lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240120-zeitmanagement-abbezahlen-8a3e2b5de72a@brauner>
Date: Sat, 20 Jan 2024 16:23:38 +0100
From: Christian Brauner <brauner@...nel.org>
To: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
Cc: mszeredi@...hat.com, stgraber@...raber.org, 
	linux-fsdevel@...r.kernel.org, Seth Forshee <sforshee@...nel.org>, 
	Miklos Szeredi <miklos@...redi.hu>, Amir Goldstein <amir73il@...il.com>, 
	Bernd Schubert <bschubert@....com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 6/9] fs/fuse: support idmapped ->setattr op

On Mon, Jan 08, 2024 at 01:08:21PM +0100, Alexander Mikhalitsyn wrote:
> Cc: Christian Brauner <brauner@...nel.org>
> Cc: Seth Forshee <sforshee@...nel.org>
> Cc: Miklos Szeredi <miklos@...redi.hu>
> Cc: Amir Goldstein <amir73il@...il.com>
> Cc: Bernd Schubert <bschubert@....com>
> Cc: <linux-fsdevel@...r.kernel.org>
> Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
> ---
>  fs/fuse/dir.c    | 32 +++++++++++++++++++++-----------
>  fs/fuse/file.c   |  2 +-
>  fs/fuse/fuse_i.h |  4 ++--
>  3 files changed, 24 insertions(+), 14 deletions(-)
> 
> diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
> index f7c2c54f7122..5fbb7100ad1c 100644
> --- a/fs/fuse/dir.c
> +++ b/fs/fuse/dir.c
> @@ -1739,17 +1739,27 @@ static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
>  	return true;
>  }
>  
> -static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
> -			   struct fuse_setattr_in *arg, bool trust_local_cmtime)
> +static void iattr_to_fattr(struct mnt_idmap *idmap, struct fuse_conn *fc,
> +			   struct iattr *iattr, struct fuse_setattr_in *arg,
> +			   bool trust_local_cmtime)
>  {
>  	unsigned ivalid = iattr->ia_valid;
>  
>  	if (ivalid & ATTR_MODE)
>  		arg->valid |= FATTR_MODE,   arg->mode = iattr->ia_mode;
> -	if (ivalid & ATTR_UID)
> -		arg->valid |= FATTR_UID,    arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
> -	if (ivalid & ATTR_GID)
> -		arg->valid |= FATTR_GID,    arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
> +
> +	if (ivalid & ATTR_UID) {
> +		kuid_t fsuid = from_vfsuid(idmap, fc->user_ns, iattr->ia_vfsuid);
> +		arg->valid |= FATTR_UID;
> +		arg->uid = from_kuid(fc->user_ns, fsuid);
> +	}
> +
> +	if (ivalid & ATTR_GID) {
> +		kgid_t fsgid = from_vfsgid(idmap, fc->user_ns, iattr->ia_vfsgid);
> +		arg->valid |= FATTR_GID;
> +		arg->gid = from_kgid(fc->user_ns, fsgid);
> +	}
> +
>  	if (ivalid & ATTR_SIZE)
>  		arg->valid |= FATTR_SIZE,   arg->size = iattr->ia_size;
>  	if (ivalid & ATTR_ATIME) {
> @@ -1869,8 +1879,8 @@ int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
>   * vmtruncate() doesn't allow for this case, so do the rlimit checking
>   * and the actual truncation by hand.
>   */
> -int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
> -		    struct file *file)
> +int fuse_do_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
> +		    struct iattr *attr, struct file *file)
>  {
>  	struct inode *inode = d_inode(dentry);
>  	struct fuse_mount *fm = get_fuse_mount(inode);
> @@ -1890,7 +1900,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
>  	if (!fc->default_permissions)
>  		attr->ia_valid |= ATTR_FORCE;
>  
> -	err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
> +	err = setattr_prepare(idmap, dentry, attr);
>  	if (err)
>  		return err;
>  
> @@ -1949,7 +1959,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
>  
>  	memset(&inarg, 0, sizeof(inarg));
>  	memset(&outarg, 0, sizeof(outarg));
> -	iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
> +	iattr_to_fattr(idmap, fc, attr, &inarg, trust_local_cmtime);
>  	if (file) {
>  		struct fuse_file *ff = file->private_data;
>  		inarg.valid |= FATTR_FH;
> @@ -2084,7 +2094,7 @@ static int fuse_setattr(struct mnt_idmap *idmap, struct dentry *entry,
>  	if (!attr->ia_valid)
>  		return 0;
>  
> -	ret = fuse_do_setattr(entry, attr, file);
> +	ret = fuse_do_setattr(idmap, entry, attr, file);
>  	if (!ret) {
>  		/*
>  		 * If filesystem supports acls it may have updated acl xattrs in
> diff --git a/fs/fuse/file.c b/fs/fuse/file.c
> index a660f1f21540..e0fe5497a548 100644
> --- a/fs/fuse/file.c
> +++ b/fs/fuse/file.c
> @@ -2870,7 +2870,7 @@ static void fuse_do_truncate(struct file *file)
>  	attr.ia_file = file;
>  	attr.ia_valid |= ATTR_FILE;
>  
> -	fuse_do_setattr(file_dentry(file), &attr, file);
> +	fuse_do_setattr(&nop_mnt_idmap, file_dentry(file), &attr, file);

Same as for the other patch. Please leave a comment in the commit
message that briefly explains why it's ok to pass &nop_mnt_idmap here.
It'll help us later. :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ