forked from Minki/linux
b27c82e129
Now that we introduced new infrastructure to increase the type safety
for filesystems supporting idmapped mounts port the first part of the
vfs over to them.
This ports the attribute changes codepaths to rely on the new better
helpers using a dedicated type.
Before this change we used to take a shortcut and place the actual
values that would be written to inode->i_{g,u}id into struct iattr. This
had the advantage that we moved idmappings mostly out of the picture
early on but it made reasoning about changes more difficult than it
should be.
The filesystem was never explicitly told that it dealt with an idmapped
mount. The transition to the value that needed to be stored in
inode->i_{g,u}id appeared way too early and increased the probability of
bugs in various codepaths.
We know place the same value in struct iattr no matter if this is an
idmapped mount or not. The vfs will only deal with type safe
vfs{g,u}id_t. This makes it massively safer to perform permission checks
as the type will tell us what checks we need to perform and what helpers
we need to use.
Fileystems raising FS_ALLOW_IDMAP can't simply write ia_vfs{g,u}id to
inode->i_{g,u}id since they are different types. Instead they need to
use the dedicated vfs{g,u}id_to_k{g,u}id() helpers that map the
vfs{g,u}id into the filesystem.
The other nice effect is that filesystems like overlayfs don't need to
care about idmappings explicitly anymore and can simply set up struct
iattr accordingly directly.
Link: https://lore.kernel.org/lkml/CAHk-=win6+ahs1EwLkcq8apqLi_1wXFWbrPf340zYEhObpz4jA@mail.gmail.com [1]
Link: https://lore.kernel.org/r/20220621141454.2914719-9-brauner@kernel.org
Cc: Seth Forshee <sforshee@digitalocean.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
CC: linux-fsdevel@vger.kernel.org
Reviewed-by: Seth Forshee <sforshee@digitalocean.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
|
||
|---|---|---|
| .. | ||
| .kunitconfig | ||
| acl.c | ||
| acl.h | ||
| balloc.c | ||
| bitmap.c | ||
| block_validity.c | ||
| crypto.c | ||
| dir.c | ||
| ext4_extents.h | ||
| ext4_jbd2.c | ||
| ext4_jbd2.h | ||
| ext4.h | ||
| extents_status.c | ||
| extents_status.h | ||
| extents.c | ||
| fast_commit.c | ||
| fast_commit.h | ||
| file.c | ||
| fsmap.c | ||
| fsmap.h | ||
| fsync.c | ||
| hash.c | ||
| ialloc.c | ||
| indirect.c | ||
| inline.c | ||
| inode-test.c | ||
| inode.c | ||
| ioctl.c | ||
| Kconfig | ||
| Makefile | ||
| mballoc.c | ||
| mballoc.h | ||
| migrate.c | ||
| mmp.c | ||
| move_extent.c | ||
| namei.c | ||
| orphan.c | ||
| page-io.c | ||
| readpage.c | ||
| resize.c | ||
| super.c | ||
| symlink.c | ||
| sysfs.c | ||
| truncate.h | ||
| verity.c | ||
| xattr_hurd.c | ||
| xattr_security.c | ||
| xattr_trusted.c | ||
| xattr_user.c | ||
| xattr.c | ||
| xattr.h | ||