tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
userns: Convert ext4 to user kuid/kgid where appropriate
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
+56
-37
+2
-2
fs/ext4/balloc.c
+2
-2
fs/ext4/balloc.c
···
461
461
return 1;
462
462
463
463
/* Hm, nope. Are (enough) root reserved clusters available? */
464
-
if (sbi->s_resuid == current_fsuid() ||
465
-
((sbi->s_resgid != 0) && in_group_p(sbi->s_resgid)) ||
464
+
if (uid_eq(sbi->s_resuid, current_fsuid()) ||
465
+
(!gid_eq(sbi->s_resgid, GLOBAL_ROOT_GID) && in_group_p(sbi->s_resgid)) ||
466
466
capable(CAP_SYS_RESOURCE) ||
467
467
(flags & EXT4_MB_USE_ROOT_BLOCKS)) {
468
468
+2
-2
fs/ext4/ext4.h
+2
-2
fs/ext4/ext4.h
···
1153
1153
unsigned int s_mount_flags;
1154
1154
unsigned int s_def_mount_opt;
1155
1155
ext4_fsblk_t s_sb_block;
1156
-
uid_t s_resuid;
1157
-
gid_t s_resgid;
1156
+
kuid_t s_resuid;
1157
+
kgid_t s_resgid;
1158
1158
unsigned short s_mount_state;
1159
1159
unsigned short s_pad;
1160
1160
int s_addr_per_block_bits;
+2
-2
fs/ext4/ialloc.c
+2
-2
fs/ext4/ialloc.c
···
808
808
}
809
809
if (owner) {
810
810
inode->i_mode = mode;
811
-
inode->i_uid = owner[0];
812
-
inode->i_gid = owner[1];
811
+
i_uid_write(inode, owner[0]);
812
+
i_gid_write(inode, owner[1]);
813
813
} else if (test_opt(sb, GRPID)) {
814
814
inode->i_mode = mode;
815
815
inode->i_uid = current_fsuid();
+20
-14
fs/ext4/inode.c
+20
-14
fs/ext4/inode.c
···
3630
3630
journal_t *journal = EXT4_SB(sb)->s_journal;
3631
3631
long ret;
3632
3632
int block;
3633
+
uid_t i_uid;
3634
+
gid_t i_gid;
3633
3635
3634
3636
inode = iget_locked(sb, ino);
3635
3637
if (!inode)
···
3647
3645
goto bad_inode;
3648
3646
raw_inode = ext4_raw_inode(&iloc);
3649
3647
inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3650
-
inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3651
-
inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3648
+
i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3649
+
i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3652
3650
if (!(test_opt(inode->i_sb, NO_UID32))) {
3653
-
inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3654
-
inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3651
+
i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3652
+
i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3655
3653
}
3654
+
i_uid_write(inode, i_uid);
3655
+
i_gid_write(inode, i_gid);
3656
3656
set_nlink(inode, le16_to_cpu(raw_inode->i_links_count));
3657
3657
3658
3658
ext4_clear_state_flags(ei); /* Only relevant on 32-bit archs */
···
3874
3870
struct ext4_inode_info *ei = EXT4_I(inode);
3875
3871
struct buffer_head *bh = iloc->bh;
3876
3872
int err = 0, rc, block;
3873
+
uid_t i_uid;
3874
+
gid_t i_gid;
3877
3875
3878
3876
/* For fields not not tracking in the in-memory inode,
3879
3877
* initialise them to zero for new inodes. */
···
3884
3878
3885
3879
ext4_get_inode_flags(ei);
3886
3880
raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3881
+
i_uid = i_uid_read(inode);
3882
+
i_gid = i_gid_read(inode);
3887
3883
if (!(test_opt(inode->i_sb, NO_UID32))) {
3888
-
raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3889
-
raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3884
+
raw_inode->i_uid_low = cpu_to_le16(low_16_bits(i_uid));
3885
+
raw_inode->i_gid_low = cpu_to_le16(low_16_bits(i_gid));
3890
3886
/*
3891
3887
* Fix up interoperability with old kernels. Otherwise, old inodes get
3892
3888
* re-used with the upper 16 bits of the uid/gid intact
3893
3889
*/
3894
3890
if (!ei->i_dtime) {
3895
3891
raw_inode->i_uid_high =
3896
-
cpu_to_le16(high_16_bits(inode->i_uid));
3892
+
cpu_to_le16(high_16_bits(i_uid));
3897
3893
raw_inode->i_gid_high =
3898
-
cpu_to_le16(high_16_bits(inode->i_gid));
3894
+
cpu_to_le16(high_16_bits(i_gid));
3899
3895
} else {
3900
3896
raw_inode->i_uid_high = 0;
3901
3897
raw_inode->i_gid_high = 0;
3902
3898
}
3903
3899
} else {
3904
-
raw_inode->i_uid_low =
3905
-
cpu_to_le16(fs_high2lowuid(inode->i_uid));
3906
-
raw_inode->i_gid_low =
3907
-
cpu_to_le16(fs_high2lowgid(inode->i_gid));
3900
+
raw_inode->i_uid_low = cpu_to_le16(fs_high2lowuid(i_uid));
3901
+
raw_inode->i_gid_low = cpu_to_le16(fs_high2lowgid(i_gid));
3908
3902
raw_inode->i_uid_high = 0;
3909
3903
raw_inode->i_gid_high = 0;
3910
3904
}
···
4090
4084
4091
4085
if (is_quota_modification(inode, attr))
4092
4086
dquot_initialize(inode);
4093
-
if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
4094
-
(ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
4087
+
if ((ia_valid & ATTR_UID && !uid_eq(attr->ia_uid, inode->i_uid)) ||
4088
+
(ia_valid & ATTR_GID && !gid_eq(attr->ia_gid, inode->i_gid))) {
4095
4089
handle_t *handle;
4096
4090
4097
4091
/* (user+group)*(old+new) structure, inode write (sb,
+2
-2
fs/ext4/migrate.c
+2
-2
fs/ext4/migrate.c
···
466
466
}
467
467
goal = (((inode->i_ino - 1) / EXT4_INODES_PER_GROUP(inode->i_sb)) *
468
468
EXT4_INODES_PER_GROUP(inode->i_sb)) + 1;
469
-
owner[0] = inode->i_uid;
470
-
owner[1] = inode->i_gid;
469
+
owner[0] = i_uid_read(inode);
470
+
owner[1] = i_gid_read(inode);
471
471
tmp_inode = ext4_new_inode(handle, inode->i_sb->s_root->d_inode,
472
472
S_IFREG, NULL, goal, owner);
473
473
if (IS_ERR(tmp_inode)) {
+26
-12
fs/ext4/super.c
+26
-12
fs/ext4/super.c
···
1448
1448
{
1449
1449
struct ext4_sb_info *sbi = EXT4_SB(sb);
1450
1450
const struct mount_opts *m;
1451
+
kuid_t uid;
1452
+
kgid_t gid;
1451
1453
int arg = 0;
1452
1454
1453
1455
if (args->from && match_int(args, &arg))
···
1466
1464
"Ignoring removed %s option", opt);
1467
1465
return 1;
1468
1466
case Opt_resuid:
1469
-
sbi->s_resuid = arg;
1467
+
uid = make_kuid(current_user_ns(), arg);
1468
+
if (!uid_valid(uid)) {
1469
+
ext4_msg(sb, KERN_ERR, "Invalid uid value %d", arg);
1470
+
return -1;
1471
+
}
1472
+
sbi->s_resuid = uid;
1470
1473
return 1;
1471
1474
case Opt_resgid:
1472
-
sbi->s_resgid = arg;
1475
+
gid = make_kgid(current_user_ns(), arg);
1476
+
if (!gid_valid(gid)) {
1477
+
ext4_msg(sb, KERN_ERR, "Invalid gid value %d", arg);
1478
+
return -1;
1479
+
}
1480
+
sbi->s_resgid = gid;
1473
1481
return 1;
1474
1482
case Opt_abort:
1475
1483
sbi->s_mount_flags |= EXT4_MF_FS_ABORTED;
···
1744
1732
SEQ_OPTS_PRINT("%s", token2str(m->token));
1745
1733
}
1746
1734
1747
-
if (nodefs || sbi->s_resuid != EXT4_DEF_RESUID ||
1735
+
if (nodefs || !uid_eq(sbi->s_resuid, make_kuid(&init_user_ns, EXT4_DEF_RESUID)) ||
1748
1736
le16_to_cpu(es->s_def_resuid) != EXT4_DEF_RESUID)
1749
-
SEQ_OPTS_PRINT("resuid=%u", sbi->s_resuid);
1750
-
if (nodefs || sbi->s_resgid != EXT4_DEF_RESGID ||
1737
+
SEQ_OPTS_PRINT("resuid=%u",
1738
+
from_kuid_munged(&init_user_ns, sbi->s_resuid));
1739
+
if (nodefs || !gid_eq(sbi->s_resgid, make_kgid(&init_user_ns, EXT4_DEF_RESGID)) ||
1751
1740
le16_to_cpu(es->s_def_resgid) != EXT4_DEF_RESGID)
1752
-
SEQ_OPTS_PRINT("resgid=%u", sbi->s_resgid);
1741
+
SEQ_OPTS_PRINT("resgid=%u",
1742
+
from_kgid_munged(&init_user_ns, sbi->s_resgid));
1753
1743
def_errors = nodefs ? -1 : le16_to_cpu(es->s_errors);
1754
1744
if (test_opt(sb, ERRORS_RO) && def_errors != EXT4_ERRORS_RO)
1755
1745
SEQ_OPTS_PUTS("errors=remount-ro");
···
3010
2996
}
3011
2997
sb->s_fs_info = sbi;
3012
2998
sbi->s_mount_opt = 0;
3013
-
sbi->s_resuid = EXT4_DEF_RESUID;
3014
-
sbi->s_resgid = EXT4_DEF_RESGID;
2999
+
sbi->s_resuid = make_kuid(&init_user_ns, EXT4_DEF_RESUID);
3000
+
sbi->s_resgid = make_kgid(&init_user_ns, EXT4_DEF_RESGID);
3015
3001
sbi->s_inode_readahead_blks = EXT4_DEF_INODE_READAHEAD_BLKS;
3016
3002
sbi->s_sb_block = sb_block;
3017
3003
if (sb->s_bdev->bd_part)
···
3090
3076
if (def_mount_opts & EXT4_DEFM_DISCARD)
3091
3077
set_opt(sb, DISCARD);
3092
3078
3093
-
sbi->s_resuid = le16_to_cpu(es->s_def_resuid);
3094
-
sbi->s_resgid = le16_to_cpu(es->s_def_resgid);
3079
+
sbi->s_resuid = make_kuid(&init_user_ns, le16_to_cpu(es->s_def_resuid));
3080
+
sbi->s_resgid = make_kgid(&init_user_ns, le16_to_cpu(es->s_def_resgid));
3095
3081
sbi->s_commit_interval = JBD2_DEFAULT_MAX_COMMIT_AGE * HZ;
3096
3082
sbi->s_min_batch_time = EXT4_DEF_MIN_BATCH_TIME;
3097
3083
sbi->s_max_batch_time = EXT4_DEF_MAX_BATCH_TIME;
···
4243
4229
struct ext4_mount_options {
4244
4230
unsigned long s_mount_opt;
4245
4231
unsigned long s_mount_opt2;
4246
-
uid_t s_resuid;
4247
-
gid_t s_resgid;
4232
+
kuid_t s_resuid;
4233
+
kgid_t s_resgid;
4248
4234
unsigned long s_commit_interval;
4249
4235
u32 s_min_batch_time, s_max_batch_time;
4250
4236
#ifdef CONFIG_QUOTA
+2
-2
include/trace/events/ext4.h
+2
-2
include/trace/events/ext4.h
···
36
36
__entry->dev = inode->i_sb->s_dev;
37
37
__entry->ino = inode->i_ino;
38
38
__entry->mode = inode->i_mode;
39
-
__entry->uid = inode->i_uid;
40
-
__entry->gid = inode->i_gid;
39
+
__entry->uid = i_uid_read(inode);
40
+
__entry->gid = i_gid_read(inode);
41
41
__entry->blocks = inode->i_blocks;
42
42
),
43
43