lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240129164849.f3f194a800d88fd26a373203@canonical.com>
Date: Mon, 29 Jan 2024 16:48:49 +0100
From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
To: Christian Brauner <brauner@...nel.org>
Cc: mszeredi@...hat.com, stgraber@...raber.org,
 linux-fsdevel@...r.kernel.org, Seth Forshee <sforshee@...nel.org>, Miklos
 Szeredi <miklos@...redi.hu>, Amir Goldstein <amir73il@...il.com>, Bernd
 Schubert <bschubert@....com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 6/9] fs/fuse: support idmapped ->setattr op

On Sat, 20 Jan 2024 16:23:38 +0100
Christian Brauner <brauner@...nel.org> wrote:

> On Mon, Jan 08, 2024 at 01:08:21PM +0100, Alexander Mikhalitsyn wrote:
> > Cc: Christian Brauner <brauner@...nel.org>
> > Cc: Seth Forshee <sforshee@...nel.org>
> > Cc: Miklos Szeredi <miklos@...redi.hu>
> > Cc: Amir Goldstein <amir73il@...il.com>
> > Cc: Bernd Schubert <bschubert@....com>
> > Cc: <linux-fsdevel@...r.kernel.org>
> > Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
> > ---
> >  fs/fuse/dir.c    | 32 +++++++++++++++++++++-----------
> >  fs/fuse/file.c   |  2 +-
> >  fs/fuse/fuse_i.h |  4 ++--
> >  3 files changed, 24 insertions(+), 14 deletions(-)
> > 
> > diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
> > index f7c2c54f7122..5fbb7100ad1c 100644
> > --- a/fs/fuse/dir.c
> > +++ b/fs/fuse/dir.c
> > @@ -1739,17 +1739,27 @@ static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
> >  	return true;
> >  }
> >  
> > -static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
> > -			   struct fuse_setattr_in *arg, bool trust_local_cmtime)
> > +static void iattr_to_fattr(struct mnt_idmap *idmap, struct fuse_conn *fc,
> > +			   struct iattr *iattr, struct fuse_setattr_in *arg,
> > +			   bool trust_local_cmtime)
> >  {
> >  	unsigned ivalid = iattr->ia_valid;
> >  
> >  	if (ivalid & ATTR_MODE)
> >  		arg->valid |= FATTR_MODE,   arg->mode = iattr->ia_mode;
> > -	if (ivalid & ATTR_UID)
> > -		arg->valid |= FATTR_UID,    arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
> > -	if (ivalid & ATTR_GID)
> > -		arg->valid |= FATTR_GID,    arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
> > +
> > +	if (ivalid & ATTR_UID) {
> > +		kuid_t fsuid = from_vfsuid(idmap, fc->user_ns, iattr->ia_vfsuid);
> > +		arg->valid |= FATTR_UID;
> > +		arg->uid = from_kuid(fc->user_ns, fsuid);
> > +	}
> > +
> > +	if (ivalid & ATTR_GID) {
> > +		kgid_t fsgid = from_vfsgid(idmap, fc->user_ns, iattr->ia_vfsgid);
> > +		arg->valid |= FATTR_GID;
> > +		arg->gid = from_kgid(fc->user_ns, fsgid);
> > +	}
> > +
> >  	if (ivalid & ATTR_SIZE)
> >  		arg->valid |= FATTR_SIZE,   arg->size = iattr->ia_size;
> >  	if (ivalid & ATTR_ATIME) {
> > @@ -1869,8 +1879,8 @@ int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
> >   * vmtruncate() doesn't allow for this case, so do the rlimit checking
> >   * and the actual truncation by hand.
> >   */
> > -int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
> > -		    struct file *file)
> > +int fuse_do_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
> > +		    struct iattr *attr, struct file *file)
> >  {
> >  	struct inode *inode = d_inode(dentry);
> >  	struct fuse_mount *fm = get_fuse_mount(inode);
> > @@ -1890,7 +1900,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
> >  	if (!fc->default_permissions)
> >  		attr->ia_valid |= ATTR_FORCE;
> >  
> > -	err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
> > +	err = setattr_prepare(idmap, dentry, attr);
> >  	if (err)
> >  		return err;
> >  
> > @@ -1949,7 +1959,7 @@ int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
> >  
> >  	memset(&inarg, 0, sizeof(inarg));
> >  	memset(&outarg, 0, sizeof(outarg));
> > -	iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
> > +	iattr_to_fattr(idmap, fc, attr, &inarg, trust_local_cmtime);
> >  	if (file) {
> >  		struct fuse_file *ff = file->private_data;
> >  		inarg.valid |= FATTR_FH;
> > @@ -2084,7 +2094,7 @@ static int fuse_setattr(struct mnt_idmap *idmap, struct dentry *entry,
> >  	if (!attr->ia_valid)
> >  		return 0;
> >  
> > -	ret = fuse_do_setattr(entry, attr, file);
> > +	ret = fuse_do_setattr(idmap, entry, attr, file);
> >  	if (!ret) {
> >  		/*
> >  		 * If filesystem supports acls it may have updated acl xattrs in
> > diff --git a/fs/fuse/file.c b/fs/fuse/file.c
> > index a660f1f21540..e0fe5497a548 100644
> > --- a/fs/fuse/file.c
> > +++ b/fs/fuse/file.c
> > @@ -2870,7 +2870,7 @@ static void fuse_do_truncate(struct file *file)
> >  	attr.ia_file = file;
> >  	attr.ia_valid |= ATTR_FILE;
> >  
> > -	fuse_do_setattr(file_dentry(file), &attr, file);
> > +	fuse_do_setattr(&nop_mnt_idmap, file_dentry(file), &attr, file);
> 
> Same as for the other patch. Please leave a comment in the commit
> message that briefly explains why it's ok to pass &nop_mnt_idmap here.
> It'll help us later. :)

Sure, will be fixed in -v2 ;-)

Explanation here is that in this specific case attr.ia_valid = ATTR_SIZE | ATTR_FILE,
which but we only need an idmapping for ATTR_UID | ATTR_GID.

>From the other side, having struct file pointer means that getting an idmapping as easy as file_mnt_idmap(file),
and probably it's easier to pass an idmapping in this specific case rather than skipping it for a valid reasons.
What do you think about this?

Kind regards,
Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ