lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230602-vorzeichen-praktikum-f17931692301@brauner>
Date:   Fri, 2 Jun 2023 14:53:58 +0200
From:   Christian Brauner <brauner@...nel.org>
To:     Aleksandr Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
Cc:     Xiubo Li <xiubli@...hat.com>, stgraber@...ntu.com,
        linux-fsdevel@...r.kernel.org,
        Christian Brauner <christian.brauner@...ntu.com>,
        Jeff Layton <jlayton@...nel.org>,
        Ilya Dryomov <idryomov@...il.com>, ceph-devel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 10/13] ceph: allow idmapped setattr inode op

On Fri, Jun 02, 2023 at 02:45:30PM +0200, Aleksandr Mikhalitsyn wrote:
> On Fri, Jun 2, 2023 at 3:30 AM Xiubo Li <xiubli@...hat.com> wrote:
> >
> >
> > On 5/24/23 23:33, Alexander Mikhalitsyn wrote:
> > > From: Christian Brauner <christian.brauner@...ntu.com>
> > >
> > > Enable __ceph_setattr() to handle idmapped mounts. This is just a matter
> > > of passing down the mount's idmapping.
> > >
> > > Cc: Jeff Layton <jlayton@...nel.org>
> > > Cc: Ilya Dryomov <idryomov@...il.com>
> > > Cc: ceph-devel@...r.kernel.org
> > > Signed-off-by: Christian Brauner <christian.brauner@...ntu.com>
> > > Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
> > > ---
> > >   fs/ceph/inode.c | 11 +++++++++--
> > >   1 file changed, 9 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> > > index 37e1cbfc7c89..f1f934439be0 100644
> > > --- a/fs/ceph/inode.c
> > > +++ b/fs/ceph/inode.c
> > > @@ -2050,6 +2050,13 @@ int __ceph_setattr(struct inode *inode, struct iattr *attr)
> > >
> > >       dout("setattr %p issued %s\n", inode, ceph_cap_string(issued));
> > >
> > > +     /*
> > > +      * The attr->ia_{g,u}id members contain the target {g,u}id we're

This is now obsolete... In earlier imlementations attr->ia_{g,u}id was
used and contained the filesystem wide value, not the idmapped mount
value.

However, this was misleading and we changed that in commit b27c82e12965
("attr: port attribute changes to new types") and introduced dedicated
new types into struct iattr->ia_vfs{g,u}id. So the you need to use
attr->ia_vfs{g,u}id as documented in include/linux/fs.h and you need to
transform them into filesystem wide values and then to raw values you
send over the wire.

Alex should be able to figure this out though.

> > > +      * sending over the wire. The mount idmapping only matters when we
> > > +      * create new filesystem objects based on the caller's mapped
> > > +      * fs{g,u}id.
> > > +      */
> > > +     req->r_mnt_idmap = &nop_mnt_idmap;
> >
> > For example with an idmapping 1000:0 and in the /mnt/idmapped_ceph/.
> >
> > This means the "__ceph_setattr()" will always use UID 0 to set the
> > caller_uid, right ? If it is then the client auth checking for the
> 
> Yes, if you have a mapping like b:1000:0:1 (the last number is a
> length of a mapping). It means even more,
> the only user from which you can create something on the filesystem
> will be UID = 0,
> because all other UIDs/GIDs are not mapped and you'll instantly get
> -EOVERFLOW from the kernel.
> 
> > setattr requests in cephfs MDS will succeed, since the UID 0 is root.
> > But if you use a different idmapping, such as 1000:2000, it will fail.
> 
> If you have a mapping b:1000:2000:1 then the only valid UID/GID from
> which you can create something
> on an idmapped mount will be UID/GID = 2000:2000 (and this will be
> mapped to 1000:1000 and sent over the wire,
> because we performing an idmapping procedure for requests those are
> creating inodes).
> So, even root with UID = 0 will not be able to create a file on such a
> mount and get -EOVERFLOW.
> 
> >
> > So here IMO we should set it to 'idmap' too ?
> 
> Good question. I can't see any obvious issue with setting an actual
> idmapping here.
> It will be interesting to know Christian's opinion about this.
> 
> Kind regards,
> Alex
> 
> >
> > Thanks
> >
> > - Xiubo
> >
> > >       if (ia_valid & ATTR_UID) {
> > >               dout("setattr %p uid %d -> %d\n", inode,
> > >                    from_kuid(&init_user_ns, inode->i_uid),
> > > @@ -2240,7 +2247,7 @@ int ceph_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
> > >       if (ceph_inode_is_shutdown(inode))
> > >               return -ESTALE;
> > >
> > > -     err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
> > > +     err = setattr_prepare(idmap, dentry, attr);
> > >       if (err != 0)
> > >               return err;
> > >
> > > @@ -2255,7 +2262,7 @@ int ceph_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
> > >       err = __ceph_setattr(inode, attr);
> > >
> > >       if (err >= 0 && (attr->ia_valid & ATTR_MODE))
> > > -             err = posix_acl_chmod(&nop_mnt_idmap, dentry, attr->ia_mode);
> > > +             err = posix_acl_chmod(idmap, dentry, attr->ia_mode);
> > >
> > >       return err;
> > >   }
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ