From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFE0A188A24 for ; Tue, 3 Sep 2024 15:16:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376616; cv=none; b=Y587Q/DUB0tvaNKpd4X/TOxyYcASB2dxuJkxXL2E/KIyx/JCVZLgfUYESIjq5PLta3Scr7TXgAhlGZMWkOGNFKd3qrFmsmD8wTuATTg0GVZkkxqZEy5Yxc5h2s4SrS/3iJfObOOZ4ZnhthKxtEOZ+bfn2dUStqfkoII7Nq3J6yo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376616; c=relaxed/simple; bh=+65lnekXMhI1t21zuHkzMVhnAJ/aGY9ksednbDEEX24=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Szhfepfbs33ahKHgi7uTfhUmdoBZbO9gtIL+HgcePIwSddvqVEmgtweTzCbeieI0Bo5z6wM+/srnINhmQrhWyTpVgYxnqq9xJ2ypc7Bm/fesMUGnmBVaZhn0UHpXQRMbRdvH4nJib4n9oUP2mIzrIJyLTmZDzHEyPhmZ8046dIA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=FC+OgzKo; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="FC+OgzKo" Received: from mail-ej1-f72.google.com (mail-ej1-f72.google.com [209.85.218.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 468793F17E for ; Tue, 3 Sep 2024 15:16:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376607; bh=j3VPDcvR6dDhs8ZQ9mZ4n82aTjnb//+beKKdu3S1mOA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=FC+OgzKoplrRZ3LZvzUa47yyNi4xzPI33BUErX699JruaOKmXF5QsuVZzA+6an2zT +a8H2yxwSA3k7+cbkqjx7xJ7JQJUGjvLojwUm/J/DEeWdPhUQ1IDO5762hLwpEfmRe 3usFe+hYf2NoIe0QOACAIQBj5CjaBM9uc53mPL9o07SQrEfwbqDa/IglYTdQRFW3qO dVjC0PFcVToaJb+mZPBkHJ5H8chMY/39ZeomXnKqc1k97d+y8PnglierdKUE32C/Mf kEmmeXi7566nbWsXTMTeSYeGItVsPu2Zt6y5/k+DJ7Eu4ok0bNVraBz9TwhVOFMMEs dQYEwieDLomhQ== Received: by mail-ej1-f72.google.com with SMTP id a640c23a62f3a-a7a83fad218so475371066b.3 for ; Tue, 03 Sep 2024 08:16:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376607; x=1725981407; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=j3VPDcvR6dDhs8ZQ9mZ4n82aTjnb//+beKKdu3S1mOA=; b=kVLMfknZImp56M+QHw6HWf/CuqiowxuwbT70AwWy4WOig0JQTCR7QMlc37dEjBJcYr 8utbTt2VQ+8F/7g/WCy8mpncr3gzoTi0znhe/xJnLz6UXyXAtRddktvu7nZtgWCtQipL mov68slnrNCSc56MhFfzdL+uDM/d4rGwipYDSKG85VMH8v6Lax2bujwRVPecINFvc2lN JuY70f5rWk7GGJc6T67A5WEox2Op0/8AuP7AN7G93RpAvDf6yIzFH+02HBwEXXMW92XI LFNiLvN2CjOy1Cf7M20n4wY1VC4jsFyelmFv1xw6Zeo1Nqu4uUw6HVynCH2c7J9ossMW TIgg== X-Forwarded-Encrypted: i=1; AJvYcCVuNKhb6uXjqmdD1vCUx4Wwp5BO7QlB/rUA4UA5MYogBZIAENM9Q2/Punzyszk/0419SAZ8MyHlegkvGV8=@vger.kernel.org X-Gm-Message-State: AOJu0YzG4qu0TFwOgHvOoLG1XZ0SuIrneBWEcK2KXYPUqw7jBSn2Fl3d YGtHLVLUssQnPaM8FwOImUX/2LeJlpnEhBOg6qe5GH1FvMjlyxbkqpMYpY/3IFNpeVsXSIVLg1Q A/ft4g6Z087kSTBKbexFZyWEdXAVDXR9fsqzTPwkWog/s4LwgisvW16K/RDrXRIuYQKUUdNPuOY SpNg== X-Received: by 2002:a17:907:7f29:b0:a7a:b4bd:d0eb with SMTP id a640c23a62f3a-a89b94cef55mr877281166b.24.1725376606802; Tue, 03 Sep 2024 08:16:46 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGeYN6hRfAhuD0+4Q5mLVtZ2Al7kWcPr9w+dVvPFIc/c9/ume9/DhCoB3QIXHG+d0EhOrXsgQ== X-Received: by 2002:a17:907:7f29:b0:a7a:b4bd:d0eb with SMTP id a640c23a62f3a-a89b94cef55mr877278866b.24.1725376606295; Tue, 03 Sep 2024 08:16:46 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.16.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:16:45 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , Alexander Viro , Jan Kara , linux-kernel@vger.kernel.org Subject: [PATCH v4 01/15] fs/namespace: introduce SB_I_NOIDMAP flag Date: Tue, 3 Sep 2024 17:16:12 +0200 Message-Id: <20240903151626.264609-2-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Right now we determine if filesystem support vfs idmappings or not basing on the FS_ALLOW_IDMAP flag presence. This "static" way works perfecly well for local filesystems like ext4, xfs, btrfs, etc. But for network-like filesystems like fuse, cephfs this approach is not ideal, because sometimes proper support of vfs idmaps requires some extensions for the on-wire protocol, which implies that changes have to be made not only in the Linux kernel code but also in the 3rd party components like libfuse, cephfs MDS server and so on. We have seen that issue during our work on cephfs idmapped mounts [1] with Christian, but right now I'm working on the idmapped mounts support for fuse/virtiofs and I think that it is a right time for this exte= nsion. [1] 5ccd8530dd7 ("ceph: handle idmapped mounts in create_request_message()") Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Suggested-by: Christian Brauner Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- v3: - this commit added --- fs/namespace.c | 4 ++++ include/linux/fs.h | 1 + 2 files changed, 5 insertions(+) diff --git a/fs/namespace.c b/fs/namespace.c index 328087a4df8a..d1702285c915 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -4436,6 +4436,10 @@ static int can_idmap_mount(const struct mount_kattr = *kattr, struct mount *mnt) if (!(m->mnt_sb->s_type->fs_flags & FS_ALLOW_IDMAP)) return -EINVAL; =20 + /* The filesystem has turned off idmapped mounts. */ + if (m->mnt_sb->s_iflags & SB_I_NOIDMAP) + return -EINVAL; + /* We're not controlling the superblock. */ if (!ns_capable(fs_userns, CAP_SYS_ADMIN)) return -EPERM; diff --git a/include/linux/fs.h b/include/linux/fs.h index 6ca11e241a24..8756f84d627c 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1190,6 +1190,7 @@ extern int send_sigurg(struct fown_struct *fown); #define SB_I_TS_EXPIRY_WARNED 0x00000400 /* warned about timestamp range e= xpiry */ #define SB_I_RETIRED 0x00000800 /* superblock shouldn't be reused */ #define SB_I_NOUMASK 0x00001000 /* VFS does not apply umask */ +#define SB_I_NOIDMAP 0x00002000 /* No idmapped mounts on this superblock */ =20 /* Possible states of 'frozen' field */ enum { --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EFF6418756E for ; Tue, 3 Sep 2024 15:16:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376613; cv=none; b=VYVjO6XjbhWIhiZY3ORcr92euoDAx8PwwidQA5gbqa2ng72daesIzGsJf1WMl9T0L6DAzUiDxvl8FFObYHO8rDr/D60ZYFyVoc6NhP37YXRZAe2lfODKVMSTWj4VmCqFpK63m9pHgCgONq3/pT3a+UYWUCuOgAYCP65A3R2evvM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376613; c=relaxed/simple; bh=zbfFmYg52x4bNkZY0iHbZPvACTmlOnxysSOisb9uilw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=R0D1Iqq/TZ4AMEzF5AShDjauu91E2XLPZ53/2UJQ0XeNocy7ZGEwpwuARUtrRyx/mTS6K8BMDaeiagowBj9Gh/gTtWlunjq2GMw37B/PV6CoVLP8+O2lXT7kkJ1p49X/kkDctanTPVp4umqJy464aFW/KcIF7b9SUDzITK4962k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=RZqzDMl3; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="RZqzDMl3" Received: from mail-ej1-f71.google.com (mail-ej1-f71.google.com [209.85.218.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 138FF3FC04 for ; Tue, 3 Sep 2024 15:16:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376610; bh=x8jszuSuXnXNJxcLdhQ06xMDLcRlHy+xx7dW4v2SH2g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=RZqzDMl3/InQyDIqo1HyLcZ3Uu7HdFMNtvGFIdzn50g4rKw3D2ENO4mKGniH03Cm4 tIg49bJIe/l6l7KpNuCdKdCfrX+s6q6YE78zo3YXfmIyIh/Q3Ej2s8um1hx603u4VJ LQkLfxsJYj/E2ZGpLoBFRZUJ3eIouGUC1hDkBRniBjefEooqVPBEQZA7KNw6OSxSWL R/72Qg18Wto78Ud50V63ytPbXOhe3ciVa5Omi/QbyjYzczjPhT4Stj77nAbu8l5TV2 zzFtN/1wxKOeJ2Q8AUMp9r5unpspJ2W5pgATKDX3YuYOK/Ofop4Bb4UI92YdLLlOQa yx3DOqX0jlXbg== Received: by mail-ej1-f71.google.com with SMTP id a640c23a62f3a-a86975f70a2so382736566b.3 for ; Tue, 03 Sep 2024 08:16:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376609; x=1725981409; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x8jszuSuXnXNJxcLdhQ06xMDLcRlHy+xx7dW4v2SH2g=; b=KmPXn7tZfz58+2piLlFHKBn8ZXjWQjiLBeuycJPwAy3SvanNVjZ1d3hhBSms6caq12 SP083Mb6D1rTYYn6505WnEAOM7/LATlRwrTiFJJSPxiNttTQ+f5p3a86oboKjOM1dIHh MtSoxr/9zSsyyY7lQAyIQwe4Xkl51G2ri+1TUt4LvBA0LGx3EbDi0TnskQ4rDmmlmeeF vyOZGsIJHl/6kyQ/mgXkWWBfpsPrCDn07cBeRNsBrXhIJ1XY1a2x5VLwu74vuL9kkW7a J+21dZwCCdAHNZOlOMSCHAfEUDyQY0sVP622VS6d+em9cXvoKrZ0AqpiQXUqlqK6NhIK yeWQ== X-Forwarded-Encrypted: i=1; AJvYcCX+00o2RoYhNy246+hBejZPaJ+VcxBWpCwsrmhoOBFoE7GZhfTxCWxcNlXEcydGvPysKgbUes716gNt6L4=@vger.kernel.org X-Gm-Message-State: AOJu0Yz55i+qKZVccT9hqIXduIy9W0vtWX33fIcsc+MwZi/TY2oe/Rlc Or4KGG1tLnlLTzoGPwcFghC6ikTFzPjJNpqodJXq2ZNijVOdW0Z/8OPqYxU3LCIrqscB5zB3GZb OpQidEoAdATaCWGglNjnYBLOY4nIdTm57rusD9gS1d0UXmOAZFWleQxfDbN7LWnQLWsSYF44R5X 4aVw== X-Received: by 2002:a17:907:968d:b0:a86:b6ee:8747 with SMTP id a640c23a62f3a-a8a32f9f1f8mr90221166b.43.1725376609540; Tue, 03 Sep 2024 08:16:49 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGs9nFNqPMbcV/jWpg4+uWW1GqZ9gh0BQOAKr9B+8QKp53t56++gbos2lE0uI6EBfpBGrbq0Q== X-Received: by 2002:a17:907:968d:b0:a86:b6ee:8747 with SMTP id a640c23a62f3a-a8a32f9f1f8mr90218266b.43.1725376609062; Tue, 03 Sep 2024 08:16:49 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.16.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:16:48 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 02/15] fs/fuse: add basic infrastructure to support idmappings Date: Tue, 3 Sep 2024 17:16:13 +0200 Message-Id: <20240903151626.264609-3-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add some preparational changes in fuse_get_req/fuse_force_creds to handle idmappings. Miklos suggested [1], [2] to change the meaning of in.h.uid/in.h.gid fields when daemon declares support for idmapped mounts. In a new semantic, we fill uid/gid values in fuse header with a id-mapped caller uid/gid (for requests which create new inodes), for all the rest cases we just send -1 to userspace. No functional changes intended. Link: https://lore.kernel.org/all/CAJfpegsVY97_5mHSc06mSw79FehFWtoXT=3DhhTU= K_E-Yhr7OAuQ@mail.gmail.com/ [1] Link: https://lore.kernel.org/all/CAJfpegtHQsEUuFq1k4ZbTD3E1h-GsrN3PWyv7X8c= g6sfU_W2Yw@mail.gmail.com/ [2] Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn --- v4: - this commit added --- fs/fuse/dev.c | 50 +++++++++++++++++++++++++++++---------- fs/fuse/inode.c | 1 + include/uapi/linux/fuse.h | 2 ++ 3 files changed, 41 insertions(+), 12 deletions(-) diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index 7146038b2fe7..d3f3c3557c04 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -103,7 +103,9 @@ static void fuse_drop_waiting(struct fuse_conn *fc) =20 static void fuse_put_request(struct fuse_req *req); =20 -static struct fuse_req *fuse_get_req(struct fuse_mount *fm, bool for_backg= round) +static struct fuse_req *fuse_get_req(struct mnt_idmap *idmap, + struct fuse_mount *fm, + bool for_background) { struct fuse_conn *fc =3D fm->fc; struct fuse_req *req; @@ -135,19 +137,37 @@ static struct fuse_req *fuse_get_req(struct fuse_moun= t *fm, bool for_background) goto out; } =20 - req->in.h.uid =3D from_kuid(fc->user_ns, current_fsuid()); - req->in.h.gid =3D from_kgid(fc->user_ns, current_fsgid()); req->in.h.pid =3D pid_nr_ns(task_pid(current), fc->pid_ns); =20 __set_bit(FR_WAITING, &req->flags); if (for_background) __set_bit(FR_BACKGROUND, &req->flags); =20 - if (unlikely(req->in.h.uid =3D=3D ((uid_t)-1) || - req->in.h.gid =3D=3D ((gid_t)-1))) { - fuse_put_request(req); - return ERR_PTR(-EOVERFLOW); + if ((fm->sb->s_iflags & SB_I_NOIDMAP) || idmap) { + kuid_t idmapped_fsuid; + kgid_t idmapped_fsgid; + + /* + * Note, that when + * (fm->sb->s_iflags & SB_I_NOIDMAP) is true, then + * (idmap =3D=3D &nop_mnt_idmap) is always true and therefore, + * mapped_fsuid(idmap, fc->user_ns) =3D=3D current_fsuid(). + */ + idmapped_fsuid =3D idmap ? mapped_fsuid(idmap, fc->user_ns) : current_fs= uid(); + idmapped_fsgid =3D idmap ? mapped_fsgid(idmap, fc->user_ns) : current_fs= gid(); + req->in.h.uid =3D from_kuid(fc->user_ns, idmapped_fsuid); + req->in.h.gid =3D from_kgid(fc->user_ns, idmapped_fsgid); + + if (unlikely(req->in.h.uid =3D=3D ((uid_t)-1) || + req->in.h.gid =3D=3D ((gid_t)-1))) { + fuse_put_request(req); + return ERR_PTR(-EOVERFLOW); + } + } else { + req->in.h.uid =3D FUSE_INVALID_UIDGID; + req->in.h.gid =3D FUSE_INVALID_UIDGID; } + return req; =20 out: @@ -466,8 +486,14 @@ static void fuse_force_creds(struct fuse_req *req) { struct fuse_conn *fc =3D req->fm->fc; =20 - req->in.h.uid =3D from_kuid_munged(fc->user_ns, current_fsuid()); - req->in.h.gid =3D from_kgid_munged(fc->user_ns, current_fsgid()); + if (req->fm->sb->s_iflags & SB_I_NOIDMAP) { + req->in.h.uid =3D from_kuid_munged(fc->user_ns, current_fsuid()); + req->in.h.gid =3D from_kgid_munged(fc->user_ns, current_fsgid()); + } else { + req->in.h.uid =3D FUSE_INVALID_UIDGID; + req->in.h.gid =3D FUSE_INVALID_UIDGID; + } + req->in.h.pid =3D pid_nr_ns(task_pid(current), fc->pid_ns); } =20 @@ -499,7 +525,7 @@ ssize_t fuse_simple_request(struct fuse_mount *fm, stru= ct fuse_args *args) __set_bit(FR_FORCE, &req->flags); } else { WARN_ON(args->nocreds); - req =3D fuse_get_req(fm, false); + req =3D fuse_get_req(NULL, fm, false); if (IS_ERR(req)) return PTR_ERR(req); } @@ -560,7 +586,7 @@ int fuse_simple_background(struct fuse_mount *fm, struc= t fuse_args *args, __set_bit(FR_BACKGROUND, &req->flags); } else { WARN_ON(args->nocreds); - req =3D fuse_get_req(fm, true); + req =3D fuse_get_req(NULL, fm, true); if (IS_ERR(req)) return PTR_ERR(req); } @@ -583,7 +609,7 @@ static int fuse_simple_notify_reply(struct fuse_mount *= fm, struct fuse_iqueue *fiq =3D &fm->fc->iq; int err =3D 0; =20 - req =3D fuse_get_req(fm, false); + req =3D fuse_get_req(NULL, fm, false); if (IS_ERR(req)) return PTR_ERR(req); =20 diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index d8ab4e93916f..115538f6f283 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -1567,6 +1567,7 @@ static void fuse_sb_defaults(struct super_block *sb) sb->s_time_gran =3D 1; sb->s_export_op =3D &fuse_export_operations; sb->s_iflags |=3D SB_I_IMA_UNVERIFIABLE_SIGNATURE; + sb->s_iflags |=3D SB_I_NOIDMAP; if (sb->s_user_ns !=3D &init_user_ns) sb->s_iflags |=3D SB_I_UNTRUSTED_MOUNTER; sb->s_flags &=3D ~(SB_NOSEC | SB_I_VERSION); diff --git a/include/uapi/linux/fuse.h b/include/uapi/linux/fuse.h index d08b99d60f6f..2ccf38181df2 100644 --- a/include/uapi/linux/fuse.h +++ b/include/uapi/linux/fuse.h @@ -984,6 +984,8 @@ struct fuse_fallocate_in { */ #define FUSE_UNIQUE_RESEND (1ULL << 63) =20 +#define FUSE_INVALID_UIDGID ((uint32_t)(-1)) + struct fuse_in_header { uint32_t len; uint32_t opcode; --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D1C84189526 for ; Tue, 3 Sep 2024 15:16:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376618; cv=none; b=KttpB0h4uPvdEYFRPcn4Gdqw/WYvDn27D7uP86RQ7NhaFxoYox2H9TsZh+Laq+dHryTAQZ6IV/iKQZmm57UkGn3Go7dVMtXaRPjF/6o0uj8pxHYgyktFnIBcUv2jPZblo7leb0nadhmxqOXAEJfJ0aKKrCGOP0Pkk7/OiQfdi4c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376618; c=relaxed/simple; bh=f/gJKyVl4ADm/yoP4N8bpvEgSEtHH1kP5oeqKqZ4Tds=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Dh0HSlQ/78gJ9qSAVt2YJlc13jmUw2TkCkYwsnXD7MjaOSDAr9BQ7hYJT63K9Jnv5ffMCD+PY0yzHhWYIc9jsToHHenVFWWNlBOwrArfagqIvVtHpDCd93ObGkTU5uSyY4wpRxylMBwpUMqwIDLfohC5Jfx3Kw5elGkBPllTXAw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=e4Gt2ohf; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="e4Gt2ohf" Received: from mail-lj1-f200.google.com (mail-lj1-f200.google.com [209.85.208.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 2A1203F339 for ; Tue, 3 Sep 2024 15:16:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376614; bh=UdafeJegpZAV0BY3M2qbl16uDJIFaN2Zpg+hXMszRa4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=e4Gt2ohfyKEL+chtBg45zJgoMfyP5AwCGwHYWnI1HBoXQHKj7tupOvOwZVSutttek xxKxPkpRfT0kXhlNe1G2Gxw87JDC5wuObx7H2igP3IKNqckhV8xqgD1N21cuTLm34L Pqkj7m57oWwHCmoJot5nKzppM+GH4BW4jCevaYbnVpj0ARllBkyAYyNKpyYGcPeVS8 X+A52dGZfPiZROqFyDlMn7p9KJ4LlJyuuklCc2zUpG9FPp7cF1Lyr9Fj+6Cs+tDkhS pnlbmKSAor8PZxI6FDGk29CaWh3VpCx0ciBw2P8PyTu5WA8/s8ZpgEztVomlSywT7u 8932cxFCs7uYQ== Received: by mail-lj1-f200.google.com with SMTP id 38308e7fff4ca-2f3f6a6e3e8so62507821fa.2 for ; Tue, 03 Sep 2024 08:16:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376613; x=1725981413; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UdafeJegpZAV0BY3M2qbl16uDJIFaN2Zpg+hXMszRa4=; b=qU/igEte7tIEANHt5LMPQPkLPsmeCaiDWBZjlEjVIYQSa5CbIBpuLoGi6phv/C4efy cQslJxK+IDLw1/naJHIwWSWomjt/yv942ZiAQPCbIKbZxacZrhkVnOVrA+3A5IHSDiC8 /UJcA71f5Uz7SVL8KEu0BCavmYmJ96xKTebkPvfo4PCERPKraQoCJfBhhed7WwHTQLd4 CAjHklezjlEW5CGZDPjTIS9s0MRyjZoCgXv5Si+YE3G4kCEdn0DqjwxeZOl39+8PK9Zs 2xx906TH7ZV1dPK9w2i5lHgyeL/pYszfVyenGLhzXtvHzOOcGMR8MCsSeDdTVEC9RDvT beNg== X-Forwarded-Encrypted: i=1; AJvYcCWpfvcYXE+Jrdt7GIP+u3OXKy94HeZyBFTseZUCD/JXp4LRZhxWGVkHNdkuH+N020REZDkaB95rHXQExp8=@vger.kernel.org X-Gm-Message-State: AOJu0YyS5odlpPc17n6j6UEBhjc79glMn5T1rLfBo/IrQnEZbshrhglU UEGp5c5AvBdcxCqK61YzHcd4o+OTokg7/F2LO4YDWZtQFTedrMhAm7QrmBSqyCWPuS5XAvE8PU5 V4Fh5RDOaKuhEhkDsiTCJujPholEPA+GpR9PoSx6sObIreUe9RbQtM3LOyACBhnJ8ydhcMfGhAh a3OQ== X-Received: by 2002:a2e:612:0:b0:2ef:2677:7b74 with SMTP id 38308e7fff4ca-2f6108ae26dmr113933401fa.41.1725376613107; Tue, 03 Sep 2024 08:16:53 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHhC2jwLdKr/I93Lw0mhZQlHq3y/Gq9QIm9cGGG1aK6M+8ZSCFhfX7x8b8W1hP24WyaaimLhA== X-Received: by 2002:a2e:612:0:b0:2ef:2677:7b74 with SMTP id 38308e7fff4ca-2f6108ae26dmr113933141fa.41.1725376612477; Tue, 03 Sep 2024 08:16:52 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.16.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:16:51 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 03/15] fs/fuse: add an idmap argument to fuse_simple_request Date: Tue, 3 Sep 2024 17:16:14 +0200 Message-Id: <20240903151626.264609-4-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If idmap =3D=3D NULL *and* filesystem daemon declared idmapped mounts support, then uid/gid values in a fuse header will be -1. No functional changes intended. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn --- v4: - this commit added --- fs/fuse/dax.c | 4 ++-- fs/fuse/dev.c | 6 ++++-- fs/fuse/dir.c | 26 +++++++++++++------------- fs/fuse/file.c | 32 ++++++++++++++++---------------- fs/fuse/fuse_i.h | 3 ++- fs/fuse/inode.c | 6 +++--- fs/fuse/ioctl.c | 2 +- fs/fuse/readdir.c | 4 ++-- fs/fuse/xattr.c | 8 ++++---- 9 files changed, 47 insertions(+), 44 deletions(-) diff --git a/fs/fuse/dax.c b/fs/fuse/dax.c index 12ef91d170bb..6d8368d66dd4 100644 --- a/fs/fuse/dax.c +++ b/fs/fuse/dax.c @@ -207,7 +207,7 @@ static int fuse_setup_one_mapping(struct inode *inode, = unsigned long start_idx, args.in_numargs =3D 1; args.in_args[0].size =3D sizeof(inarg); args.in_args[0].value =3D &inarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err < 0) return err; dmap->writable =3D writable; @@ -245,7 +245,7 @@ static int fuse_send_removemapping(struct inode *inode, args.in_args[0].value =3D inargp; args.in_args[1].size =3D inargp->count * sizeof(*remove_one); args.in_args[1].value =3D remove_one; - return fuse_simple_request(fm, &args); + return fuse_simple_request(NULL, fm, &args); } =20 static int dmap_removemapping_list(struct inode *inode, unsigned int num, diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index d3f3c3557c04..349fc84897a5 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -508,7 +508,9 @@ static void fuse_args_to_req(struct fuse_req *req, stru= ct fuse_args *args) __set_bit(FR_ASYNC, &req->flags); } =20 -ssize_t fuse_simple_request(struct fuse_mount *fm, struct fuse_args *args) +ssize_t fuse_simple_request(struct mnt_idmap *idmap, + struct fuse_mount *fm, + struct fuse_args *args) { struct fuse_conn *fc =3D fm->fc; struct fuse_req *req; @@ -525,7 +527,7 @@ ssize_t fuse_simple_request(struct fuse_mount *fm, stru= ct fuse_args *args) __set_bit(FR_FORCE, &req->flags); } else { WARN_ON(args->nocreds); - req =3D fuse_get_req(NULL, fm, false); + req =3D fuse_get_req(idmap, fm, false); if (IS_ERR(req)) return PTR_ERR(req); } diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 2b0d4781f394..2a8344776350 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -230,7 +230,7 @@ static int fuse_dentry_revalidate(struct dentry *entry,= unsigned int flags) parent =3D dget_parent(entry); fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)), &entry->d_name, &outarg); - ret =3D fuse_simple_request(fm, &args); + ret =3D fuse_simple_request(NULL, fm, &args); dput(parent); /* Zero nodeid is same as -ENOENT */ if (!ret && !outarg.nodeid) @@ -383,7 +383,7 @@ int fuse_lookup_name(struct super_block *sb, u64 nodeid= , const struct qstr *name attr_version =3D fuse_get_attr_version(fm->fc); =20 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg); - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); /* Zero nodeid is same as -ENOENT, but with valid timeout */ if (err || !outarg->nodeid) goto out_put_forget; @@ -672,7 +672,7 @@ static int fuse_create_open(struct inode *dir, struct d= entry *entry, if (err) goto out_put_forget_req; =20 - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); free_ext_value(&args); if (err) goto out_free_ff; @@ -803,7 +803,7 @@ static int create_new_entry(struct fuse_mount *fm, stru= ct fuse_args *args, goto out_put_forget_req; } =20 - err =3D fuse_simple_request(fm, args); + err =3D fuse_simple_request(NULL, fm, args); free_ext_value(args); if (err) goto out_put_forget_req; @@ -987,7 +987,7 @@ static int fuse_unlink(struct inode *dir, struct dentry= *entry) args.in_numargs =3D 1; args.in_args[0].size =3D entry->d_name.len + 1; args.in_args[0].value =3D entry->d_name.name; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (!err) { fuse_dir_changed(dir); fuse_entry_unlinked(entry); @@ -1010,7 +1010,7 @@ static int fuse_rmdir(struct inode *dir, struct dentr= y *entry) args.in_numargs =3D 1; args.in_args[0].size =3D entry->d_name.len + 1; args.in_args[0].value =3D entry->d_name.name; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (!err) { fuse_dir_changed(dir); fuse_entry_unlinked(entry); @@ -1040,7 +1040,7 @@ static int fuse_rename_common(struct inode *olddir, s= truct dentry *oldent, args.in_args[1].value =3D oldent->d_name.name; args.in_args[2].size =3D newent->d_name.len + 1; args.in_args[2].value =3D newent->d_name.name; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (!err) { /* ctime changes */ fuse_update_ctime(d_inode(oldent)); @@ -1210,7 +1210,7 @@ static int fuse_do_statx(struct inode *inode, struct = file *file, args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err) return err; =20 @@ -1268,7 +1268,7 @@ static int fuse_do_getattr(struct inode *inode, struc= t kstat *stat, args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (!err) { if (fuse_invalid_attr(&outarg.attr) || inode_wrong_type(inode, outarg.attr.mode)) { @@ -1472,7 +1472,7 @@ static int fuse_access(struct inode *inode, int mask) args.in_numargs =3D 1; args.in_args[0].size =3D sizeof(inarg); args.in_args[0].value =3D &inarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fm->fc->no_access =3D 1; err =3D 0; @@ -1584,7 +1584,7 @@ static int fuse_readlink_page(struct inode *inode, st= ruct page *page) ap.args.page_zeroing =3D true; ap.args.out_numargs =3D 1; ap.args.out_args[0].size =3D desc.length; - res =3D fuse_simple_request(fm, &ap.args); + res =3D fuse_simple_request(NULL, fm, &ap.args); =20 fuse_invalidate_atime(inode); =20 @@ -1857,7 +1857,7 @@ int fuse_flush_times(struct inode *inode, struct fuse= _file *ff) } fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg); =20 - return fuse_simple_request(fm, &args); + return fuse_simple_request(NULL, fm, &args); } =20 /* @@ -1970,7 +1970,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iat= tr *attr, inarg.valid |=3D FATTR_KILL_SUIDGID; } fuse_setattr_fill(fc, &args, inode, &inarg, &outarg); - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err) { if (err =3D=3D -EINTR) fuse_invalidate_attr(inode); diff --git a/fs/fuse/file.c b/fs/fuse/file.c index f39456c65ed7..7d14d533dad1 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -48,7 +48,7 @@ static int fuse_send_open(struct fuse_mount *fm, u64 node= id, args.out_args[0].size =3D sizeof(*outargp); args.out_args[0].value =3D outargp; =20 - return fuse_simple_request(fm, &args); + return fuse_simple_request(NULL, fm, &args); } =20 struct fuse_file *fuse_file_alloc(struct fuse_mount *fm, bool release) @@ -111,7 +111,7 @@ static void fuse_file_put(struct fuse_file *ff, bool sy= nc) if (!args) { /* Do nothing when server does not implement 'open' */ } else if (sync) { - fuse_simple_request(ff->fm, args); + fuse_simple_request(NULL, ff->fm, args); fuse_release_end(ff->fm, args, 0); } else { args->end =3D fuse_release_end; @@ -539,7 +539,7 @@ static int fuse_flush(struct file *file, fl_owner_t id) args.in_args[0].value =3D &inarg; args.force =3D true; =20 - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fm->fc->no_flush =3D 1; err =3D 0; @@ -572,7 +572,7 @@ int fuse_fsync_common(struct file *file, loff_t start, = loff_t end, args.in_numargs =3D 1; args.in_args[0].size =3D sizeof(inarg); args.in_args[0].value =3D &inarg; - return fuse_simple_request(fm, &args); + return fuse_simple_request(NULL, fm, &args); } =20 static int fuse_fsync(struct file *file, loff_t start, loff_t end, @@ -814,7 +814,7 @@ static ssize_t fuse_send_read(struct fuse_io_args *ia, = loff_t pos, size_t count, if (ia->io->async) return fuse_async_req_send(fm, ia, count); =20 - return fuse_simple_request(fm, &ia->ap.args); + return fuse_simple_request(NULL, fm, &ia->ap.args); } =20 static void fuse_read_update_size(struct inode *inode, loff_t size, @@ -878,7 +878,7 @@ static int fuse_do_readpage(struct file *file, struct p= age *page) desc.length--; =20 fuse_read_args_fill(&ia, file, pos, desc.length, FUSE_READ); - res =3D fuse_simple_request(fm, &ia.ap.args); + res =3D fuse_simple_request(NULL, fm, &ia.ap.args); if (res < 0) return res; /* @@ -976,7 +976,7 @@ static void fuse_send_readpages(struct fuse_io_args *ia= , struct file *file) if (!err) return; } else { - res =3D fuse_simple_request(fm, &ap->args); + res =3D fuse_simple_request(NULL, fm, &ap->args); err =3D res < 0 ? res : 0; } fuse_readpages_end(fm, &ap->args, err); @@ -1101,7 +1101,7 @@ static ssize_t fuse_send_write(struct fuse_io_args *i= a, loff_t pos, if (ia->io->async) return fuse_async_req_send(fm, ia, count); =20 - err =3D fuse_simple_request(fm, &ia->ap.args); + err =3D fuse_simple_request(NULL, fm, &ia->ap.args); if (!err && ia->write.out.size > count) err =3D -EIO; =20 @@ -1147,7 +1147,7 @@ static ssize_t fuse_send_write_pages(struct fuse_io_a= rgs *ia, if (fm->fc->handle_killpriv_v2 && !capable(CAP_FSETID)) ia->write.in.write_flags |=3D FUSE_WRITE_KILL_SUIDGID; =20 - err =3D fuse_simple_request(fm, &ap->args); + err =3D fuse_simple_request(NULL, fm, &ap->args); if (!err && ia->write.out.size > count) err =3D -EIO; =20 @@ -2656,7 +2656,7 @@ static int fuse_getlk(struct file *file, struct file_= lock *fl) args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (!err) err =3D convert_fuse_file_lock(fm->fc, &outarg.lk, fl); =20 @@ -2680,7 +2680,7 @@ static int fuse_setlk(struct file *file, struct file_= lock *fl, int flock) } =20 fuse_lk_fill(&args, file, fl, opcode, pid_nr, flock, &inarg); - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); =20 /* locking is restartable */ if (err =3D=3D -EINTR) @@ -2754,7 +2754,7 @@ static sector_t fuse_bmap(struct address_space *mappi= ng, sector_t block) args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) fm->fc->no_bmap =3D 1; =20 @@ -2786,7 +2786,7 @@ static loff_t fuse_lseek(struct file *file, loff_t of= fset, int whence) args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err) { if (err =3D=3D -ENOSYS) { fm->fc->no_lseek =3D 1; @@ -2919,7 +2919,7 @@ __poll_t fuse_file_poll(struct file *file, poll_table= *wait) args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); =20 if (!err) return demangle_poll(outarg.revents); @@ -3141,7 +3141,7 @@ static long fuse_file_fallocate(struct file *file, in= t mode, loff_t offset, args.in_numargs =3D 1; args.in_args[0].size =3D sizeof(inarg); args.in_args[0].value =3D &inarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fm->fc->no_fallocate =3D 1; err =3D -EOPNOTSUPP; @@ -3253,7 +3253,7 @@ static ssize_t __fuse_copy_file_range(struct file *fi= le_in, loff_t pos_in, args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fc->no_copy_file_range =3D 1; err =3D -EOPNOTSUPP; diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index f23919610313..656575e3e4cf 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -1154,7 +1154,8 @@ void __exit fuse_ctl_cleanup(void); /** * Simple request sending that does request allocation and freeing */ -ssize_t fuse_simple_request(struct fuse_mount *fm, struct fuse_args *args); +ssize_t fuse_simple_request(struct mnt_idmap *idmap, struct fuse_mount *fm, + struct fuse_args *args); int fuse_simple_background(struct fuse_mount *fm, struct fuse_args *args, gfp_t gfp_flags); =20 diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 115538f6f283..2e26810066e8 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -586,7 +586,7 @@ static void fuse_send_destroy(struct fuse_mount *fm) args.opcode =3D FUSE_DESTROY; args.force =3D true; args.nocreds =3D true; - fuse_simple_request(fm, &args); + fuse_simple_request(NULL, fm, &args); } } =20 @@ -624,7 +624,7 @@ static int fuse_statfs(struct dentry *dentry, struct ks= tatfs *buf) args.out_numargs =3D 1; args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (!err) convert_fuse_statfs(buf, &outarg.st); return err; @@ -713,7 +713,7 @@ static int fuse_sync_fs(struct super_block *sb, int wai= t) args.nodeid =3D get_node_id(sb->s_root->d_inode); args.out_numargs =3D 0; =20 - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fc->sync_fs =3D 0; err =3D 0; diff --git a/fs/fuse/ioctl.c b/fs/fuse/ioctl.c index 572ce8a82ceb..b40dd931167d 100644 --- a/fs/fuse/ioctl.c +++ b/fs/fuse/ioctl.c @@ -18,7 +18,7 @@ static ssize_t fuse_send_ioctl(struct fuse_mount *fm, str= uct fuse_args *args, args->out_args[0].size =3D sizeof(*outarg); args->out_args[0].value =3D outarg; =20 - ret =3D fuse_simple_request(fm, args); + ret =3D fuse_simple_request(NULL, fm, args); =20 /* Translate ENOSYS, which shouldn't be returned from fs */ if (ret =3D=3D -ENOSYS) diff --git a/fs/fuse/readdir.c b/fs/fuse/readdir.c index 0377b6dc24c8..e8a093289421 100644 --- a/fs/fuse/readdir.c +++ b/fs/fuse/readdir.c @@ -279,7 +279,7 @@ static void fuse_force_forget(struct file *file, u64 no= deid) args.force =3D true; args.noreply =3D true; =20 - fuse_simple_request(fm, &args); + fuse_simple_request(NULL, fm, &args); /* ignore errors */ } =20 @@ -358,7 +358,7 @@ static int fuse_readdir_uncached(struct file *file, str= uct dir_context *ctx) FUSE_READDIR); } locked =3D fuse_lock_inode(inode); - res =3D fuse_simple_request(fm, &ap->args); + res =3D fuse_simple_request(NULL, fm, &ap->args); fuse_unlock_inode(inode, locked); if (res >=3D 0) { if (!res) { diff --git a/fs/fuse/xattr.c b/fs/fuse/xattr.c index 5b423fdbb13f..6f8f1453b550 100644 --- a/fs/fuse/xattr.c +++ b/fs/fuse/xattr.c @@ -37,7 +37,7 @@ int fuse_setxattr(struct inode *inode, const char *name, = const void *value, args.in_args[1].value =3D name; args.in_args[2].size =3D size; args.in_args[2].value =3D value; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fm->fc->no_setxattr =3D 1; err =3D -EOPNOTSUPP; @@ -79,7 +79,7 @@ ssize_t fuse_getxattr(struct inode *inode, const char *na= me, void *value, args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; } - ret =3D fuse_simple_request(fm, &args); + ret =3D fuse_simple_request(NULL, fm, &args); if (!ret && !size) ret =3D min_t(ssize_t, outarg.size, XATTR_SIZE_MAX); if (ret =3D=3D -ENOSYS) { @@ -141,7 +141,7 @@ ssize_t fuse_listxattr(struct dentry *entry, char *list= , size_t size) args.out_args[0].size =3D sizeof(outarg); args.out_args[0].value =3D &outarg; } - ret =3D fuse_simple_request(fm, &args); + ret =3D fuse_simple_request(NULL, fm, &args); if (!ret && !size) ret =3D min_t(ssize_t, outarg.size, XATTR_LIST_MAX); if (ret > 0 && size) @@ -167,7 +167,7 @@ int fuse_removexattr(struct inode *inode, const char *n= ame) args.in_numargs =3D 1; args.in_args[0].size =3D strlen(name) + 1; args.in_args[0].value =3D name; - err =3D fuse_simple_request(fm, &args); + err =3D fuse_simple_request(NULL, fm, &args); if (err =3D=3D -ENOSYS) { fm->fc->no_removexattr =3D 1; err =3D -EOPNOTSUPP; --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1549418BB8B for ; Tue, 3 Sep 2024 15:16:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376621; cv=none; b=BiRxEI53s2+zmc/MBmVJwhHPZLyZC4nBGISirb+qFW8xBsQbMcZRxH1BwujVFQoY2kXi2TzwXd8OrqoIM6nQSxTHZN7DyorMGG+awOKQ29qYA912jS6v8sM8lmASgb/jMGSu+OVn61DbdDDpdZ5OrWxL8LbW66cMj1XZpuH5gJo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376621; c=relaxed/simple; bh=+0zwTUGo6+RzPqyLPLoGhao9V7bGVcfHhuOQ58510LE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=er858B00057PCf+9Q8T1BAU4DIoVDjvBx3LqWfZGK9N/8UXYkN1k4OJ48HQU5TaxJaHy6PrsIfq+PIG6HnzdpAkFphhEoiH6jRot+oOaY8izlGOpdD+ZBg2Ek9Y+0B6Yp4c95Us9j4C5lRWTIpTX9Lg2jU+ku81W/YDQle5FKfE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=g+ofcIm+; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="g+ofcIm+" Received: from mail-ej1-f71.google.com (mail-ej1-f71.google.com [209.85.218.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 031853F327 for ; Tue, 3 Sep 2024 15:16:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376616; bh=JC0kbEJjIhY7PwaINGFTAAblNYwex3Ap6OFdo5D4DqU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=g+ofcIm+rqDR6dWLcimaW9z0m2Ifg9eK0bJtFN2JHnGERtxRkruqxNfejY80PyShu oxseGvVNdE530qtdnGTlWe/oD4bR9w32Dxw3ftgptwWYrJyfYB6ILOuSdEqOPmudsM WCvd1t7M0Nv/niZXSLwUJ/2CKKffWVSE31HB86MniORNWIfp8ZCd8lyQRYLjTCDLS+ sUSIZeWl1zTeElmaGkgDkE0JUz/MWleR2NVuaUAs9JARzTz2UHfli2LyJwkXXpzwlJ B0XWtF/P1U4p59sLgA8e/16rD5Gkzj5d+qE1GAz1Va1GUH5naG+cDiN7AMwvwXUhZu o6DDCK0ssBVNg== Received: by mail-ej1-f71.google.com with SMTP id a640c23a62f3a-a7d2d414949so456741166b.0 for ; Tue, 03 Sep 2024 08:16:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376615; x=1725981415; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JC0kbEJjIhY7PwaINGFTAAblNYwex3Ap6OFdo5D4DqU=; b=ACRcdYoiegoPULIfZ4//1WcwJyp1ZeSl1FlEOUIK9eOoPpnnYWIbCznzJ/szCoG3Kd 7UZRzfuKWugddZesXIsbeE6ir5syO+6STY+2qELxIi8ywIQvbicEkeK3KuDobPHzKjvs EcUQ36g6pzpLHt7SjobhJr8p2BglDEjuzlEi32WUE/wQAqgeewRAjIIisuCNlqjBR4Of e12VV/zEClV31g2+ZP1LwpmN5TTkWnii+5ILUOznldNz4dKNlRVBGNhHgaiAlHvCHVmR ONgYhfjEYEppnuMlBq/iCFF7TnelqKb8+CbE2GmSkXvgZx1RPXmLTiaZFIGNZDg7NCRs UGdg== X-Forwarded-Encrypted: i=1; AJvYcCVlvOeFUxvYT63KA4yEEjHXEP60FqVJeFi2DHofrMhaia6A3CLhzLUZfKZAXfMTzYVQUKPdbLY/yUPx5A8=@vger.kernel.org X-Gm-Message-State: AOJu0YyzRwO/r1YKEGM8/1jiZLjZvZem8f7YQ6COhYvGbs0BAmzCb43s zsZCT1xfa30o+CMG9fGXkSg6M0Azx3ikruVJCw1pNjqk6g9Tts+W0OTvZj3tmCyMb79xPRS6Z1z KLpbUUprYQus777Zc6Z0MVxi6eGoFx61OOXtJZpCPZSrr2W8mmD1FLxABBGdD/jSlDj83GyXX8l VGcg== X-Received: by 2002:a17:907:7f22:b0:a7a:8586:d36b with SMTP id a640c23a62f3a-a8a32df201amr77098166b.3.1725376615501; Tue, 03 Sep 2024 08:16:55 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF6yFu1Bsw3W/nZaOc47kv/qKH1mcQ+bQ3WmyZBHT/KsKGUKlObSlloDjZT275IsdiJSzRa3A== X-Received: by 2002:a17:907:7f22:b0:a7a:8586:d36b with SMTP id a640c23a62f3a-a8a32df201amr77095866b.3.1725376614995; Tue, 03 Sep 2024 08:16:54 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.16.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:16:54 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 04/15] fs/fuse: support idmapped FUSE_EXT_GROUPS Date: Tue, 3 Sep 2024 17:16:15 +0200 Message-Id: <20240903151626.264609-5-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We don't need to remap parent_gid, but have to adjust group membership checks and take idmapping into account. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn --- v4: - this commit added --- fs/fuse/dir.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 2a8344776350..b0b57f383889 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -545,17 +545,21 @@ static u32 fuse_ext_size(size_t size) /* * This adds just a single supplementary group that matches the parent's g= roup. */ -static int get_create_supp_group(struct inode *dir, struct fuse_in_arg *ex= t) +static int get_create_supp_group(struct mnt_idmap *idmap, + struct inode *dir, + struct fuse_in_arg *ext) { struct fuse_conn *fc =3D get_fuse_conn(dir); struct fuse_ext_header *xh; struct fuse_supp_groups *sg; kgid_t kgid =3D dir->i_gid; + vfsgid_t vfsgid =3D make_vfsgid(idmap, fc->user_ns, kgid); gid_t parent_gid =3D from_kgid(fc->user_ns, kgid); + u32 sg_len =3D fuse_ext_size(sizeof(*sg) + sizeof(sg->groups[0])); =20 - if (parent_gid =3D=3D (gid_t) -1 || gid_eq(kgid, current_fsgid()) || - !in_group_p(kgid)) + if (parent_gid =3D=3D (gid_t) -1 || vfsgid_eq_kgid(vfsgid, current_fsgid(= )) || + !vfsgid_in_group_p(vfsgid)) return 0; =20 xh =3D extend_arg(ext, sg_len); @@ -572,7 +576,8 @@ static int get_create_supp_group(struct inode *dir, str= uct fuse_in_arg *ext) return 0; } =20 -static int get_create_ext(struct fuse_args *args, +static int get_create_ext(struct mnt_idmap *idmap, + struct fuse_args *args, struct inode *dir, struct dentry *dentry, umode_t mode) { @@ -583,7 +588,7 @@ static int get_create_ext(struct fuse_args *args, if (fc->init_security) err =3D get_security_context(dentry, mode, &ext); if (!err && fc->create_supp_group) - err =3D get_create_supp_group(dir, &ext); + err =3D get_create_supp_group(idmap, dir, &ext); =20 if (!err && ext.size) { WARN_ON(args->in_numargs >=3D ARRAY_SIZE(args->in_args)); @@ -668,7 +673,7 @@ static int fuse_create_open(struct inode *dir, struct d= entry *entry, args.out_args[1].size =3D sizeof(*outopenp); args.out_args[1].value =3D outopenp; =20 - err =3D get_create_ext(&args, dir, entry, mode); + err =3D get_create_ext(&nop_mnt_idmap, &args, dir, entry, mode); if (err) goto out_put_forget_req; =20 @@ -798,7 +803,7 @@ static int create_new_entry(struct fuse_mount *fm, stru= ct fuse_args *args, args->out_args[0].value =3D &outarg; =20 if (args->opcode !=3D FUSE_LINK) { - err =3D get_create_ext(args, dir, entry, mode); + err =3D get_create_ext(&nop_mnt_idmap, args, dir, entry, mode); if (err) goto out_put_forget_req; } --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1624F18BBB4 for ; Tue, 3 Sep 2024 15:17:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376622; cv=none; b=EdMU0db7agEyh4BEUr8j2Dsi9XHf/aDYpU+HXYLo7dy7f9JdNkog0OfYJ0J9nDZx2tHpuT3NPnYgF/6YZkXwG2J/c1g0uKNYL6bN/lJy7a9NltlTWYxy3k7NEAgVhf6KJ4xweXWofbfHwKmrzxlvBTxs5tHH1oOcmP2bzaZMWq0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376622; c=relaxed/simple; bh=Yr7wQhBs5pebMPkKqO5eqjjytj+7qxLU8ExEBWlCpb0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=SV9HYnyV+vvTnc0fxaq2v7c3GYy8558kw8zO8HVOzrN/VV2XBZlR+AiIo709j9/IizAUMHoWjxIDJrh3jdOA/r5CtcLA+QgqH7+9+wkTKv5mZJrOx5OOsR+xgPYi4RaBznpTgBQybN/tX8CGcGd8dSVfXRZX2/rm4SSL2NZvVVc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=PqVXXWTW; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="PqVXXWTW" Received: from mail-lf1-f70.google.com (mail-lf1-f70.google.com [209.85.167.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id D08683FE1B for ; Tue, 3 Sep 2024 15:16:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376618; bh=BpXAW2lUVronVaNHhSb0yzusLu0aiPuPE022IFBzXL8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=PqVXXWTWFxlNp3+5JoDQQUbAeWHbQIUaz9qI9YyMmNT2C5+b5TCaVg5p10OfNZ6+o oyNP4hdjGvota5DTrkasDoU7bwW+x5egVNecIbeWt0X1SetsfUFTjTytGBefvKCWk6 ifcveLa+/C3FX1cvmptZt4imsoG7erpmPnDpgLvRovgOC4SwZPtokkLaXyp+I2qtyY rkBcm+uujNbp3eglraXgLGOGYETFtIZmM0LU26LbNqLkRK4/AYuyKTOw/j1FGgaxam KGvq0mmbmMoPfVF2vAsEIJjBrPrwzWEdlVBnz9YiulB6aECSz5KXkxxilf+0GnOu3n TgHkGsGg/Sphw== Received: by mail-lf1-f70.google.com with SMTP id 2adb3069b0e04-5334656d5c3so5588547e87.1 for ; Tue, 03 Sep 2024 08:16:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376618; x=1725981418; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BpXAW2lUVronVaNHhSb0yzusLu0aiPuPE022IFBzXL8=; b=W0CflHHgQsoPWhMxdBkrKlZqYVm0G/CGHnctwU2jE6YzwYE02Xpl7FDfhvbcXBs61V +/sTkyqX+WRdaNKXbxZK62YS/3Mz2dGs9nRJ0w9GKDv4wwppI7zaVsJfBBxS3JLlnJoj XKPbUgWixgsY5DbvaAUrQCQMdO2WgK77V5+ns+hBmYtljyK8j6Gi/JqEJRP/pdh5UTqG wHRfuMV9nupC0vGDAce+kbwJCUpPEx74ghrytiyMYAOy5cjohNeZjWazMGLSSXoXNGX+ l94DEe43wjYb0FF+OObGhIxo8Dn+9NRiu9Uayym8z6P06m4bXvslyjVYA1P2Vcik/4Xo zGwg== X-Forwarded-Encrypted: i=1; AJvYcCXwWGxmIqdXGB2oZ+08ZbEgSa3jAykiMHJJZ/vmegOiADbGmBHVFOkYfC4Ld0pUPkcAEdbtmq1fxrJRgdk=@vger.kernel.org X-Gm-Message-State: AOJu0YyhOwOjWveCHwyETqYS1tcSMyI/wGVn40KbzJ42OpPTJ34TY8M5 XctZMQ2JGJ0HpdVaBVzYmPEtXfvDh3fzUGPeRDBtRa35epx7MlxJxxLMW8O+FhwCJHTIm/Lso6V twdqnbYYFGNZdb5rUiBl2cQPzUaFuG3buy8AoN8SE67i55In4tDpTmT2cjn3Yn7Xtmb/DTeFPQl F50w== X-Received: by 2002:a05:6512:3b2b:b0:533:71f:3a53 with SMTP id 2adb3069b0e04-53546b053admr12510693e87.19.1725376618030; Tue, 03 Sep 2024 08:16:58 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGdwhaHs8FzcWgy+bcSv/A5Fb3K4tgSBYe1Zj63ijkeXEFavmBE5n3V1565EXlaJFFrj2Oa4g== X-Received: by 2002:a05:6512:3b2b:b0:533:71f:3a53 with SMTP id 2adb3069b0e04-53546b053admr12510667e87.19.1725376617503; Tue, 03 Sep 2024 08:16:57 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.16.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:16:57 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 05/15] fs/fuse: support idmap for mkdir/mknod/symlink/create/tmpfile Date: Tue, 3 Sep 2024 17:16:16 +0200 Message-Id: <20240903151626.264609-6-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We have all the infrastructure in place, we just need to pass an idmapping here. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- v4: - pass idmapping to fuse_simple_request() --- fs/fuse/dir.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index b0b57f383889..19538b1c12e2 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -614,9 +614,9 @@ static void free_ext_value(struct fuse_args *args) * If the filesystem doesn't support this, then fall back to separate * 'mknod' + 'open' requests. */ -static int fuse_create_open(struct inode *dir, struct dentry *entry, - struct file *file, unsigned int flags, - umode_t mode, u32 opcode) +static int fuse_create_open(struct mnt_idmap *idmap, struct inode *dir, + struct dentry *entry, struct file *file, + unsigned int flags, umode_t mode, u32 opcode) { int err; struct inode *inode; @@ -673,11 +673,11 @@ static int fuse_create_open(struct inode *dir, struct= dentry *entry, args.out_args[1].size =3D sizeof(*outopenp); args.out_args[1].value =3D outopenp; =20 - err =3D get_create_ext(&nop_mnt_idmap, &args, dir, entry, mode); + err =3D get_create_ext(idmap, &args, dir, entry, mode); if (err) goto out_put_forget_req; =20 - err =3D fuse_simple_request(NULL, fm, &args); + err =3D fuse_simple_request(idmap, fm, &args); free_ext_value(&args); if (err) goto out_free_ff; @@ -734,6 +734,7 @@ static int fuse_atomic_open(struct inode *dir, struct d= entry *entry, umode_t mode) { int err; + struct mnt_idmap *idmap =3D file_mnt_idmap(file); struct fuse_conn *fc =3D get_fuse_conn(dir); struct dentry *res =3D NULL; =20 @@ -758,7 +759,7 @@ static int fuse_atomic_open(struct inode *dir, struct d= entry *entry, if (fc->no_create) goto mknod; =20 - err =3D fuse_create_open(dir, entry, file, flags, mode, FUSE_CREATE); + err =3D fuse_create_open(idmap, dir, entry, file, flags, mode, FUSE_CREAT= E); if (err =3D=3D -ENOSYS) { fc->no_create =3D 1; goto mknod; @@ -769,7 +770,7 @@ static int fuse_atomic_open(struct inode *dir, struct d= entry *entry, return err; =20 mknod: - err =3D fuse_mknod(&nop_mnt_idmap, dir, entry, mode, 0); + err =3D fuse_mknod(idmap, dir, entry, mode, 0); if (err) goto out_dput; no_open: @@ -779,9 +780,9 @@ static int fuse_atomic_open(struct inode *dir, struct d= entry *entry, /* * Code shared between mknod, mkdir, symlink and link */ -static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args, - struct inode *dir, struct dentry *entry, - umode_t mode) +static int create_new_entry(struct mnt_idmap *idmap, struct fuse_mount *fm, + struct fuse_args *args, struct inode *dir, + struct dentry *entry, umode_t mode) { struct fuse_entry_out outarg; struct inode *inode; @@ -803,12 +804,12 @@ static int create_new_entry(struct fuse_mount *fm, st= ruct fuse_args *args, args->out_args[0].value =3D &outarg; =20 if (args->opcode !=3D FUSE_LINK) { - err =3D get_create_ext(&nop_mnt_idmap, args, dir, entry, mode); + err =3D get_create_ext(idmap, args, dir, entry, mode); if (err) goto out_put_forget_req; } =20 - err =3D fuse_simple_request(NULL, fm, args); + err =3D fuse_simple_request(idmap, fm, args); free_ext_value(args); if (err) goto out_put_forget_req; @@ -869,13 +870,13 @@ static int fuse_mknod(struct mnt_idmap *idmap, struct= inode *dir, args.in_args[0].value =3D &inarg; args.in_args[1].size =3D entry->d_name.len + 1; args.in_args[1].value =3D entry->d_name.name; - return create_new_entry(fm, &args, dir, entry, mode); + return create_new_entry(idmap, fm, &args, dir, entry, mode); } =20 static int fuse_create(struct mnt_idmap *idmap, struct inode *dir, struct dentry *entry, umode_t mode, bool excl) { - return fuse_mknod(&nop_mnt_idmap, dir, entry, mode, 0); + return fuse_mknod(idmap, dir, entry, mode, 0); } =20 static int fuse_tmpfile(struct mnt_idmap *idmap, struct inode *dir, @@ -887,7 +888,7 @@ static int fuse_tmpfile(struct mnt_idmap *idmap, struct= inode *dir, if (fc->no_tmpfile) return -EOPNOTSUPP; =20 - err =3D fuse_create_open(dir, file->f_path.dentry, file, file->f_flags, m= ode, FUSE_TMPFILE); + err =3D fuse_create_open(idmap, dir, file->f_path.dentry, file, file->f_f= lags, mode, FUSE_TMPFILE); if (err =3D=3D -ENOSYS) { fc->no_tmpfile =3D 1; err =3D -EOPNOTSUPP; @@ -914,7 +915,7 @@ static int fuse_mkdir(struct mnt_idmap *idmap, struct i= node *dir, args.in_args[0].value =3D &inarg; args.in_args[1].size =3D entry->d_name.len + 1; args.in_args[1].value =3D entry->d_name.name; - return create_new_entry(fm, &args, dir, entry, S_IFDIR); + return create_new_entry(idmap, fm, &args, dir, entry, S_IFDIR); } =20 static int fuse_symlink(struct mnt_idmap *idmap, struct inode *dir, @@ -930,7 +931,7 @@ static int fuse_symlink(struct mnt_idmap *idmap, struct= inode *dir, args.in_args[0].value =3D entry->d_name.name; args.in_args[1].size =3D len; args.in_args[1].value =3D link; - return create_new_entry(fm, &args, dir, entry, S_IFLNK); + return create_new_entry(idmap, fm, &args, dir, entry, S_IFLNK); } =20 void fuse_flush_time_update(struct inode *inode) @@ -1124,7 +1125,7 @@ static int fuse_link(struct dentry *entry, struct ino= de *newdir, args.in_args[0].value =3D &inarg; args.in_args[1].size =3D newent->d_name.len + 1; args.in_args[1].value =3D newent->d_name.name; - err =3D create_new_entry(fm, &args, newdir, newent, inode->i_mode); + err =3D create_new_entry(NULL, fm, &args, newdir, newent, inode->i_mode); if (!err) fuse_update_ctime_in_cache(inode); else if (err =3D=3D -EINTR) --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0327418BC05 for ; Tue, 3 Sep 2024 15:17:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376625; cv=none; b=jNUhKBtGz+Nz15N0PK2tMPi9Klt8OByxtDcwnqXT2NNjTBKDMlomN1P3a9ru1kNqorLs1IiqNcCHh85xF2qQIEPOaLZ7lazyxdlvKRmTftkiysmB4K2v/IHDKK6eIPYYQZdzHtBF5yxufRuWjQknvXZWN8U1ly8Kk1hComwk+7U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376625; c=relaxed/simple; bh=PaAk/eaWHJYrtpeNCjv4dfhLvGaJwWHZoj/fTJYrBoo=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=JjZsV/c1B7OVyePB+xiLbJKyfkOCk3X1YUwHqYhl1VWRUVb/gDUqoYSVOYOYHL+yooRVxUlazcIPlTLswJQk15ktM83RTdMcG5bh33Vh7rutvK2Pgm61UwuT7fY6cmAomf8KcZsj+x3XWnid/olQvGe9t0mvdzt0ucw3lgs5hDw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=hWW/HXbO; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="hWW/HXbO" Received: from mail-ej1-f72.google.com (mail-ej1-f72.google.com [209.85.218.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id F106B3F323 for ; Tue, 3 Sep 2024 15:17:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376620; bh=oliM0t1YZlK8AQPobnRlPgoF+ATvch875oLL0LQh984=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=hWW/HXbOCj6pgegqsTNBjHcnYCTaYGp/IgQBTggVn6oQUcYKMcMjy/t5i5jXsRbA8 L196RLr8PMyglbxViHdlISIDlM9c2M1yx9p8zWmDdomXv7nzeQCzv6ixR7vyOMoZSL IW76XrfBirfQjq2zS5giR1tdzk/dZvru+99Rdax8GzihC2JnWkNgww+fAB0s2P0kKj OMO5+s+SJ0BqDKtJfbFPgjvDS47KGK1wiMTyS3NUknkADRdQYxWXN+bSjiqrrtoIzC YA4XlIRvlf/mxji1KH4pQqjVDxjOMSMvrBgo4cB9aiHdNdHBzHUPgW9IIiSwTZsnAQ S0B14QG7kMhIA== Received: by mail-ej1-f72.google.com with SMTP id a640c23a62f3a-a86824d2d12so463865266b.2 for ; Tue, 03 Sep 2024 08:17:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376620; x=1725981420; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oliM0t1YZlK8AQPobnRlPgoF+ATvch875oLL0LQh984=; b=QZ4HyM7XSxdjdb/eFCFKAAo30UjjVUQjwDytC+Q9fSscr53dopmX/MDCNCmVMHSU8P 9SGovdk+O9KK2rnrAwQLXfyOnBMF+ZteXK3+CdaHkfTT9O1GDmpONM/RJzCX8t2IVkdk Xw04MOj6algmnH8GWgUZN8Nbup5M/2Hvig2d9hbEBaEFvER5Kth5V4YR/RREg6pg4oDM H4bWNodaGbNzMcL+GkThyxduiIJeYX+xx/pvOKzJaSiqXeuB6OJ4acT1s1Be35vk4M17 FhYtZyC0F1ftD11R3pMZu7/ZlplvlaAheQjQEvh5eQCPH5q7mfqGpBh+2BdvU46yeZ35 dGqA== X-Forwarded-Encrypted: i=1; AJvYcCXuOWcnBujpkkLMgWghtNJTWTJyL0Hx1rGh0cMspwRfBAnb3SD9EkdOhfvI9xqFrJhW1dnS3wjtZfIFyFs=@vger.kernel.org X-Gm-Message-State: AOJu0Yw66oQpPnUbMkyQB5KiSAdOSu4CH6XAPB64kFKh0o9HI2A58fPB 3qfRTo0x//jpvOm1w+pWVTfRUkTYcRH69RaGaPuTi4Xv2SeMf4YvqMxZhtVKYJmLVAUzuJyYieR daa34yovTwhrGxURqOFEujb2hQkzL3JG/PbnvABe44nsqibL6Im1lEWwVDZ5Ti8cVgsV2KUS0rR uuqg== X-Received: by 2002:a17:907:1c1e:b0:a86:817e:d27b with SMTP id a640c23a62f3a-a89b96f8b2cmr841923466b.43.1725376620323; Tue, 03 Sep 2024 08:17:00 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFPNpw2gqiAzwRWVbg8W7w5mbvdVshWLwdfJpDfVHqfWPAHPWbYqYWDRDznG8ehNU2TzIdLDQ== X-Received: by 2002:a17:907:1c1e:b0:a86:817e:d27b with SMTP id a640c23a62f3a-a89b96f8b2cmr841921066b.43.1725376619864; Tue, 03 Sep 2024 08:16:59 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.16.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:16:59 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 06/15] fs/fuse: support idmapped getattr inode op Date: Tue, 3 Sep 2024 17:16:17 +0200 Message-Id: <20240903151626.264609-7-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We have to: - pass an idmapping to the generic_fillattr() to properly handle UIG/GID mapping for the userspace. - pass -/- to fuse_fillattr() (analog of generic_fillattr() in fuse). Difference between these two is that generic_fillattr() takes all the stat() data from the inode directly, while fuse_fillattr() codepath takes a fresh data just from the userspace reply on the FUSE_GETATTR reques= t. In some cases we can just pass &nop_mnt_idmap, because idmapping won't be used in these codepaths. For example, when 3rd argument of fuse_do_getat= tr() is NULL then idmap argument is not used. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- v2: - pass idmap in more cases to make code easier to understand --- fs/fuse/dir.c | 44 ++++++++++++++++++++++++-------------------- 1 file changed, 24 insertions(+), 20 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 19538b1c12e2..1c28cdf9dd41 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1134,18 +1134,22 @@ static int fuse_link(struct dentry *entry, struct i= node *newdir, return err; } =20 -static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr, - struct kstat *stat) +static void fuse_fillattr(struct mnt_idmap *idmap, struct inode *inode, + struct fuse_attr *attr, struct kstat *stat) { unsigned int blkbits; struct fuse_conn *fc =3D get_fuse_conn(inode); + vfsuid_t vfsuid =3D make_vfsuid(idmap, fc->user_ns, + make_kuid(fc->user_ns, attr->uid)); + vfsgid_t vfsgid =3D make_vfsgid(idmap, fc->user_ns, + make_kgid(fc->user_ns, attr->gid)); =20 stat->dev =3D inode->i_sb->s_dev; stat->ino =3D attr->ino; stat->mode =3D (inode->i_mode & S_IFMT) | (attr->mode & 07777); stat->nlink =3D attr->nlink; - stat->uid =3D make_kuid(fc->user_ns, attr->uid); - stat->gid =3D make_kgid(fc->user_ns, attr->gid); + stat->uid =3D vfsuid_into_kuid(vfsuid); + stat->gid =3D vfsgid_into_kgid(vfsgid); stat->rdev =3D inode->i_rdev; stat->atime.tv_sec =3D attr->atime; stat->atime.tv_nsec =3D attr->atimensec; @@ -1184,8 +1188,8 @@ static void fuse_statx_to_attr(struct fuse_statx *sx,= struct fuse_attr *attr) attr->blksize =3D sx->blksize; } =20 -static int fuse_do_statx(struct inode *inode, struct file *file, - struct kstat *stat) +static int fuse_do_statx(struct mnt_idmap *idmap, struct inode *inode, + struct file *file, struct kstat *stat) { int err; struct fuse_attr attr; @@ -1238,15 +1242,15 @@ static int fuse_do_statx(struct inode *inode, struc= t file *file, stat->result_mask =3D sx->mask & (STATX_BASIC_STATS | STATX_BTIME); stat->btime.tv_sec =3D sx->btime.tv_sec; stat->btime.tv_nsec =3D min_t(u32, sx->btime.tv_nsec, NSEC_PER_SEC - 1); - fuse_fillattr(inode, &attr, stat); + fuse_fillattr(idmap, inode, &attr, stat); stat->result_mask |=3D STATX_TYPE; } =20 return 0; } =20 -static int fuse_do_getattr(struct inode *inode, struct kstat *stat, - struct file *file) +static int fuse_do_getattr(struct mnt_idmap *idmap, struct inode *inode, + struct kstat *stat, struct file *file) { int err; struct fuse_getattr_in inarg; @@ -1285,15 +1289,15 @@ static int fuse_do_getattr(struct inode *inode, str= uct kstat *stat, ATTR_TIMEOUT(&outarg), attr_version); if (stat) - fuse_fillattr(inode, &outarg.attr, stat); + fuse_fillattr(idmap, inode, &outarg.attr, stat); } } return err; } =20 -static int fuse_update_get_attr(struct inode *inode, struct file *file, - struct kstat *stat, u32 request_mask, - unsigned int flags) +static int fuse_update_get_attr(struct mnt_idmap *idmap, struct inode *ino= de, + struct file *file, struct kstat *stat, + u32 request_mask, unsigned int flags) { struct fuse_inode *fi =3D get_fuse_inode(inode); struct fuse_conn *fc =3D get_fuse_conn(inode); @@ -1324,17 +1328,17 @@ static int fuse_update_get_attr(struct inode *inode= , struct file *file, forget_all_cached_acls(inode); /* Try statx if BTIME is requested */ if (!fc->no_statx && (request_mask & ~STATX_BASIC_STATS)) { - err =3D fuse_do_statx(inode, file, stat); + err =3D fuse_do_statx(idmap, inode, file, stat); if (err =3D=3D -ENOSYS) { fc->no_statx =3D 1; err =3D 0; goto retry; } } else { - err =3D fuse_do_getattr(inode, stat, file); + err =3D fuse_do_getattr(idmap, inode, stat, file); } } else if (stat) { - generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat); + generic_fillattr(idmap, request_mask, inode, stat); stat->mode =3D fi->orig_i_mode; stat->ino =3D fi->orig_ino; if (test_bit(FUSE_I_BTIME, &fi->state)) { @@ -1348,7 +1352,7 @@ static int fuse_update_get_attr(struct inode *inode, = struct file *file, =20 int fuse_update_attributes(struct inode *inode, struct file *file, u32 mas= k) { - return fuse_update_get_attr(inode, file, NULL, mask, 0); + return fuse_update_get_attr(&nop_mnt_idmap, inode, file, NULL, mask, 0); } =20 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid, @@ -1492,7 +1496,7 @@ static int fuse_perm_getattr(struct inode *inode, int= mask) return -ECHILD; =20 forget_all_cached_acls(inode); - return fuse_do_getattr(inode, NULL, NULL); + return fuse_do_getattr(&nop_mnt_idmap, inode, NULL, NULL); } =20 /* @@ -2071,7 +2075,7 @@ static int fuse_setattr(struct mnt_idmap *idmap, stru= ct dentry *entry, * ia_mode calculation may have used stale i_mode. * Refresh and recalculate. */ - ret =3D fuse_do_getattr(inode, NULL, file); + ret =3D fuse_do_getattr(idmap, inode, NULL, file); if (ret) return ret; =20 @@ -2128,7 +2132,7 @@ static int fuse_getattr(struct mnt_idmap *idmap, return -EACCES; } =20 - return fuse_update_get_attr(inode, NULL, stat, request_mask, flags); + return fuse_update_get_attr(idmap, inode, NULL, stat, request_mask, flags= ); } =20 static const struct inode_operations fuse_dir_inode_operations =3D { --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 09C9818F2DA for ; Tue, 3 Sep 2024 15:17:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376626; cv=none; b=Sb1PJfHY8f2yJE3r7wbpBwpRUwydpuyw0OVa3KTG7jHoYrM+zluCt9pQh53kja5EiQDaqWjgZJxM8j32HpWQbq1ONQkE2/yr6hLvRR2FyfYCUCja8JDMNZxhmQ8aO2rQKcrJC5zd+whoSEx4bt6YvOztAwSA/Sv05TTfLwY8UHg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376626; c=relaxed/simple; bh=/KSxVyB7IT7zZF5p/b+JrUDxUP53IflmxMsoAbMzrQE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=pEPEKGZ1lpNirxcCtZMlOFcJfrOBOEBaB/FpwntOvEvRnfqh9SFh3nSFiVA3OTcI5GDJAuwaWa+hFk2pADVV34Qbcsnx47aZ9Y+qbk7G5ae1GQZkEbPKZLkRaJ9aOj2/Z7QqR+/sstCQKds+cToiqgJQrgHzsgYP7t+VHVzBuGo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=eCFITWd6; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="eCFITWd6" Received: from mail-ej1-f69.google.com (mail-ej1-f69.google.com [209.85.218.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 980FC3FBC7 for ; Tue, 3 Sep 2024 15:17:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376623; bh=GgxPCzVaZ1cVZVunPaJCembmyRCPwoxjS+kDMNcCdhg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=eCFITWd6K84eNO4iTeyQkjYIkmpK2gCgQIdPqUcrRYUGJdL0xhfaqvO+p5/I6kR8I ou8HAKvmFyTOkJyoIdmhtREeDGwEjIoB8JS+RvAJafmJBYetUOBr+P+NAbM86j2mbj X7hRbjkpn0JHcnwSUQldPm0HK+Ka62isuYn0PIzXyD5PFB5Mxs7cBOZndBMahJ+JO2 6IcyfNW4VHdRLNGCDfly3m1+PSrkE0hzupHwuTZgeRU7RMgA6aUQUPzrSwcESwzwU9 +9aVpfjKEWRYwm3v2ij7EVYGOjR5sTSPVI9lS7ZR7ZYVV3cadr4azHVY1hG1eb06es ELnLQP0+R1rDw== Received: by mail-ej1-f69.google.com with SMTP id a640c23a62f3a-a870f345c33so442397466b.2 for ; Tue, 03 Sep 2024 08:17:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376623; x=1725981423; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GgxPCzVaZ1cVZVunPaJCembmyRCPwoxjS+kDMNcCdhg=; b=AFvDW4h9A5hebRYygL5YYPdP8WTzWBN2D2GsXpgdA/BNpZB6n9SUMtvxb84uWWQDrQ wgtcyL7Xoqa6wmBnekazO2H77uNb0q85MYjYH60ajpquQzBIo4DiHM2NKWDb49iNYNqA a/e6cZSCI3COiwpxO8XNbUYEnD0tkYoLH6f+dze71iXj8YzlDDQKF87do71HbdWgxtaY sL6yjpXIefaSkyO/ljP4mVuxVcAXIaa8AV1VJdIL1RIntySuIH/2iTATOG8xp2vIJzWz LyZ78M6M7SZKoi/S8gMA0vkW2Y2fP53FVKilOFLkb7kRJapiujgwDRHdzUAkuZaGDgCZ dwsQ== X-Forwarded-Encrypted: i=1; AJvYcCUpXLvexkB1g1BRsSAabG2tfZ/8YmKSurv6aKxBO+k7PqOTlG1kYlQxzNAQ6bMiuKOYGPQ7Oyy4K753BtA=@vger.kernel.org X-Gm-Message-State: AOJu0Yyz0s8n/CEA4DwDwoQqyoFaRgAyimWtbwER/3DvuemosbxiTji/ up8djx4AOI4tmmWB3VGtmmqBzSR9NXGXrLC79IiXrdiRmPDKxX/24ws6Zb9oxAJEARJt9e33noC X/Gl0KHs7q0e3+MZvkEPq06sZlyd3MGSI+pGk90AHpafaYd2S1gaGYyvl3JqjqnDF5XqmNIYlh9 KERg== X-Received: by 2002:a17:907:3f1c:b0:a86:789c:2d07 with SMTP id a640c23a62f3a-a8a1d29bc25mr284010566b.4.1725376622786; Tue, 03 Sep 2024 08:17:02 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHEt5VDltIc8zPXPIFeiCz8KAUJj0grhVupIthxizBUK009KgECFOvAGAbSM0OXZIC/NPX1VA== X-Received: by 2002:a17:907:3f1c:b0:a86:789c:2d07 with SMTP id a640c23a62f3a-a8a1d29bc25mr284008566b.4.1725376622275; Tue, 03 Sep 2024 08:17:02 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:01 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 07/15] fs/fuse: support idmapped ->permission inode op Date: Tue, 3 Sep 2024 17:16:18 +0200 Message-Id: <20240903151626.264609-8-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We only cover the case when "default_permissions" flag is used. A reason for that is that otherwise all the permission checks are done in the userspace and we have to deal with VFS idmapping in the userspace (which is bad), alternatively we have to provide the userspace with idmapped req->in.h.uid/req->in.h.gid which is also not align with VFS idmaps philosophy. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- fs/fuse/dir.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 1c28cdf9dd41..870932543aa0 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1544,7 +1544,7 @@ static int fuse_permission(struct mnt_idmap *idmap, } =20 if (fc->default_permissions) { - err =3D generic_permission(&nop_mnt_idmap, inode, mask); + err =3D generic_permission(idmap, inode, mask); =20 /* If permission is denied, try to refresh file attributes. This is also needed, because the root @@ -1552,7 +1552,7 @@ static int fuse_permission(struct mnt_idmap *idmap, if (err =3D=3D -EACCES && !refreshed) { err =3D fuse_perm_getattr(inode, mask); if (!err) - err =3D generic_permission(&nop_mnt_idmap, + err =3D generic_permission(idmap, inode, mask); } =20 --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 618C51917CD for ; Tue, 3 Sep 2024 15:17:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376631; cv=none; b=Z9kWPuoO8s0i8ZIne1UQxNjgrxVtsObepxXcJO5Yy0b8x4OIy+xx1wqiz/hKYeR0kVjri8A2aNr7FkfjAbEG1CjWtXPDhbBZscmPqxrHiKqNuobTg+a8kIa94HZGVhAE7CGmaTfQVrLCXQWcZUD7nfmGk9Ng0OgTnLbnCOuIhfY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376631; c=relaxed/simple; bh=d1QU9K0mCSLy9i49hu3VgHqnFt0IkZctbCF8EsYa5UY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=rKpd8v2fI+38TagP17mKZHEp/bdhDZCRzxN43CdKqSErTMP6BrRFIJI4cCjcPsMNdN55ZfTr+1KrsQHTmRfxvaVjESQXvwoiAe13etm5azvWBgkY5ALywcBcJO7UJEvIF3bt+wK/yHnYCdrAGrKYZFtFZ5GOV6ma41AdQ967srw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=FfxESeom; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="FfxESeom" Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id D00B03F339 for ; Tue, 3 Sep 2024 15:17:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376627; bh=RUXBxrexsYj2ubgYvgii/4vTEm7ycdd5RVigA12ybdw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=FfxESeom9fJH97jCSP78l8CZEteJRmVEyMNTzlOopcmfou/wXpkkfjRnHlqmPBhID NPHnFweLphaIK7NF9kLizwlCHtrsyIe8p9UjTeCFIOycbOTf3N9WlTKE9nEVTPJhZi 45sKComEUJ8bX2k4oozswxzRRG5GOutEyk1YFETdGCT/UmfIpA1oKI4bzVDXbXftEq 0u4ESyKtZlxaWyF3J/OcbbNHQg/vTvn0QimtJtogUABcTkH/24xqpAm/LHquiLPuao 8GeQF0gZuMX7a0ayc17m7LL+JgmZKCPyYt+ZJyQNqwmy8VyMpcpANw0+ivoXCMUbUb s593nrV+/Gs+g== Received: by mail-lf1-f69.google.com with SMTP id 2adb3069b0e04-5334656d5c3so5588675e87.1 for ; Tue, 03 Sep 2024 08:17:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376625; x=1725981425; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RUXBxrexsYj2ubgYvgii/4vTEm7ycdd5RVigA12ybdw=; b=oxOgndkg8hmqiM+SHIk/W0JD8lfYYEMxaJJVSPJjPkqI+A+HJxNZY8QPXzpkJ4npbK WG/qzbS+bToGFP0w7CXlTq4vjxASweMD0IHupkkD2VXUAbqG5g1BtpoOxfZYL91j9R74 x+jtxeLwdMCEvXrGKgy1EuWYE4XBa3SRSc+Jcf383+yUhkcg2pe2Dy5ybL3a0DhmEkIc PGGKehTZ5rgnDF9DXUB2dR+n/hhRJsi1ToUUJMRp1/poi5JgCPE0/tklmJM8dLauvIJC w/tUYiNJJkBimDyXjWlyY6PR/XCe8uWVyuShPBFbV09X4g+FFlHu0F+nZZKQizHzxArL 9sZw== X-Forwarded-Encrypted: i=1; AJvYcCUPh5NUIHZ5G+X0Og+p1x0gEr3sH/OlZaL8YtUJUUSpVQVG6E1+54tQi5+vmb9btsbM5LmQu692jSNUPMU=@vger.kernel.org X-Gm-Message-State: AOJu0YwwwOaLOFpY3ifRolsWiV+eKhW+LbQTDtmd/JUu0VFyVadV9YDF ysbWncEzpsJWZ/E9XpvqUTOOjSHFTcCoE9x0wl0p6iKHfiCuyDZHdT5K4hHccWhOXzmQ7yh53rb b23v6yvvbgMfKjenP25IMmCLV/KZzTr/hAz7nnMz74xf1nyFmgKFoS655d1iqBfxrg0EONK5B2f DYBg== X-Received: by 2002:a05:6512:2387:b0:530:c1fc:1c32 with SMTP id 2adb3069b0e04-53546b8e196mr10335871e87.45.1725376625247; Tue, 03 Sep 2024 08:17:05 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHbdVNQw9JIGlffkc2qNWniuxTLPhkWGbYYHUXdBD/ban51LA6iUri9d3hyagPN6wYzcdu37w== X-Received: by 2002:a05:6512:2387:b0:530:c1fc:1c32 with SMTP id 2adb3069b0e04-53546b8e196mr10335839e87.45.1725376624758; Tue, 03 Sep 2024 08:17:04 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:04 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 08/15] fs/fuse: support idmapped ->setattr op Date: Tue, 3 Sep 2024 17:16:19 +0200 Message-Id: <20240903151626.264609-9-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- v2: - pass idmap in more cases to make code easier to understand --- fs/fuse/dir.c | 32 +++++++++++++++++++++----------- fs/fuse/file.c | 2 +- fs/fuse/fuse_i.h | 4 ++-- 3 files changed, 24 insertions(+), 14 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 870932543aa0..08bf9cc51a65 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1748,17 +1748,27 @@ static bool update_mtime(unsigned ivalid, bool trus= t_local_mtime) return true; } =20 -static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr, - struct fuse_setattr_in *arg, bool trust_local_cmtime) +static void iattr_to_fattr(struct mnt_idmap *idmap, struct fuse_conn *fc, + struct iattr *iattr, struct fuse_setattr_in *arg, + bool trust_local_cmtime) { unsigned ivalid =3D iattr->ia_valid; =20 if (ivalid & ATTR_MODE) arg->valid |=3D FATTR_MODE, arg->mode =3D iattr->ia_mode; - if (ivalid & ATTR_UID) - arg->valid |=3D FATTR_UID, arg->uid =3D from_kuid(fc->user_ns, iattr-= >ia_uid); - if (ivalid & ATTR_GID) - arg->valid |=3D FATTR_GID, arg->gid =3D from_kgid(fc->user_ns, iattr-= >ia_gid); + + if (ivalid & ATTR_UID) { + kuid_t fsuid =3D from_vfsuid(idmap, fc->user_ns, iattr->ia_vfsuid); + arg->valid |=3D FATTR_UID; + arg->uid =3D from_kuid(fc->user_ns, fsuid); + } + + if (ivalid & ATTR_GID) { + kgid_t fsgid =3D from_vfsgid(idmap, fc->user_ns, iattr->ia_vfsgid); + arg->valid |=3D FATTR_GID; + arg->gid =3D from_kgid(fc->user_ns, fsgid); + } + if (ivalid & ATTR_SIZE) arg->valid |=3D FATTR_SIZE, arg->size =3D iattr->ia_size; if (ivalid & ATTR_ATIME) { @@ -1878,8 +1888,8 @@ int fuse_flush_times(struct inode *inode, struct fuse= _file *ff) * vmtruncate() doesn't allow for this case, so do the rlimit checking * and the actual truncation by hand. */ -int fuse_do_setattr(struct dentry *dentry, struct iattr *attr, - struct file *file) +int fuse_do_setattr(struct mnt_idmap *idmap, struct dentry *dentry, + struct iattr *attr, struct file *file) { struct inode *inode =3D d_inode(dentry); struct fuse_mount *fm =3D get_fuse_mount(inode); @@ -1899,7 +1909,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iat= tr *attr, if (!fc->default_permissions) attr->ia_valid |=3D ATTR_FORCE; =20 - err =3D setattr_prepare(&nop_mnt_idmap, dentry, attr); + err =3D setattr_prepare(idmap, dentry, attr); if (err) return err; =20 @@ -1958,7 +1968,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iat= tr *attr, =20 memset(&inarg, 0, sizeof(inarg)); memset(&outarg, 0, sizeof(outarg)); - iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime); + iattr_to_fattr(idmap, fc, attr, &inarg, trust_local_cmtime); if (file) { struct fuse_file *ff =3D file->private_data; inarg.valid |=3D FATTR_FH; @@ -2093,7 +2103,7 @@ static int fuse_setattr(struct mnt_idmap *idmap, stru= ct dentry *entry, if (!attr->ia_valid) return 0; =20 - ret =3D fuse_do_setattr(entry, attr, file); + ret =3D fuse_do_setattr(idmap, entry, attr, file); if (!ret) { /* * If filesystem supports acls it may have updated acl xattrs in diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 7d14d533dad1..06ff4742ab08 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -2966,7 +2966,7 @@ static void fuse_do_truncate(struct file *file) attr.ia_file =3D file; attr.ia_valid |=3D ATTR_FILE; =20 - fuse_do_setattr(file_dentry(file), &attr, file); + fuse_do_setattr(file_mnt_idmap(file), file_dentry(file), &attr, file); } =20 static inline loff_t fuse_round_up(struct fuse_conn *fc, loff_t off) diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index 656575e3e4cf..de0ab2f14995 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -1331,8 +1331,8 @@ bool fuse_write_update_attr(struct inode *inode, loff= _t pos, ssize_t written); int fuse_flush_times(struct inode *inode, struct fuse_file *ff); int fuse_write_inode(struct inode *inode, struct writeback_control *wbc); =20 -int fuse_do_setattr(struct dentry *dentry, struct iattr *attr, - struct file *file); +int fuse_do_setattr(struct mnt_idmap *idmap, struct dentry *dentry, + struct iattr *attr, struct file *file); =20 void fuse_set_initialized(struct fuse_conn *fc); =20 --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C8871917F8 for ; Tue, 3 Sep 2024 15:17:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376632; cv=none; b=cXfXLQb/T00BChQF2un6TBQLM4H4mg5zex3B+SQIB15AvhDTd3fHzBq2VSauAq9mCRMZs2SvwrEkKN+blz/E/tdtBoemSpVuOEXP7zeUWtJ83if618OTVK4El1Q4AcyP5m6zNWBYBja8hFayOM1QVGjxLVZqJtxA+F1mloelYFU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376632; c=relaxed/simple; bh=4adc61tKzjK2fTdo7B9pTquQAHQKVd/XEnUnW9CoK7g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=oukpmMrhpnJJj939H9h4EluGQIuTHdLWtTk+oUhe/4B5wbqUbuOZNowP7mvnJ7A4falyS1c3tgXfKHN4OjHEG8Z97oglOJ93Ozrr76l0PTqBGrjSkScDXoAZ1vLKLbtKMddak6gu4frYBA775HqbInKAgRFj+KkqrP5LbLQOY7c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=AxoFDJrR; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="AxoFDJrR" Received: from mail-lf1-f70.google.com (mail-lf1-f70.google.com [209.85.167.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id BAD383FE24 for ; Tue, 3 Sep 2024 15:17:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376628; bh=ftHOv+os2MH3Qk9OKnsGMHrGZxHBoFg3umKFJ4e1joU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=AxoFDJrR/uAvx2WbQfxnvYk5PgY958HjeB1+ETaE1JDOhukN+meK7erSN4/UDSHfz 0GneFHw0ulyFq1IGnJEvknX8NCLVMNbEVZbRCNb51VplxrCWb37Q1kKrPPc6HAPMnb 604DJ/AN51av/3k1dFrvvRRMOAOo1xIxzrYzPfsZo1z87KhUCNQXFGnpHy0TtGgc0b JwEgok/I5/kabsva8iPoVYmdBmgSbCKuj8WSo3tDT7WbByzgw/6cQTvU3KVxglDHVw XFISOpAoRJGWTeLvPJ8qn6ikozoGJUxpFIZpz3qA5c3b/LziTY13DgBWKSXXxR3gJl MP8d2mZBqXtmg== Received: by mail-lf1-f70.google.com with SMTP id 2adb3069b0e04-53440ff1ecfso5784295e87.3 for ; Tue, 03 Sep 2024 08:17:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376628; x=1725981428; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ftHOv+os2MH3Qk9OKnsGMHrGZxHBoFg3umKFJ4e1joU=; b=szveIeHwWcQhQevs9b0h9rPYyXWvQ4h2FBL+oWPLPNIGIKS5HW2j/eP425cz5XqswJ vM6DFNWgFzKy+c2c0IOkN0xtcpzto1enfvVIwGcdaS1PEwRz0+9OBXmjWKVvLPcybkV4 zRAkJIsr8V5HYVbrvJFDgtGbMmeHF6zfsUkseCx7BzmP3D4JsyKV997F007SjUQCtrGk IYVHX6HaKVIl9zBbKP9WahE2LdQR942fS+pmcFkoJolOhUy+w52dxjuc+y9yb0U5UVr4 S0PTSFS7BoH0k6BI0ww6ihCzFqMGykllkIRiBj5u6y5DY9mzcDdsXxNqPxcAASNYxkZm GSkg== X-Forwarded-Encrypted: i=1; AJvYcCWWDDN81ehg6IQx/aTCJLjQi4pCwakBWJkYdggP8NTuB4ssSRkpTByT4oBCYLEc6bAP4pShPT1xKNw5EBQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yzt4NG/tsf7Nm9Rvf6jWmQwqnD8ym0NguKKMscrQGrM3rcXwcsd 6nfu5VKNh+xnQYcAwtz16ldFJF20LO8MinaEuhlizM/2Xk8qP7z6pIUpnauICZlA5KSLXzTdTc3 KsAbLsewDRLDkBgH28FYYrc2uTVjoVfTuxCHdihYpgZAHu4KPIlnpXXG+Ob11W1FoNvrudJodIg kSsQ== X-Received: by 2002:a05:6512:282a:b0:533:6f3:9844 with SMTP id 2adb3069b0e04-53546afa387mr10490570e87.11.1725376627977; Tue, 03 Sep 2024 08:17:07 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE5r2bdM4b8pU4WooC0ysEsGd9NXSqimzWCsNEiz5JuzrIziCYp6jmEEIfAj6my8kq7tExZbg== X-Received: by 2002:a05:6512:282a:b0:533:6f3:9844 with SMTP id 2adb3069b0e04-53546afa387mr10490545e87.11.1725376627555; Tue, 03 Sep 2024 08:17:07 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:07 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 09/15] fs/fuse: drop idmap argument from __fuse_get_acl Date: Tue, 3 Sep 2024 17:16:20 +0200 Message-Id: <20240903151626.264609-10-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We don't need to have idmap in the __fuse_get_acl as we don't have any use for it. In the current POSIX ACL implementation, idmapped mounts are taken into account on the userspace/kernel border (see vfs_set_acl_idmapped_mnt() and vfs_posix_acl_to_xattr()). Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- fs/fuse/acl.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/fs/fuse/acl.c b/fs/fuse/acl.c index 04cfd8fee992..897d813c5e92 100644 --- a/fs/fuse/acl.c +++ b/fs/fuse/acl.c @@ -12,7 +12,6 @@ #include =20 static struct posix_acl *__fuse_get_acl(struct fuse_conn *fc, - struct mnt_idmap *idmap, struct inode *inode, int type, bool rcu) { int size; @@ -74,7 +73,7 @@ struct posix_acl *fuse_get_acl(struct mnt_idmap *idmap, if (fuse_no_acl(fc, inode)) return ERR_PTR(-EOPNOTSUPP); =20 - return __fuse_get_acl(fc, idmap, inode, type, false); + return __fuse_get_acl(fc, inode, type, false); } =20 struct posix_acl *fuse_get_inode_acl(struct inode *inode, int type, bool r= cu) @@ -90,8 +89,7 @@ struct posix_acl *fuse_get_inode_acl(struct inode *inode,= int type, bool rcu) */ if (!fc->posix_acl) return NULL; - - return __fuse_get_acl(fc, &nop_mnt_idmap, inode, type, rcu); + return __fuse_get_acl(fc, inode, type, rcu); } =20 int fuse_set_acl(struct mnt_idmap *idmap, struct dentry *dentry, --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 13A341922F9 for ; Tue, 3 Sep 2024 15:17:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376634; cv=none; b=SViiDLwd6ABvvgbkj1iQq9/eesS+trIxHn8wVkLss9+Z0M4888LW+X3IXw86YAlxvDzdDXPtDK9oUmVSAyKOyp3JfqLaNzojRwVrX6nvnlVh5o3G14WSRjYFYWmFSANC9TExEZKzvjtXhoCirmg/p55YUJKhouPCkRjxlI+owjo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376634; c=relaxed/simple; bh=zCrcaSPlVef9fMgj6fnLuhDo1m+kzv16tHWQShTiBI4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=afJej/kqHJxNuhWPxF/vxa1GetNBf0KJnVgo4IegF43IHX/Kyv00XOBUnfVNtHVEiZswPj25Mc2r8Pxtjyl4xI0hSuRJe0NioGMLFFzI3JJeq1dgA0YXVZRxDmlz1w+V50FnsMOjiyyUEuJuxmIOx/RiUOE/Dy2/smnPAI+Ov54= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=vYYS8ckV; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="vYYS8ckV" Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id A0BE33F284 for ; Tue, 3 Sep 2024 15:17:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376631; bh=btta7JvkwVu4o++SpqzGVQUNPal7Y+ZsmtoSEosWuhw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=vYYS8ckVqaTMWNJBCPphlcouEvbpQ2KhpU/o3bXj7JehDaFasNpBRRcwslGJytNXP G68b3Wgtu8Oz//s9oxjH65eYh0YWsNkLsa1e9PbHfiO1v8XbhcQj+QeklBAjzFxspI Gc6ZdOic9CaCy3KpF+nUVTKjMJHu0JrQC2Xvy9fVqHZudyLFdRLblMG5T+qTrZP8Ya VsISIcnC5UQrMuWdPPOoD3ZcwVjjjWoQq5sefhc0s6DyVXPfTM/feNuf/kM2yTNufo 3ptaApsEM5/Px+NIxZulySycVhrslzeams5WVkfjGE6cNKfLN5HfAu5G2cUvj52Psi 3tOiPI8mGXedA== Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-5334191fc41so5250658e87.3 for ; Tue, 03 Sep 2024 08:17:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376631; x=1725981431; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=btta7JvkwVu4o++SpqzGVQUNPal7Y+ZsmtoSEosWuhw=; b=XEQb0SKD4LML+vXVtxTDB7FIum9ZK/mOcJC/WQhyAqHnKZmdSDceYDcdetWr95nlVU mWJNawl8aNLKNSy6TzxeJ+li3OvHaAAs3HlyXFcACbA0Bk+V2IhsHbpqz/BvvgWlFFOU N7drZ6SOf0qs/nAouseCqVBz/C4yCNrQd1Dsdx3nSYEH+fYwVxGx2dQZrYtA9x1BrB9R pIzvNkijiLCPrMdwzbG/ve4qYVlFwZOVMaSqUPuG3GzUWDATsyOMqSA3gPiqcg8J797E LHzGGfA5z8E+xRgDobkqrDu3zv8+VRPxHcjtf5op0kDiTZxXAR/o8Qn6DttgD249ORAd n0CA== X-Forwarded-Encrypted: i=1; AJvYcCVdqLwpj73Tt1YYbaMie0McOWUiKKCoLoWpODbeu3McYV8G6VGBv4Qk/utTW1e5UshqhGn0us7hgrmlhvM=@vger.kernel.org X-Gm-Message-State: AOJu0Yw1dShPq8j0QmKrvbePBTOSu/2lOOrbjiHfFr1X5Ie/a4y7Oqws 7wG5IkeeHNNPLoHCnV1nsVnlIuXfklwvN8qXuIGthGfzaRngZDfWvD0zG92CN5GVyA0iGBpWQ5X ekAlj5x+1i2Cmx5kjHpLb1J+U1DYVTu/2C75A5RgqXYWr5FCXolVp1eyQUR4CgnDgNu4/AsKPOS 8Y1w== X-Received: by 2002:a05:6512:2215:b0:533:4676:c218 with SMTP id 2adb3069b0e04-53546b191c1mr10714027e87.8.1725376630617; Tue, 03 Sep 2024 08:17:10 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF9/hcou3cmyT9HFV+yv/KjP2e+D8E+jeLocrBSGTUTM5RMK5sgega+1/hOouRDW8vLnMtf4A== X-Received: by 2002:a05:6512:2215:b0:533:4676:c218 with SMTP id 2adb3069b0e04-53546b191c1mr10713999e87.8.1725376630113; Tue, 03 Sep 2024 08:17:10 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:09 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 10/15] fs/fuse: support idmapped ->set_acl Date: Tue, 3 Sep 2024 17:16:21 +0200 Message-Id: <20240903151626.264609-11-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" It's just a matter of adjusting a permission check condition for S_ISGID flag. All the rest is already handled in the generic VFS code. Notice that this permission check is the analog of what we have in posix_acl_update_mode() generic helper, but fuse doesn't use this helper as on the kernel side we don't care about ensuring that POSIX ACL and CHMOD permissions are in sync as it is a responsibility of a userspace daemon to handle that. For the same reason we don't have a calls to posix_acl_chmod(), while most of other filesystem do. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- fs/fuse/acl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/fuse/acl.c b/fs/fuse/acl.c index 897d813c5e92..8f484b105f13 100644 --- a/fs/fuse/acl.c +++ b/fs/fuse/acl.c @@ -144,8 +144,8 @@ int fuse_set_acl(struct mnt_idmap *idmap, struct dentry= *dentry, * be stripped. */ if (fc->posix_acl && - !in_group_or_capable(&nop_mnt_idmap, inode, - i_gid_into_vfsgid(&nop_mnt_idmap, inode))) + !in_group_or_capable(idmap, inode, + i_gid_into_vfsgid(idmap, inode))) extra_flags |=3D FUSE_SETXATTR_ACL_KILL_SGID; =20 ret =3D fuse_setxattr(inode, name, value, size, 0, extra_flags); --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9050E192B70 for ; Tue, 3 Sep 2024 15:17:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376637; cv=none; b=rFCYquwU9PnlVJ40dPdP3G0GKBss7ppLMMFsKanBZwgxEK5G2fIlX8Glz15Z7i69SjSkY14Qm6iRe3wJZtQ1WaJb6jylSGB+8QWSV5nN+kbkU5NaxlV4UfZfkSLC9M7I7UJeDVRBXNhGx7iKxzWTcGLU/x4uQXOlbcXZag0OQ1E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376637; c=relaxed/simple; bh=ezrwIWPEtkVKsO2BZ8GHjfDUp3paNgF+C0sOeuA/x40=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=lA+4UFpKKBi4ABdQmrjhLs/6DakUJqwYL4Y+pd2eCqK7qlsGNZl9lmX7JvqBRz1o7TAGvcawQcfXbiiSQnk7WlYdSA3tIE3VB4AwyAOdNJXKJB+lXFN/3XMZtv50odi60vZBR92QQpojkIyfW3PY00H4cKpNFyBbulz3pU0b5iM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=Q/Y5sx7H; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="Q/Y5sx7H" Received: from mail-ej1-f70.google.com (mail-ej1-f70.google.com [209.85.218.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id CC0093FE1C for ; Tue, 3 Sep 2024 15:17:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376633; bh=UlVqr8qfq0zm4LadiFaTT35TCbrEM7DrGylkId+7er0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Q/Y5sx7Hjj9AbUArEUlD5AOtdoWF3y4v3vXtcfd6nk7K8F9zM0xym8Zp7m4taBnI8 JVdquzhnM0MWeDE+S3T29vJJgT0tz+3eXd66a/DkGIRr+vB13t1BYeSc7uiRzpxOKb 6oeGYseQgLT7TahKYdTt1Je21izR/Ohy0lNF2pejpwyO3Lb7wChyz09w4snQwKIw3T KeSCwy1Sp2wEop2DTQALtgOpaWqe2q1wZmXC3HzARLQqkl2cvIipjlxbGIdEB2zMO1 btU6gfUX0sIyyjIPU6280CIoXvR1seSYXUgiyncTNV6QxZrck/TWegXOEdNaupB1f0 y2FDagf6g+gxw== Received: by mail-ej1-f70.google.com with SMTP id a640c23a62f3a-a870cad2633so477434066b.1 for ; Tue, 03 Sep 2024 08:17:13 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376633; x=1725981433; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UlVqr8qfq0zm4LadiFaTT35TCbrEM7DrGylkId+7er0=; b=QvQTXZf1HIQ9jYSE13HbwBO9xSuV0yYkw+t+4MXiCTHm7akYMcs0M1Ij0Awq3znGkq 6W8gqh1+rCoEkn9pMfS0jiA/YfD4x7kMRFOsgLNn2se5OT/Nw1XClFL6HnF/nrbw2fdJ Zn4AzZYuluGkkdtkG3VUuVIf++nBmkJMN823oFkZfZIDuR+2ZXPg14HjooRCvqpQOEQh rBtYS0TnnevykjcxmdxXXpT7faepB3Gtj62f5CM89r16DEsqfTS+25id7PTSo9kgKuQC N6ZWzKsNdvCznKmYdf8+JQwx0ookqyU+6Smxv/ONYARKpa+zrNqeIojBN+L+iBbWY+Wh u0fA== X-Forwarded-Encrypted: i=1; AJvYcCVqE78iDUh6QBaErt94LxXys52/pVyGyyNQjhLSAqdn7uBel2aAPpwLHJlZYNTcgw0lcUEn8WAqcB6y4UI=@vger.kernel.org X-Gm-Message-State: AOJu0Yw0GNcBM4SYywaOf3ANfZzv+yNaW0b5RUcdcW/elvyCmPftC2Yp iLgRTPSrd5jAu2D4YElWWwRI2WsRO332A0XUYEn5tkZejvPxTO7cff0xAMAjU2e+KGdVtbwm7Yg IxM9SPHtYmH8mRkbPMSW4PhhIASLX2SryX7GnvoESaKMo7Owh7lLGx1fH5AxXsF5+SiUk6kxhIN 4JAg== X-Received: by 2002:a17:907:9487:b0:a77:c30c:341 with SMTP id a640c23a62f3a-a897f1c3e3dmr1290756166b.0.1725376633316; Tue, 03 Sep 2024 08:17:13 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGL2gL9kVUAD7c/U4EREwo/0f6jUYuTiYlOJEoA7Rsdp22DZQmd9M2c7KMwQk3rXunkx2Y1ag== X-Received: by 2002:a17:907:9487:b0:a77:c30c:341 with SMTP id a640c23a62f3a-a897f1c3e3dmr1290754566b.0.1725376632859; Tue, 03 Sep 2024 08:17:12 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:12 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 11/15] fs/fuse: support idmapped ->rename op Date: Tue, 3 Sep 2024 17:16:22 +0200 Message-Id: <20240903151626.264609-12-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" RENAME_WHITEOUT is a special case of ->rename and we need to take idmappings into account there. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn --- v2: - this commit added v4: - support idmapped ->rename for RENAME_WHITEOUT --- fs/fuse/dir.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 08bf9cc51a65..d316223bd00b 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1025,7 +1025,7 @@ static int fuse_rmdir(struct inode *dir, struct dentr= y *entry) return err; } =20 -static int fuse_rename_common(struct inode *olddir, struct dentry *oldent, +static int fuse_rename_common(struct mnt_idmap *idmap, struct inode *olddi= r, struct dentry *oldent, struct inode *newdir, struct dentry *newent, unsigned int flags, int opcode, size_t argsize) { @@ -1046,7 +1046,7 @@ static int fuse_rename_common(struct inode *olddir, s= truct dentry *oldent, args.in_args[1].value =3D oldent->d_name.name; args.in_args[2].size =3D newent->d_name.len + 1; args.in_args[2].value =3D newent->d_name.name; - err =3D fuse_simple_request(NULL, fm, &args); + err =3D fuse_simple_request(idmap, fm, &args); if (!err) { /* ctime changes */ fuse_update_ctime(d_inode(oldent)); @@ -1092,7 +1092,8 @@ static int fuse_rename2(struct mnt_idmap *idmap, stru= ct inode *olddir, if (fc->no_rename2 || fc->minor < 23) return -EINVAL; =20 - err =3D fuse_rename_common(olddir, oldent, newdir, newent, flags, + err =3D fuse_rename_common((flags & RENAME_WHITEOUT) ? idmap : NULL, + olddir, oldent, newdir, newent, flags, FUSE_RENAME2, sizeof(struct fuse_rename2_in)); if (err =3D=3D -ENOSYS) { @@ -1100,7 +1101,7 @@ static int fuse_rename2(struct mnt_idmap *idmap, stru= ct inode *olddir, err =3D -EINVAL; } } else { - err =3D fuse_rename_common(olddir, oldent, newdir, newent, 0, + err =3D fuse_rename_common(NULL, olddir, oldent, newdir, newent, 0, FUSE_RENAME, sizeof(struct fuse_rename_in)); } --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2E6C61922F9 for ; Tue, 3 Sep 2024 15:17:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376639; cv=none; b=j6IWQbTZzYshVx6umcGK7yvctt64+StBF5GPzI2l59pXhPGCDsO/xBbRri2WzTyC9xw+7wEFXV0rB8zt3xZeuvOLGMdRCvD2hazt14iamEkN604epKuvdAUXNwsQkiD/PozmfvB0EsyBI6+PwisAU2imDKNb+pNyCICocWRyGdI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376639; c=relaxed/simple; bh=fapDmbcyv3OV3L5MVJ0ESyKv76DKH2gIdDF3OBkCKmU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Al6LiPYRUrgUbRALUZN6DgZLVYxuJmh3rOcF1lXgPbD7cyMxUkfhYRyZjkRFT59FWdGWJAZtCHeMxSGncTeNO9AxtDpcnZsVTYFTm5nHHuHh0zmMst3gEtAXLry0viXkwh2Bkq6qtnPjr5Ze6oGAh/KkyYCc3FIvH7LsRPvL5+Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=H4ZFARnH; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="H4ZFARnH" Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 9BAE93FC04 for ; Tue, 3 Sep 2024 15:17:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376636; bh=GKlPAS/yke2oPrCeB1Al+EppMQBQKIKtDOu8hv7kn/0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=H4ZFARnHvMUb3znZMjPpYmHQhTNQaF7qfl89vPcE1bVCOdNWksqhpeHu979HCgLa3 hhTkEBfRhJ12wtq4csPXmJx1zFFXDdNGeYXoAXhthw7rFOZ4ciXrbRYElocZmloApG 9JDcrIKVywSuV6ZA6YegcYEjQjNTFYB7PBB2IZtWllnSq9za9YktNuGwdqR9mvHlwR shhrQ8pZJNPIi9kXLlrR+z+q3FAoYUKkMpGfWF34vLWi9IkJ0LCrd/Ec3M+zWwlDcS nTaQl8LQtzTdNDmR9EB6N84SFUdhywXq0Et343T9JE9gIqrXyMA4d/WZbLLGX28j6K LgDvqMzIDZMpg== Received: by mail-lf1-f69.google.com with SMTP id 2adb3069b0e04-53351fe4b2dso5594189e87.2 for ; Tue, 03 Sep 2024 08:17:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376636; x=1725981436; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GKlPAS/yke2oPrCeB1Al+EppMQBQKIKtDOu8hv7kn/0=; b=IFhzV2YaCO+FmJ2m3oOiEjqDqgV7cW1cXKVA6l0YHrdGpyKRTcf8JK1VqAHG2qFPAR 5C+JpliSXLh2HByoSINpauP77tLd2han2eC6dY/o7xUvoQ7sfwTvVhpUQfd5Y4iej0SG 4wHGTX2C7njj2D7GhAIR0ypul2jg2+Hs+43GSSTZXlV2XkHZf4gUEAZ+HS4dcNpCeDUU wNZY+i0h4eu0nDVXHoTa85orTCJOG/xzuBZdqDBPX/XCTFrt/dmLh74LJ2MO39ydcop/ MBbkiYW8c6sCAB0ZTjBn9AzVf6kHsHE1tI2zxgewhxY+lgReI1qenXahDnz3PYtX8d5+ YNAQ== X-Forwarded-Encrypted: i=1; AJvYcCVpBuQntqNbWcHCn/E+ECB+FesLxoew1p01bhBqoJhnJ6A6666XQrp67g3jvfrWI5VFMfa2/roMiqUPXhU=@vger.kernel.org X-Gm-Message-State: AOJu0YzA6zV1tw8Ohzp8soQbE1hK6gkFi3SB0CFsjAfPFNzES/d08024 Qi/YfVB7ZFwrguWkB6wvv8tO0N0nU3Rh9nN2bGXL85RGUwvRcDM6IScoLPnzU9jPuc4+amq8HuM 9Jqvvi/iFzau3SISo9lrwonE9qhTovsS1oVwB6bijUDdnekSIHY40u5jfdp/Eclrpcuih20k5jm hPxQ== X-Received: by 2002:a05:6512:238a:b0:52c:e1cd:39b7 with SMTP id 2adb3069b0e04-53546afd6d3mr9430366e87.5.1725376635828; Tue, 03 Sep 2024 08:17:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE7xyi4/WNe4j3fu5EFB8IE3ilwNISUZWJq2BDcXmtXsVDh9f1cWld/tjAcEfAzJ5I9AOVJcA== X-Received: by 2002:a05:6512:238a:b0:52c:e1cd:39b7 with SMTP id 2adb3069b0e04-53546afd6d3mr9430338e87.5.1725376635314; Tue, 03 Sep 2024 08:17:15 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:14 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 12/15] fs/fuse: handle idmappings properly in ->write_iter Date: Tue, 3 Sep 2024 17:16:23 +0200 Message-Id: <20240903151626.264609-13-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn --- v4: - this commit added --- fs/fuse/file.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 06ff4742ab08..dffc476f0bf2 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -1398,6 +1398,7 @@ static void fuse_dio_unlock(struct kiocb *iocb, bool = exclusive) static ssize_t fuse_cache_write_iter(struct kiocb *iocb, struct iov_iter *= from) { struct file *file =3D iocb->ki_filp; + struct mnt_idmap *idmap =3D file_mnt_idmap(file); struct address_space *mapping =3D file->f_mapping; ssize_t written =3D 0; struct inode *inode =3D mapping->host; @@ -1412,7 +1413,7 @@ static ssize_t fuse_cache_write_iter(struct kiocb *io= cb, struct iov_iter *from) return err; =20 if (fc->handle_killpriv_v2 && - setattr_should_drop_suidgid(&nop_mnt_idmap, + setattr_should_drop_suidgid(idmap, file_inode(file))) { goto writethrough; } --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3F3B418BC30 for ; Tue, 3 Sep 2024 15:17:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376644; cv=none; b=RliGfm7xEVIQ74uIML0hjXGre3++/HAB5FpwpSQkMxow4UOB+NCZ8fbM05a4p9cGr0N2xfLtvrN8Os2zxhWlQPl3mSMwV7vUhfaHNJwguTo6eun9EBWMrGO78TR70Cfx9bn/0C4/dvalzMAQuRQj3mJm8xwspO7IYUtkAbnb0WE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376644; c=relaxed/simple; bh=n1q/EIb8QE/gzlW7TGaoEUxhlzstWKJksL6EQ5xdUDQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=GQrIRc5VvAWTX5CJc1vQjBTi+LGHyZ2vZI35aZvhxPsXt3Llym+5aCWIVCz4KHRE+lUVSb/pDnLkvy62fbJH8DQrO9tUc66Qx69vi6KflEtzgvTtNvyB5UzcuMkOiBA4OW+ceqprSfz713Hs6S4/JPX5ddSHIMd234+ur3Ffhzc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=tANZBw5B; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="tANZBw5B" Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 1BAB63F323 for ; Tue, 3 Sep 2024 15:17:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376641; bh=q/dJXF5eC+NKzBxw8fqNSmpQ4hPcGmLwxIIccnA2zek=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=tANZBw5BR951V0tjNwoKsuCYGXFvAADclmIOKRfh4mAc9V6XqygI96+/3hwQFfqVZ iWK3AP1xGmUHwSi3ubmPRlMQM9OvTXCxoujZz+k3lQrZZyRjFZZSVVN4DFqchMYsYC RFifrzgq/cky5RMbsvQjz6Fd8FhGx6LHgz+BgjZ+PzEnkh3tLvi9gFi1y8EWxce/5/ MgKw9P30rpfXNhQkrUL/y6ZLwvhULr4q7jiWx+EsGCj6Iix1RGrVBpNOuDKQIZG6nD jk8Zie9OAU0KNPlBd/DvoFqEeF3i8FabPTGLlu70NvpIxaAmUtChH6JZy28RWzxcsM 2zB19K9FqQYGQ== Received: by mail-lf1-f69.google.com with SMTP id 2adb3069b0e04-53351fe4bb8so5436199e87.3 for ; Tue, 03 Sep 2024 08:17:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376638; x=1725981438; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=q/dJXF5eC+NKzBxw8fqNSmpQ4hPcGmLwxIIccnA2zek=; b=j/8/qLX2jzSOakBzxfKa2ykQFoOhdaTELpAk44WL4lAlCrimm5lYAbTZUnUL0yyPsP JKDmBT7YM68AcAx7A5Z/EPIyPR66tiLV4qyHmlr/g9nTboCyNyQ7H/33Nq1nxVkG11ob eMBSDRKSJaaA/w8DxmJSRAaAdplOrnAa10Z5U1QwglC9+MK+OKSC4addMMmbCc7Jp7ac Dal0jNVtHDQWsFM41DDAItKxIjpYE894KCdNPWohk2ceMsG6NcxiM5/e2uD34Fws/e8m Nb/jS8g1SBZxbxfdw73tXBoIWTF7qEIRaivZ4zBDuCn9szaGThdtsauFvOjNgwwYnLfZ RrHQ== X-Forwarded-Encrypted: i=1; AJvYcCX2v8TLc7R1HbB63bOwoWo0N9SPr+6BXrW1afXdRqwYymgD2EhT+0MvNFs3bvDug/yZmlrSw0/+kgFev5w=@vger.kernel.org X-Gm-Message-State: AOJu0YyuXv8CNGBxeGFXAZECq2z81SbhedzYprzqgZkxK1sSai2aiN2X VDOr/V1Cf6zonmdXKVEvx0bnYmufDoYFiDQfuUEdFcBqhaMj5ASaeZrBaRXYvvfZB9Ebxb7oDUB asr3CNK/zMyjbq88hhR32y4T2GauIC86KheATqZjgf/DWfBR0zG3ql3ae4EdGfVXvc0XkvXJKwG BDUQ== X-Received: by 2002:a05:6512:12cb:b0:52c:8979:9627 with SMTP id 2adb3069b0e04-53546afaadamr9026104e87.3.1725376638412; Tue, 03 Sep 2024 08:17:18 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFGeAr4W1tnViv/aJ8AvVT1RQIyOxpEgki6TmTjrWHhDfkxMRoGBh6oqad2TrUHYX4xemgG9Q== X-Received: by 2002:a05:6512:12cb:b0:52c:8979:9627 with SMTP id 2adb3069b0e04-53546afaadamr9026067e87.3.1725376637915; Tue, 03 Sep 2024 08:17:17 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:17 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 13/15] fs/fuse: warn if fuse_access is called when idmapped mounts are allowed Date: Tue, 3 Sep 2024 17:16:24 +0200 Message-Id: <20240903151626.264609-14-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" It is not possible with the current fuse code, but let's protect ourselves from regressions in the future. Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn --- v4: - this commit added --- fs/fuse/dir.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index d316223bd00b..dd967402bf12 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1473,6 +1473,14 @@ static int fuse_access(struct inode *inode, int mask) =20 BUG_ON(mask & MAY_NOT_BLOCK); =20 + /* + * We should not send FUSE_ACCESS to the userspace + * when idmapped mounts are enabled as for this case + * we have fc->default_permissions =3D 1 and access + * permission checks are done on the kernel side. + */ + WARN_ON_ONCE(!(fm->sb->s_iflags & SB_I_NOIDMAP)); + if (fm->fc->no_access) return 0; =20 --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5E2BA194C7A for ; Tue, 3 Sep 2024 15:17:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376645; cv=none; b=HZK7/yfpboPTAfpXrFbm0A6vA2mPRyl7Eou+SEhM4rEP3oDMcOABSIvpDOGHklP3AagzGgLbobi4Nn8CJ6zJ7mzd7otzp6bYzZMFHxL0F5SQIMLT74AfdFyEKes0GPyg2XAoDqGqqX5FDizwRea8nIVTqtK53hPorPKOPvGF3dA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376645; c=relaxed/simple; bh=ehliGmnl1/v4OS1SBQ/1Yg/WkwK3kW52iOkryOLCfho=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nbwU34IGhjk97ERfPGdTZpM9awCvXzTQAfVVAD9EprRAa0Xx8UZhMGo4/w9zkVpcAyqjSOYh3wWJckLQ2kK3RKk2qFcxIDYMNieHYdOVqrZFJa3Y/M0MMt+Ic/Y0ftEJqrVj0LbjXHwE9Pk4HEoxx9WlVdesqmHR3TXIRdqVUD0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=FMzhZ5fd; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="FMzhZ5fd" Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id DCDE83FE20 for ; Tue, 3 Sep 2024 15:17:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376641; bh=0EwUiOf4L2/aseOZrM6YVYPxFzCl5APUlbrPGfv+97I=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=FMzhZ5fdMLpcaqZyivI941BaUfUrRwNqqMBvai9wiPMw66yfj/BDGgH6dBtlWbniu BiBo+QsO1xUSsRI25NPe0H44Eo9HJ9NaaHpegGtY16xFGt4O1WJgIIN35ffQ8xWiWQ SsLvAy5L9gUbwqioWL7EYR3bbYDhe0stCw4ZkC4vW8bVWLusnpyUXoIeNpwF00P7+Y xzP6ibhRmtX7o0VCXRr0JdLcIHCHVK0uPRvgCICiemDTk6nISRJKDDOu/MrFZi3llF OxB8WMbzJ/Ptw+4xgbCFwEHxasYXML5q1wPV0BUZuOkNiDhMNwQyonxUnQn3YHsfMg fuWI0KfQovHOg== Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-5c25d413306so1883852a12.1 for ; Tue, 03 Sep 2024 08:17:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376641; x=1725981441; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0EwUiOf4L2/aseOZrM6YVYPxFzCl5APUlbrPGfv+97I=; b=WFLpqavm5MED8B1boBY6WvfPOr+og4eCXzKAgQC76h5cudYDWEAi0oQKg96PXU784L xANOoCHjIo+zHjWWoOpNInEN1NXar0Qhq4S9NFGa0zR3lHs2U1MxW5B0J+GrePZyJ3VB 63pxbpo2GYAt828ziQH2wX5fcVxdXUlrKB2F8k0miZJh+2Q1gwbKvehwYvSQ3xtmrA25 fcp0uOqj7CBa3i/Rafgwz8UQlilEbG1kFK1XUmZliD6rS5IWF5JSV66l9UUFYAlcNLAj 25mmU2IQp0X5XVnNtx2mbyryEAXmWYrX+D6/L6Gm9ZA/sftNpLBM/3PTfM17XBI80wOv jK0A== X-Forwarded-Encrypted: i=1; AJvYcCV8sCRO09ld1qFn2ColcBWb+Z/nakKgjN9tKyzzyJlEq/CjowG+XA0k92BRQZgBtAGT/MQJp9xd4D2AVas=@vger.kernel.org X-Gm-Message-State: AOJu0Yy00JdxuRuNewnb6d04+whSidu5/H5IZ1+rVDAHan6kvlht949Z ktfbA8u6qs3uwXDjgxdR3BhmG5OOCRABpORXNR1ZaCgMjZonNkZvRfcR1Gw5lbkYLgpRNTxedtg eRBpUz3L68wcBD3fFofumJzSqEiWUfRqs6CQQaiKhTkaa+QS0TnPfePGXwtHoK7IDtUllujKyJ9 jloA== X-Received: by 2002:a17:906:6a05:b0:a7a:c106:364f with SMTP id a640c23a62f3a-a89d8848ef5mr664472966b.43.1725376641017; Tue, 03 Sep 2024 08:17:21 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFuhIDZFbjriLVnYlTwRiB6qVXiOIP9ae8CETX4GnhIzLIqUwYrJLE5OqCJ4zuyI2v2otWlOA== X-Received: by 2002:a17:906:6a05:b0:a7a:c106:364f with SMTP id a640c23a62f3a-a89d8848ef5mr664471266b.43.1725376640573; Tue, 03 Sep 2024 08:17:20 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:20 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , linux-kernel@vger.kernel.org Subject: [PATCH v4 14/15] fs/fuse: allow idmapped mounts Date: Tue, 3 Sep 2024 17:16:25 +0200 Message-Id: <20240903151626.264609-15-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now we have everything in place and we can allow idmapped mounts by setting the FS_ALLOW_IDMAP flag. Notice that real availability of idmapped mounts will depend on the fuse daemon. Fuse daemon have to set FUSE_ALLOW_IDMAP flag in the FUSE_INIT reply. To discuss: - we enable idmapped mounts support only if "default_permissions" mode is e= nabled, because otherwise we would need to deal with UID/GID mappings in the usersp= ace side OR provide the userspace with idmapped req->in.h.uid/req->in.h.gid values whic= h is not something that we probably want to. Idmapped mounts phylosophy is not about= faking caller uid/gid. Some extra links and examples: - libfuse support https://github.com/mihalicyn/libfuse/commits/idmap_support - fuse-overlayfs support: https://github.com/mihalicyn/fuse-overlayfs/commits/idmap_support - cephfs-fuse conversion example https://github.com/mihalicyn/ceph/commits/fuse_idmap - glusterfs conversion example https://github.com/mihalicyn/glusterfs/commits/fuse_idmap Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- v2: - simplified and get rid of ->allow_idmap global VFS callback v3: - now use a new SB_I_NOIDMAP flag v4: - small rebase changes --- fs/fuse/inode.c | 12 +++++++++--- include/uapi/linux/fuse.h | 20 +++++++++++++++++++- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 2e26810066e8..9f9456d3e466 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -1343,6 +1343,12 @@ static void process_init_reply(struct fuse_mount *fm= , struct fuse_args *args, } if (flags & FUSE_NO_EXPORT_SUPPORT) fm->sb->s_export_op =3D &fuse_export_fid_operations; + if (flags & FUSE_ALLOW_IDMAP) { + if (fc->default_permissions) + fm->sb->s_iflags &=3D ~SB_I_NOIDMAP; + else + ok =3D false; + } } else { ra_pages =3D fc->max_read / PAGE_SIZE; fc->no_lock =3D 1; @@ -1390,7 +1396,7 @@ void fuse_send_init(struct fuse_mount *fm) FUSE_HANDLE_KILLPRIV_V2 | FUSE_SETXATTR_EXT | FUSE_INIT_EXT | FUSE_SECURITY_CTX | FUSE_CREATE_SUPP_GROUP | FUSE_HAS_EXPIRE_ONLY | FUSE_DIRECT_IO_ALLOW_MMAP | - FUSE_NO_EXPORT_SUPPORT | FUSE_HAS_RESEND; + FUSE_NO_EXPORT_SUPPORT | FUSE_HAS_RESEND | FUSE_ALLOW_IDMAP; #ifdef CONFIG_FUSE_DAX if (fm->fc->dax) flags |=3D FUSE_MAP_ALIGNMENT; @@ -1980,7 +1986,7 @@ static void fuse_kill_sb_anon(struct super_block *sb) static struct file_system_type fuse_fs_type =3D { .owner =3D THIS_MODULE, .name =3D "fuse", - .fs_flags =3D FS_HAS_SUBTYPE | FS_USERNS_MOUNT, + .fs_flags =3D FS_HAS_SUBTYPE | FS_USERNS_MOUNT | FS_ALLOW_IDMAP, .init_fs_context =3D fuse_init_fs_context, .parameters =3D fuse_fs_parameters, .kill_sb =3D fuse_kill_sb_anon, @@ -2001,7 +2007,7 @@ static struct file_system_type fuseblk_fs_type =3D { .init_fs_context =3D fuse_init_fs_context, .parameters =3D fuse_fs_parameters, .kill_sb =3D fuse_kill_sb_blk, - .fs_flags =3D FS_REQUIRES_DEV | FS_HAS_SUBTYPE, + .fs_flags =3D FS_REQUIRES_DEV | FS_HAS_SUBTYPE | FS_ALLOW_IDMAP, }; MODULE_ALIAS_FS("fuseblk"); =20 diff --git a/include/uapi/linux/fuse.h b/include/uapi/linux/fuse.h index 2ccf38181df2..f1e99458e29e 100644 --- a/include/uapi/linux/fuse.h +++ b/include/uapi/linux/fuse.h @@ -217,6 +217,9 @@ * - add backing_id to fuse_open_out, add FOPEN_PASSTHROUGH open flag * - add FUSE_NO_EXPORT_SUPPORT init flag * - add FUSE_NOTIFY_RESEND, add FUSE_HAS_RESEND init flag + * + * 7.41 + * - add FUSE_ALLOW_IDMAP */ =20 #ifndef _LINUX_FUSE_H @@ -252,7 +255,7 @@ #define FUSE_KERNEL_VERSION 7 =20 /** Minor version number of this interface */ -#define FUSE_KERNEL_MINOR_VERSION 40 +#define FUSE_KERNEL_MINOR_VERSION 41 =20 /** The node ID of the root inode */ #define FUSE_ROOT_ID 1 @@ -421,6 +424,7 @@ struct fuse_file_lock { * FUSE_NO_EXPORT_SUPPORT: explicitly disable export support * FUSE_HAS_RESEND: kernel supports resending pending requests, and the hi= gh bit * of the request ID indicates resend requests + * FUSE_ALLOW_IDMAP: allow creation of idmapped mounts */ #define FUSE_ASYNC_READ (1 << 0) #define FUSE_POSIX_LOCKS (1 << 1) @@ -466,6 +470,7 @@ struct fuse_file_lock { =20 /* Obsolete alias for FUSE_DIRECT_IO_ALLOW_MMAP */ #define FUSE_DIRECT_IO_RELAX FUSE_DIRECT_IO_ALLOW_MMAP +#define FUSE_ALLOW_IDMAP (1ULL << 40) =20 /** * CUSE INIT request/reply flags @@ -984,6 +989,19 @@ struct fuse_fallocate_in { */ #define FUSE_UNIQUE_RESEND (1ULL << 63) =20 +/** + * This value will be set by the kernel to + * (struct fuse_in_header).{uid,gid} fields in + * case when: + * - fuse daemon enabled FUSE_ALLOW_IDMAP + * - idmapping information is not available and uid/gid + * can not be mapped in accordance with an idmapping. + * + * Note: an idmapping information always available + * for inode creation operations like: + * FUSE_MKNOD, FUSE_SYMLINK, FUSE_MKDIR, FUSE_TMPFILE, + * FUSE_CREATE and FUSE_RENAME2 (with RENAME_WHITEOUT). + */ #define FUSE_INVALID_UIDGID ((uint32_t)(-1)) =20 struct fuse_in_header { --=20 2.34.1 From nobody Fri Dec 26 09:37:22 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDC5A1990D6 for ; Tue, 3 Sep 2024 15:17:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376648; cv=none; b=IgeMRi7KMkJRwnkt/eERhHuN6SdUuSRbP15mF9wjhiMh9m+iBwPB7xLy/hFLUQLyFXVxhNhmnVIzQ10jR/wcAAwBfg1J271KVmByHfEG4oYCs0OgootYSp1brSuY/xDLwYVi0C9LmMxweg8GQFazuAc91k49guHp+46cj71E4VI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725376648; c=relaxed/simple; bh=I5Ej9tXxsELnQaLpNn7Un8jHm6ABGkNJE4SsL33oa8Y=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=oBA8jySjhKdcp+X0apqciCw0dPKbztBQeH2p0/16q/BAABnFWyi2S2atniA9pTk80bPpd2pvJKP1WDowzDV9V5Pk/eXAx4J6NcIBZc0wU3Yz8lHk3PPyvtzc/+5pixe2DLWAgifN1Z1T2AjZV8J84lbpg2yOF+TMv51+TrAI9dE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=HG7/5GNb; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="HG7/5GNb" Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 18A443FB55 for ; Tue, 3 Sep 2024 15:17:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1725376645; bh=8g+CuHEOVaIi/oyMU4FT/dyfPKPOx4hjrvyEeKrnVIU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=HG7/5GNbDUmiyyRzW2SN6AoT/es/4rYyz5X5EnTFZbEKGbXE6o7QbjoFhx125lB8r bJsVya2OF0F4hwMChufY16gRclm3zOaXYpRmg6Em/X7ATKCHIqbVYQxC/e1dOIRc87 zt3YFd6ehlrwNeLWa6kHprL3rMFkTDUKaQR48lKT80pwYWhBGikdTkElEjMK7NHjKY uwuNKdDbFkuM3JAgG0d3JpMovM0bB+AwzOu3WmslxdEVapAILanKsdbRdoEnBBFejj PPA2NuWszzgnbIyegRVTxdysUUoxeOQQLlP7eh0/NqvwNYPDM+fvBDUCBkNRDNeiw5 q0EltV9i7ORTA== Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-53349c739d0so1052058e87.1 for ; Tue, 03 Sep 2024 08:17:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725376644; x=1725981444; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8g+CuHEOVaIi/oyMU4FT/dyfPKPOx4hjrvyEeKrnVIU=; b=HYANxq+53yzKsNhKiQgBXf29WiN2TAdqX+PpK4nHsGbrACFrNldWP282LLC1SGPbhz vySHjHxcWVf+OQH8waM3LXGZq8x/kN6YA8MdKhSLsuDhvdCJYY41qx2bHYQzYZr+cc/P mHdIJA62qJx8UmLQohb13OJFUVVMrqmZoBM1pI9jV2BB5FdzDyZi9ckmlYvBAtBGbH4W 2BBQfUCs9NPVrJMZURxftw9iLs8c0cZHZheKYWjatn3rMov8FeeA3Y51w6UKBdnS8PmW e7JPv+a8JsGS1KyZIdxy0yz4ILyXSIRzpQvrha+dxW9SFREnyALvlk1vUsYnanhdKvCF 0/kA== X-Forwarded-Encrypted: i=1; AJvYcCX6XGA/V4N3fnEDg+jrkVam9EBP54LqSNQNSwYObhm94m3dC3bC3dFF+GncuG5nvE/BInhOFGPDUAbNpCA=@vger.kernel.org X-Gm-Message-State: AOJu0YxIVVUgL2QV87xu9MkpKzn/95RrBNgv8A+D00UfKSFF6zfBO+EC b+xVCBhjwGbLPbkdbA9T1xSzjwo4NoaoRAaTDggdC7qvDyYw3EzdAN+I9H6klQRAyKNNpYrgMrQ T4zizqh4OFFL432Elb1TVY1Q05F5peBJfGrGuZfm5sb7DLF/I/g8xVvkzi6qAjekSjH443FH/3O leHQ== X-Received: by 2002:a05:6512:3ca3:b0:52c:def3:44b with SMTP id 2adb3069b0e04-53546b2b5e7mr8720706e87.31.1725376643656; Tue, 03 Sep 2024 08:17:23 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF+bq1GZV9X9d7kfysJWIp+YqAiYHgnriynd3aEYFL4ojAqTYw0oKyoeFn1hFPXtYAGSanyXw== X-Received: by 2002:a05:6512:3ca3:b0:52c:def3:44b with SMTP id 2adb3069b0e04-53546b2b5e7mr8720683e87.31.1725376643137; Tue, 03 Sep 2024 08:17:23 -0700 (PDT) Received: from amikhalitsyn.. ([188.192.113.77]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a8a19afb108sm156377166b.223.2024.09.03.08.17.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 03 Sep 2024 08:17:22 -0700 (PDT) From: Alexander Mikhalitsyn To: mszeredi@redhat.com Cc: brauner@kernel.org, stgraber@stgraber.org, linux-fsdevel@vger.kernel.org, Seth Forshee , Miklos Szeredi , Vivek Goyal , German Maglione , Amir Goldstein , Bernd Schubert , Alexander Mikhalitsyn , Stefan Hajnoczi , =?UTF-8?q?Eugenio=20P=C3=A9rez?= , linux-kernel@vger.kernel.org, virtualization@lists.linux.dev Subject: [PATCH v4 15/15] fs/fuse/virtio_fs: allow idmapped mounts Date: Tue, 3 Sep 2024 17:16:26 +0200 Message-Id: <20240903151626.264609-16-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> References: <20240903151626.264609-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Allow idmapped mounts for virtiofs. It's absolutely safe as for virtiofs we have the same feature negotiation mechanism as for classical fuse filesystems. This does not affect any existing setups anyhow. virtiofsd support: https://gitlab.com/virtio-fs/virtiofsd/-/merge_requests/245 Cc: Christian Brauner Cc: Seth Forshee Cc: Miklos Szeredi Cc: Vivek Goyal Cc: German Maglione Cc: Amir Goldstein Cc: Bernd Schubert Cc: Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- v3: - this commit added --- fs/fuse/virtio_fs.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index dd5260141615..7e5bbaef6f76 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -1628,6 +1628,7 @@ static struct file_system_type virtio_fs_type =3D { .name =3D "virtiofs", .init_fs_context =3D virtio_fs_init_fs_context, .kill_sb =3D virtio_kill_sb, + .fs_flags =3D FS_ALLOW_IDMAP, }; =20 static int virtio_fs_uevent(const struct kobject *kobj, struct kobj_uevent= _env *env) --=20 2.34.1