lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 2 Jun 2023 09:43:36 +0800
From:   Xiubo Li <xiubli@...hat.com>
To:     Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
Cc:     brauner@...nel.org, stgraber@...ntu.com,
        linux-fsdevel@...r.kernel.org,
        Christian Brauner <christian.brauner@...ntu.com>,
        Jeff Layton <jlayton@...nel.org>,
        Ilya Dryomov <idryomov@...il.com>, ceph-devel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 08/13] ceph: allow idmapped getattr inode op


On 5/24/23 23:33, Alexander Mikhalitsyn wrote:
> From: Christian Brauner <christian.brauner@...ntu.com>
>
> Enable ceph_getattr() to handle idmapped mounts. This is just a matter
> of passing down the mount's idmapping.
>
> Cc: Jeff Layton <jlayton@...nel.org>
> Cc: Ilya Dryomov <idryomov@...il.com>
> Cc: ceph-devel@...r.kernel.org
> Signed-off-by: Christian Brauner <christian.brauner@...ntu.com>
> Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
> ---
>   fs/ceph/inode.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> index 8e5f41d45283..2e988612ed6c 100644
> --- a/fs/ceph/inode.c
> +++ b/fs/ceph/inode.c
> @@ -2465,7 +2465,7 @@ int ceph_getattr(struct mnt_idmap *idmap, const struct path *path,
>   			return err;
>   	}
>   
> -	generic_fillattr(&nop_mnt_idmap, inode, stat);
> +	generic_fillattr(idmap, inode, stat);
>   	stat->ino = ceph_present_inode(inode);
>   
>   	/*

As mentioned in my comment in "[PATCH v2 10/13] ceph: allow idmapped 
setattr inode op". The getattr requests may fail too in the MDS when 
doing the client auth checking.

So for all the requests we should always get the correct UID/GID instead 
of only for the creating requests, then we can make sure that the idmap 
is only a feature in client side and then in cephfs MDS side it will 
always get a consistent UID/GID no matter what idmappings the clients 
are using.

Right ?

Thanks

- Xiubo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ