From nobody Sun Sep 21 21:39:52 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B3AFECAAD2 for ; Mon, 29 Aug 2022 11:09:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230436AbiH2LJS (ORCPT ); Mon, 29 Aug 2022 07:09:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58350 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230426AbiH2LHd (ORCPT ); Mon, 29 Aug 2022 07:07:33 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C5302520B7; Mon, 29 Aug 2022 04:05:20 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 2EED0B80EC5; Mon, 29 Aug 2022 11:05:20 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9310EC433C1; Mon, 29 Aug 2022 11:05:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1661771119; bh=Qe9CtB/eJop4L+BZbhVntplBrPozxKEmknaFXBM9F0o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aa69G8DHkj6WtLy7IjQpkOQsHQ5FRwEl1UxsEGg2/VAotUKGKw57evy9NxOgqzh2s azetdA3JhhTYPRWMyrPotpDUqIKzcriGul39k9OgKkpxNgdUcoC4w+/Q/w/46VycNB qBvCxm39xhhWOvRFoFoAxUl5FRxkJzFv4ZzZAVFU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Konstantin Komarov , ntfs3@lists.linux.dev, "Christian Brauner (Microsoft)" , Sasha Levin Subject: [PATCH 5.15 037/136] ntfs: fix acl handling Date: Mon, 29 Aug 2022 12:58:24 +0200 Message-Id: <20220829105806.116680390@linuxfoundation.org> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20220829105804.609007228@linuxfoundation.org> References: <20220829105804.609007228@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Christian Brauner [ Upstream commit 0c3bc7899e6dfb52df1c46118a5a670ae619645f ] While looking at our current POSIX ACL handling in the context of some overlayfs work I went through a range of other filesystems checking how they handle them currently and encountered ntfs3. The posic_acl_{from,to}_xattr() helpers always need to operate on the filesystem idmapping. Since ntfs3 can only be mounted in the initial user namespace the relevant idmapping is init_user_ns. The posix_acl_{from,to}_xattr() helpers are concerned with translating betw= een the kernel internal struct posix_acl{_entry} and the uapi struct posix_acl_xattr_{header,entry} and the kernel internal data structure is ca= ched filesystem wide. Additional idmappings such as the caller's idmapping or the mount's idmappi= ng are handled higher up in the VFS. Individual filesystems usually do not nee= d to concern themselves with these. The posix_acl_valid() helper is concerned with checking whether the values = in the kernel internal struct posix_acl can be represented in the filesystem's idmapping. IOW, if they can be written to disk. So this helper too needs to take the filesystem's idmapping. Fixes: be71b5cba2e6 ("fs/ntfs3: Add attrib operations") Cc: Konstantin Komarov Cc: ntfs3@lists.linux.dev Signed-off-by: Christian Brauner (Microsoft) Signed-off-by: Sasha Levin --- fs/ntfs3/xattr.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/fs/ntfs3/xattr.c b/fs/ntfs3/xattr.c index 872eb56bb1706..e8bfa709270d1 100644 --- a/fs/ntfs3/xattr.c +++ b/fs/ntfs3/xattr.c @@ -476,8 +476,7 @@ static noinline int ntfs_set_ea(struct inode *inode, co= nst char *name, } =20 #ifdef CONFIG_NTFS3_FS_POSIX_ACL -static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns, - struct inode *inode, int type, +static struct posix_acl *ntfs_get_acl_ex(struct inode *inode, int type, int locked) { struct ntfs_inode *ni =3D ntfs_i(inode); @@ -512,7 +511,7 @@ static struct posix_acl *ntfs_get_acl_ex(struct user_na= mespace *mnt_userns, =20 /* Translate extended attribute to acl. */ if (err >=3D 0) { - acl =3D posix_acl_from_xattr(mnt_userns, buf, err); + acl =3D posix_acl_from_xattr(&init_user_ns, buf, err); } else if (err =3D=3D -ENODATA) { acl =3D NULL; } else { @@ -535,8 +534,7 @@ struct posix_acl *ntfs_get_acl(struct inode *inode, int= type, bool rcu) if (rcu) return ERR_PTR(-ECHILD); =20 - /* TODO: init_user_ns? */ - return ntfs_get_acl_ex(&init_user_ns, inode, type, 0); + return ntfs_get_acl_ex(inode, type, 0); } =20 static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, @@ -588,7 +586,7 @@ static noinline int ntfs_set_acl_ex(struct user_namespa= ce *mnt_userns, value =3D kmalloc(size, GFP_NOFS); if (!value) return -ENOMEM; - err =3D posix_acl_to_xattr(mnt_userns, acl, value, size); + err =3D posix_acl_to_xattr(&init_user_ns, acl, value, size); if (err < 0) goto out; flags =3D 0; @@ -639,7 +637,7 @@ static int ntfs_xattr_get_acl(struct user_namespace *mn= t_userns, if (!acl) return -ENODATA; =20 - err =3D posix_acl_to_xattr(mnt_userns, acl, buffer, size); + err =3D posix_acl_to_xattr(&init_user_ns, acl, buffer, size); posix_acl_release(acl); =20 return err; @@ -663,12 +661,12 @@ static int ntfs_xattr_set_acl(struct user_namespace *= mnt_userns, if (!value) { acl =3D NULL; } else { - acl =3D posix_acl_from_xattr(mnt_userns, value, size); + acl =3D posix_acl_from_xattr(&init_user_ns, value, size); if (IS_ERR(acl)) return PTR_ERR(acl); =20 if (acl) { - err =3D posix_acl_valid(mnt_userns, acl); + err =3D posix_acl_valid(&init_user_ns, acl); if (err) goto release_and_out; } --=20 2.35.1