 2022 13:33:48 +0100 [thread overview]
Message-ID: <20221212123348.169903-1-brauner@kernel.org> (raw)
Hey Linus,
/* Summary */
Last cycle we introduced the vfs{g,u}id_t types and associated helpers to gain
type safety when dealing with idmapped mounts. That initial pull request back
then already converted a lot of places over but there were still some left,
This pull request converts all remaining places that still make use of non-type
safe idmapping helpers to rely on the new type safe vfs{g,u}id based helpers.
Afterwards it removes all the old non-type safe helpers.
Note that this pull request has the setgid inheritance branch merged in as the
setgid inheritance branch unifies multiple open-coded checks into a single
helper making the conversion here easier. I've sent a pull request for that
work rearlier so it's on the list and in your inbox before this one. The lore
url is:
https://lore.kernel.org/lkml/20221212112053.99208-1-brauner@kernel.org
In case you don't want to pull "setgid inheritance updates for v6.2" but still
would like to pull the remaining vfs{g,u}id_t conversions (That would be
greatly appreciated as it gets rid of duplicated functionality between the
different helpers.) I prepared the tag
fs.vfsuid.conversion.standalone.v6.2
This tag only contains all the vfs{g,u}id_t patches without any of the "setgid
inheritance updates for v6.2" patches.
ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.vfsuid.conversion.standalone.v6.2
/* Testing */
clang: Ubuntu clang version 15.0.2-1
gcc: gcc (Ubuntu 12.2.0-3ubuntu1) 12.2.0
All patches are based on v6.1-rc1 and have been sitting in linux-next. No build
failures or warnings were observed. The vfsuid conversionn portion passes all
old and new tests in fstests, selftests, and LTP pass without regressions.
/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with current
mainline.
/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with current
mainline.
The following changes since commit 9abf2313adc1ca1b6180c508c25f22f9395cc780:
Linux 6.1-rc1 (2022-10-16 15:36:24 -0700)
are available in the Git repository at:
ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.vfsuid.conversion.v6.2
__Alternatively__, a standalone version without the setgid patches merged in
can be found at:
ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.vfsuid.conversion.standalone.v6.2
for you to fetch changes up to eb7718cdb73c6b0c93002f8f73f4dd4701f8d2bb:
fs: remove unused idmapping helpers (2022-10-26 10:03:34 +0200)
Please consider pulling these changes from the signed fs.vfsuid.conversion.v6.2
or fs.vfsuid.conversion.standalone.v6.2 tag.
Thanks!
Christian
----------------------------------------------------------------
fs.vfsuid.conversion.v6.2
----------------------------------------------------------------
Amir Goldstein (2):
ovl: remove privs in ovl_copyfile()
ovl: remove privs in ovl_fallocate()
Christian Brauner (12):
attr: add in_group_or_capable()
fs: move should_remove_suid()
attr: add setattr_should_drop_sgid()
attr: use consistent sgid stripping checks
mnt_idmapping: add missing helpers
fs: use type safe idmapping helpers
caps: use type safe idmapping helpers
apparmor: use type safe idmapping helpers
ima: use type safe idmapping helpers
fuse: port to vfs{g,u}id_t and associated helpers
ovl: port to vfs{g,u}id_t and associated helpers
fs: remove unused idmapping helpers
Documentation/trace/ftrace.rst | 2 +-
fs/attr.c | 74 +++++++++++++++++++++++---
fs/coredump.c | 4 +-
fs/exec.c | 16 +++---
fs/fuse/acl.c | 2 +-
fs/fuse/file.c | 2 +-
fs/inode.c | 72 ++++++++++++--------------
fs/internal.h | 10 +++-
fs/namei.c | 40 +++++++--------
fs/ocfs2/file.c | 4 +-
fs/open.c | 8 +--
fs/overlayfs/file.c | 28 ++++++++--
fs/overlayfs/util.c | 9 +++-
fs/remap_range.c | 2 +-
fs/stat.c | 7 ++-
include/linux/fs.h | 36 +------------
include/linux/mnt_idmapping.h | 100 ++++++++++++------------------------
kernel/capability.c | 4 +-
security/apparmor/domain.c | 8 +--
security/apparmor/file.c | 4 +-
security/apparmor/lsm.c | 25 ++++++---
security/commoncap.c | 51 +++++++++---------
security/integrity/ima/ima_policy.c | 34 ++++++------
23 files changed, 289 insertions(+), 253 deletions(-)
next reply other threads:[~2022-12-12 12:35 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-12 12:33 Christian Brauner [this message]
2022-12-13 3:28 ` [GIT PULL] vfsuid updates for v6.2 Linus Torvalds
2022-12-13 9:19 ` Christian Brauner
2022-12-15 7:37 ` Rasmus Villemoes
2022-12-13 3:49 ` pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221212123348.169903-1-brauner@kernel.org \
--to=brauner@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox