tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
fs: port acl to mnt_idmap
Convert to struct mnt_idmap.
Last cycle we merged the necessary infrastructure in
256c8aed2b42 ("fs: introduce dedicated idmap type for mounts").
This is just the conversion to struct mnt_idmap.
Currently we still pass around the plain namespace that was attached to a
mount. This is in general pretty convenient but it makes it easy to
conflate namespaces that are relevant on the filesystem with namespaces
that are relevent on the mount level. Especially for non-vfs developers
without detailed knowledge in this area this can be a potential source for
bugs.
Once the conversion to struct mnt_idmap is done all helpers down to the
really low-level helpers will take a struct mnt_idmap argument instead of
two namespace arguments. This way it becomes impossible to conflate the two
eliminating the possibility of any bugs. All of the vfs and all filesystems
only operate on struct mnt_idmap.
Acked-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
+114
-121
+1
-1
fs/9p/acl.c
+1
-1
fs/9p/acl.c
+1
-2
fs/btrfs/acl.c
+1
-2
fs/btrfs/acl.c
···
114
114
struct posix_acl *acl, int type)
115
115
{
116
116
int ret;
117
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
118
117
struct inode *inode = d_inode(dentry);
119
118
umode_t old_mode = inode->i_mode;
120
119
121
120
if (type == ACL_TYPE_ACCESS && acl) {
122
-
ret = posix_acl_update_mode(mnt_userns, inode,
121
+
ret = posix_acl_update_mode(idmap, inode,
123
122
&inode->i_mode, &acl);
124
123
if (ret)
125
124
return ret;
+1
-1
fs/ceph/acl.c
+1
-1
fs/ceph/acl.c
+1
-1
fs/ext2/acl.c
+1
-1
fs/ext2/acl.c
+1
-2
fs/ext4/acl.c
+1
-2
fs/ext4/acl.c
···
228
228
ext4_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
229
229
struct posix_acl *acl, int type)
230
230
{
231
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
232
231
handle_t *handle;
233
232
int error, credits, retries = 0;
234
233
size_t acl_size = acl ? ext4_acl_size(acl->a_count) : 0;
···
249
250
return PTR_ERR(handle);
250
251
251
252
if ((type == ACL_TYPE_ACCESS) && acl) {
252
-
error = posix_acl_update_mode(mnt_userns, inode, &mode, &acl);
253
+
error = posix_acl_update_mode(idmap, inode, &mode, &acl);
253
254
if (error)
254
255
goto out_stop;
255
256
if (mode != inode->i_mode)
+1
-1
fs/gfs2/acl.c
+1
-1
fs/gfs2/acl.c
+1
-1
fs/jffs2/acl.c
+1
-1
fs/jffs2/acl.c
+1
-1
fs/jfs/acl.c
+1
-1
fs/jfs/acl.c
···
106
106
tid = txBegin(inode->i_sb, 0);
107
107
mutex_lock(&JFS_IP(inode)->commit_mutex);
108
108
if (type == ACL_TYPE_ACCESS && acl) {
109
-
rc = posix_acl_update_mode(&init_user_ns, inode, &mode, &acl);
109
+
rc = posix_acl_update_mode(&nop_mnt_idmap, inode, &mode, &acl);
110
110
if (rc)
111
111
goto end_tx;
112
112
if (mode != inode->i_mode)
+17
-16
fs/namei.c
+17
-16
fs/namei.c
···
273
273
274
274
/**
275
275
* check_acl - perform ACL permission checking
276
-
* @mnt_userns: user namespace of the mount the inode was found from
276
+
* @idmap: idmap of the mount the inode was found from
277
277
* @inode: inode to check permissions on
278
278
* @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC ...)
279
279
*
···
281
281
* retrieve POSIX acls it needs to know whether it is called from a blocking or
282
282
* non-blocking context and thus cares about the MAY_NOT_BLOCK bit.
283
283
*
284
-
* If the inode has been found through an idmapped mount the user namespace of
285
-
* the vfsmount must be passed through @mnt_userns. This function will then take
286
-
* care to map the inode according to @mnt_userns before checking permissions.
284
+
* If the inode has been found through an idmapped mount the idmap of
285
+
* the vfsmount must be passed through @idmap. This function will then take
286
+
* care to map the inode according to @idmap before checking permissions.
287
287
* On non-idmapped mounts or if permission checking is to be performed on the
288
-
* raw inode simply passs init_user_ns.
288
+
* raw inode simply passs @nop_mnt_idmap.
289
289
*/
290
-
static int check_acl(struct user_namespace *mnt_userns,
290
+
static int check_acl(struct mnt_idmap *idmap,
291
291
struct inode *inode, int mask)
292
292
{
293
293
#ifdef CONFIG_FS_POSIX_ACL
···
300
300
/* no ->get_inode_acl() calls in RCU mode... */
301
301
if (is_uncached_acl(acl))
302
302
return -ECHILD;
303
-
return posix_acl_permission(mnt_userns, inode, acl, mask);
303
+
return posix_acl_permission(idmap, inode, acl, mask);
304
304
}
305
305
306
306
acl = get_inode_acl(inode, ACL_TYPE_ACCESS);
307
307
if (IS_ERR(acl))
308
308
return PTR_ERR(acl);
309
309
if (acl) {
310
-
int error = posix_acl_permission(mnt_userns, inode, acl, mask);
310
+
int error = posix_acl_permission(idmap, inode, acl, mask);
311
311
posix_acl_release(acl);
312
312
return error;
313
313
}
···
318
318
319
319
/**
320
320
* acl_permission_check - perform basic UNIX permission checking
321
-
* @mnt_userns: user namespace of the mount the inode was found from
321
+
* @idmap: idmap of the mount the inode was found from
322
322
* @inode: inode to check permissions on
323
323
* @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC ...)
324
324
*
···
326
326
* function may retrieve POSIX acls it needs to know whether it is called from a
327
327
* blocking or non-blocking context and thus cares about the MAY_NOT_BLOCK bit.
328
328
*
329
-
* If the inode has been found through an idmapped mount the user namespace of
330
-
* the vfsmount must be passed through @mnt_userns. This function will then take
331
-
* care to map the inode according to @mnt_userns before checking permissions.
329
+
* If the inode has been found through an idmapped mount the idmap of
330
+
* the vfsmount must be passed through @idmap. This function will then take
331
+
* care to map the inode according to @idmap before checking permissions.
332
332
* On non-idmapped mounts or if permission checking is to be performed on the
333
-
* raw inode simply passs init_user_ns.
333
+
* raw inode simply passs @nop_mnt_idmap.
334
334
*/
335
-
static int acl_permission_check(struct user_namespace *mnt_userns,
335
+
static int acl_permission_check(struct mnt_idmap *idmap,
336
336
struct inode *inode, int mask)
337
337
{
338
+
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
338
339
unsigned int mode = inode->i_mode;
339
340
vfsuid_t vfsuid;
340
341
···
349
348
350
349
/* Do we have ACL's? */
351
350
if (IS_POSIXACL(inode) && (mode & S_IRWXG)) {
352
-
int error = check_acl(mnt_userns, inode, mask);
351
+
int error = check_acl(idmap, inode, mask);
353
352
if (error != -EAGAIN)
354
353
return error;
355
354
}
···
403
402
/*
404
403
* Do the basic permission checks.
405
404
*/
406
-
ret = acl_permission_check(mnt_userns, inode, mask);
405
+
ret = acl_permission_check(idmap, inode, mask);
407
406
if (ret != -EACCES)
408
407
return ret;
409
408
+3
-2
fs/ntfs3/inode.c
+3
-2
fs/ntfs3/inode.c
···
1185
1185
*
1186
1186
* NOTE: if fnd != NULL (ntfs_atomic_open) then @dir is locked
1187
1187
*/
1188
-
struct inode *ntfs_create_inode(struct user_namespace *mnt_userns,
1188
+
struct inode *ntfs_create_inode(struct mnt_idmap *idmap,
1189
1189
struct inode *dir, struct dentry *dentry,
1190
1190
const struct cpu_str *uni, umode_t mode,
1191
1191
dev_t dev, const char *symname, u32 size,
1192
1192
struct ntfs_fnd *fnd)
1193
1193
{
1194
1194
int err;
1195
+
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
1195
1196
struct super_block *sb = dir->i_sb;
1196
1197
struct ntfs_sb_info *sbi = sb->s_fs_info;
1197
1198
const struct qstr *name = &dentry->d_name;
···
1615
1614
1616
1615
#ifdef CONFIG_NTFS3_FS_POSIX_ACL
1617
1616
if (!S_ISLNK(mode) && (sb->s_flags & SB_POSIXACL)) {
1618
-
err = ntfs_init_acl(mnt_userns, inode, dir);
1617
+
err = ntfs_init_acl(idmap, inode, dir);
1619
1618
if (err)
1620
1619
goto out7;
1621
1620
} else
+7
-11
fs/ntfs3/namei.c
+7
-11
fs/ntfs3/namei.c
···
97
97
static int ntfs_create(struct mnt_idmap *idmap, struct inode *dir,
98
98
struct dentry *dentry, umode_t mode, bool excl)
99
99
{
100
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
101
100
struct inode *inode;
102
101
103
-
inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, S_IFREG | mode,
102
+
inode = ntfs_create_inode(idmap, dir, dentry, NULL, S_IFREG | mode,
104
103
0, NULL, 0, NULL);
105
104
106
105
return IS_ERR(inode) ? PTR_ERR(inode) : 0;
···
113
114
static int ntfs_mknod(struct mnt_idmap *idmap, struct inode *dir,
114
115
struct dentry *dentry, umode_t mode, dev_t rdev)
115
116
{
116
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
117
117
struct inode *inode;
118
118
119
-
inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, mode, rdev,
119
+
inode = ntfs_create_inode(idmap, dir, dentry, NULL, mode, rdev,
120
120
NULL, 0, NULL);
121
121
122
122
return IS_ERR(inode) ? PTR_ERR(inode) : 0;
···
186
188
static int ntfs_symlink(struct mnt_idmap *idmap, struct inode *dir,
187
189
struct dentry *dentry, const char *symname)
188
190
{
189
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
190
191
u32 size = strlen(symname);
191
192
struct inode *inode;
192
193
193
-
inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, S_IFLNK | 0777,
194
+
inode = ntfs_create_inode(idmap, dir, dentry, NULL, S_IFLNK | 0777,
194
195
0, symname, size, NULL);
195
196
196
197
return IS_ERR(inode) ? PTR_ERR(inode) : 0;
···
201
204
static int ntfs_mkdir(struct mnt_idmap *idmap, struct inode *dir,
202
205
struct dentry *dentry, umode_t mode)
203
206
{
204
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
205
207
struct inode *inode;
206
208
207
-
inode = ntfs_create_inode(mnt_userns, dir, dentry, NULL, S_IFDIR | mode,
209
+
inode = ntfs_create_inode(idmap, dir, dentry, NULL, S_IFDIR | mode,
208
210
0, NULL, 0, NULL);
209
211
210
212
return IS_ERR(inode) ? PTR_ERR(inode) : 0;
···
415
419
416
420
/*
417
421
* Unfortunately I don't know how to get here correct 'struct nameidata *nd'
418
-
* or 'struct user_namespace *mnt_userns'.
422
+
* or 'struct mnt_idmap *idmap'.
419
423
* See atomic_open in fs/namei.c.
420
424
* This is why xfstest/633 failed.
421
-
* Looks like ntfs_atomic_open must accept 'struct user_namespace *mnt_userns' as argument.
425
+
* Looks like ntfs_atomic_open must accept 'struct mnt_idmap *idmap' as argument.
422
426
*/
423
427
424
-
inode = ntfs_create_inode(&init_user_ns, dir, dentry, uni, mode, 0,
428
+
inode = ntfs_create_inode(&nop_mnt_idmap, dir, dentry, uni, mode, 0,
425
429
NULL, 0, fnd);
426
430
err = IS_ERR(inode) ? PTR_ERR(inode)
427
431
: finish_open(file, dentry, ntfs_file_open);
+2
-2
fs/ntfs3/ntfs_fs.h
+2
-2
fs/ntfs3/ntfs_fs.h
···
708
708
int ntfs_flush_inodes(struct super_block *sb, struct inode *i1,
709
709
struct inode *i2);
710
710
int inode_write_data(struct inode *inode, const void *data, size_t bytes);
711
-
struct inode *ntfs_create_inode(struct user_namespace *mnt_userns,
711
+
struct inode *ntfs_create_inode(struct mnt_idmap *idmap,
712
712
struct inode *dir, struct dentry *dentry,
713
713
const struct cpu_str *uni, umode_t mode,
714
714
dev_t dev, const char *symname, u32 size,
···
861
861
struct posix_acl *ntfs_get_acl(struct inode *inode, int type, bool rcu);
862
862
int ntfs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
863
863
struct posix_acl *acl, int type);
864
-
int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode,
864
+
int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode,
865
865
struct inode *dir);
866
866
#else
867
867
#define ntfs_get_acl NULL
+6
-8
fs/ntfs3/xattr.c
+6
-8
fs/ntfs3/xattr.c
···
578
578
return ntfs_get_acl_ex(inode, type, 0);
579
579
}
580
580
581
-
static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns,
581
+
static noinline int ntfs_set_acl_ex(struct mnt_idmap *idmap,
582
582
struct inode *inode, struct posix_acl *acl,
583
583
int type, bool init_acl)
584
584
{
···
597
597
case ACL_TYPE_ACCESS:
598
598
/* Do not change i_mode if we are in init_acl */
599
599
if (acl && !init_acl) {
600
-
err = posix_acl_update_mode(mnt_userns, inode, &mode,
600
+
err = posix_acl_update_mode(idmap, inode, &mode,
601
601
&acl);
602
602
if (err)
603
603
return err;
···
655
655
int ntfs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
656
656
struct posix_acl *acl, int type)
657
657
{
658
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
659
-
660
-
return ntfs_set_acl_ex(mnt_userns, d_inode(dentry), acl, type, false);
658
+
return ntfs_set_acl_ex(idmap, d_inode(dentry), acl, type, false);
661
659
}
662
660
663
661
/*
···
663
665
*
664
666
* Called from ntfs_create_inode().
665
667
*/
666
-
int ntfs_init_acl(struct user_namespace *mnt_userns, struct inode *inode,
668
+
int ntfs_init_acl(struct mnt_idmap *idmap, struct inode *inode,
667
669
struct inode *dir)
668
670
{
669
671
struct posix_acl *default_acl, *acl;
···
674
676
return err;
675
677
676
678
if (default_acl) {
677
-
err = ntfs_set_acl_ex(mnt_userns, inode, default_acl,
679
+
err = ntfs_set_acl_ex(idmap, inode, default_acl,
678
680
ACL_TYPE_DEFAULT, true);
679
681
posix_acl_release(default_acl);
680
682
} else {
···
683
685
684
686
if (acl) {
685
687
if (!err)
686
-
err = ntfs_set_acl_ex(mnt_userns, inode, acl,
688
+
err = ntfs_set_acl_ex(idmap, inode, acl,
687
689
ACL_TYPE_ACCESS, true);
688
690
posix_acl_release(acl);
689
691
} else {
+1
-1
fs/ocfs2/acl.c
+1
-1
fs/ocfs2/acl.c
+1
-1
fs/orangefs/acl.c
+1
-1
fs/orangefs/acl.c
···
136
136
* and "mode" to the new desired value. It is up to
137
137
* us to propagate the new mode back to the server...
138
138
*/
139
-
error = posix_acl_update_mode(&init_user_ns, inode,
139
+
error = posix_acl_update_mode(&nop_mnt_idmap, inode,
140
140
&iattr.ia_mode, &acl);
141
141
if (error) {
142
142
gossip_err("%s: posix_acl_update_mode err: %d\n",
+18
-18
fs/posix_acl.c
+18
-18
fs/posix_acl.c
···
372
372
* by the acl. Returns -E... otherwise.
373
373
*/
374
374
int
375
-
posix_acl_permission(struct user_namespace *mnt_userns, struct inode *inode,
375
+
posix_acl_permission(struct mnt_idmap *idmap, struct inode *inode,
376
376
const struct posix_acl *acl, int want)
377
377
{
378
378
const struct posix_acl_entry *pa, *pe, *mask_obj;
379
379
struct user_namespace *fs_userns = i_user_ns(inode);
380
+
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
380
381
int found = 0;
381
382
vfsuid_t vfsuid;
382
383
vfsgid_t vfsgid;
···
684
683
685
684
/**
686
685
* posix_acl_update_mode - update mode in set_acl
687
-
* @mnt_userns: user namespace of the mount @inode was found from
686
+
* @idmap: idmap of the mount @inode was found from
688
687
* @inode: target inode
689
688
* @mode_p: mode (pointer) for update
690
689
* @acl: acl pointer
···
696
695
* As with chmod, clear the setgid bit if the caller is not in the owning group
697
696
* or capable of CAP_FSETID (see inode_change_ok).
698
697
*
699
-
* If the inode has been found through an idmapped mount the user namespace of
700
-
* the vfsmount must be passed through @mnt_userns. This function will then
701
-
* take care to map the inode according to @mnt_userns before checking
698
+
* If the inode has been found through an idmapped mount the idmap of
699
+
* the vfsmount must be passed through @idmap. This function will then
700
+
* take care to map the inode according to @idmap before checking
702
701
* permissions. On non-idmapped mounts or if permission checking is to be
703
-
* performed on the raw inode simply passs init_user_ns.
702
+
* performed on the raw inode simply passs @nop_mnt_idmap.
704
703
*
705
704
* Called from set_acl inode operations.
706
705
*/
707
-
int posix_acl_update_mode(struct user_namespace *mnt_userns,
706
+
int posix_acl_update_mode(struct mnt_idmap *idmap,
708
707
struct inode *inode, umode_t *mode_p,
709
708
struct posix_acl **acl)
710
709
{
710
+
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
711
711
umode_t mode = inode->i_mode;
712
712
int error;
713
713
···
984
982
struct posix_acl *acl, int type)
985
983
{
986
984
int error;
987
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
988
985
struct inode *inode = d_inode(dentry);
989
986
990
987
if (type == ACL_TYPE_ACCESS) {
991
-
error = posix_acl_update_mode(mnt_userns, inode,
988
+
error = posix_acl_update_mode(idmap, inode,
992
989
&inode->i_mode, &acl);
993
990
if (error)
994
991
return error;
···
1019
1018
return 0;
1020
1019
}
1021
1020
1022
-
static int vfs_set_acl_idmapped_mnt(struct user_namespace *mnt_userns,
1021
+
static int vfs_set_acl_idmapped_mnt(struct mnt_idmap *idmap,
1023
1022
struct user_namespace *fs_userns,
1024
1023
struct posix_acl *acl)
1025
1024
{
1025
+
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
1026
+
1026
1027
for (int n = 0; n < acl->a_count; n++) {
1027
1028
struct posix_acl_entry *acl_e = &acl->a_entries[n];
1028
1029
···
1060
1057
{
1061
1058
int acl_type;
1062
1059
int error;
1063
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
1064
1060
struct inode *inode = d_inode(dentry);
1065
1061
struct inode *delegated_inode = NULL;
1066
1062
···
1075
1073
* if this is a filesystem with a backing store - ultimately
1076
1074
* translate them to backing store values.
1077
1075
*/
1078
-
error = vfs_set_acl_idmapped_mnt(mnt_userns, i_user_ns(inode), kacl);
1076
+
error = vfs_set_acl_idmapped_mnt(idmap, i_user_ns(inode), kacl);
1079
1077
if (error)
1080
1078
return error;
1081
1079
}
···
1091
1089
if (error)
1092
1090
goto out_inode_unlock;
1093
1091
1094
-
error = security_inode_set_acl(mnt_userns, dentry, acl_name, kacl);
1092
+
error = security_inode_set_acl(idmap, dentry, acl_name, kacl);
1095
1093
if (error)
1096
1094
goto out_inode_unlock;
1097
1095
···
1137
1135
struct posix_acl *vfs_get_acl(struct mnt_idmap *idmap,
1138
1136
struct dentry *dentry, const char *acl_name)
1139
1137
{
1140
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
1141
1138
struct inode *inode = d_inode(dentry);
1142
1139
struct posix_acl *acl;
1143
1140
int acl_type, error;
···
1149
1148
* The VFS has no restrictions on reading POSIX ACLs so calling
1150
1149
* something like xattr_permission() isn't needed. Only LSMs get a say.
1151
1150
*/
1152
-
error = security_inode_get_acl(mnt_userns, dentry, acl_name);
1151
+
error = security_inode_get_acl(idmap, dentry, acl_name);
1153
1152
if (error)
1154
1153
return ERR_PTR(error);
1155
1154
···
1183
1182
{
1184
1183
int acl_type;
1185
1184
int error;
1186
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
1187
1185
struct inode *inode = d_inode(dentry);
1188
1186
struct inode *delegated_inode = NULL;
1189
1187
···
1201
1201
if (error)
1202
1202
goto out_inode_unlock;
1203
1203
1204
-
error = security_inode_remove_acl(mnt_userns, dentry, acl_name);
1204
+
error = security_inode_remove_acl(idmap, dentry, acl_name);
1205
1205
if (error)
1206
1206
goto out_inode_unlock;
1207
1207
···
1217
1217
error = -EOPNOTSUPP;
1218
1218
if (!error) {
1219
1219
fsnotify_xattr(dentry);
1220
-
evm_inode_post_remove_acl(mnt_userns, dentry, acl_name);
1220
+
evm_inode_post_remove_acl(idmap, dentry, acl_name);
1221
1221
}
1222
1222
1223
1223
out_inode_unlock:
+1
-1
fs/reiserfs/xattr_acl.c
+1
-1
fs/reiserfs/xattr_acl.c
+1
-2
fs/xfs/xfs_acl.c
+1
-2
fs/xfs/xfs_acl.c
···
245
245
xfs_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
246
246
struct posix_acl *acl, int type)
247
247
{
248
-
struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
249
248
umode_t mode;
250
249
bool set_mode = false;
251
250
int error = 0;
···
258
259
return error;
259
260
260
261
if (type == ACL_TYPE_ACCESS) {
261
-
error = posix_acl_update_mode(mnt_userns, inode, &mode, &acl);
262
+
error = posix_acl_update_mode(idmap, inode, &mode, &acl);
262
263
if (error)
263
264
return error;
264
265
set_mode = true;
+7
-7
include/linux/evm.h
+7
-7
include/linux/evm.h
···
35
35
struct dentry *dentry, const char *xattr_name);
36
36
extern void evm_inode_post_removexattr(struct dentry *dentry,
37
37
const char *xattr_name);
38
-
static inline void evm_inode_post_remove_acl(struct user_namespace *mnt_userns,
38
+
static inline void evm_inode_post_remove_acl(struct mnt_idmap *idmap,
39
39
struct dentry *dentry,
40
40
const char *acl_name)
41
41
{
42
42
evm_inode_post_removexattr(dentry, acl_name);
43
43
}
44
-
extern int evm_inode_set_acl(struct user_namespace *mnt_userns,
44
+
extern int evm_inode_set_acl(struct mnt_idmap *idmap,
45
45
struct dentry *dentry, const char *acl_name,
46
46
struct posix_acl *kacl);
47
-
static inline int evm_inode_remove_acl(struct user_namespace *mnt_userns,
47
+
static inline int evm_inode_remove_acl(struct mnt_idmap *idmap,
48
48
struct dentry *dentry,
49
49
const char *acl_name)
50
50
{
51
-
return evm_inode_set_acl(mnt_userns, dentry, acl_name, NULL);
51
+
return evm_inode_set_acl(idmap, dentry, acl_name, NULL);
52
52
}
53
53
static inline void evm_inode_post_set_acl(struct dentry *dentry,
54
54
const char *acl_name,
···
129
129
return;
130
130
}
131
131
132
-
static inline void evm_inode_post_remove_acl(struct user_namespace *mnt_userns,
132
+
static inline void evm_inode_post_remove_acl(struct mnt_idmap *idmap,
133
133
struct dentry *dentry,
134
134
const char *acl_name)
135
135
{
136
136
return;
137
137
}
138
138
139
-
static inline int evm_inode_set_acl(struct user_namespace *mnt_userns,
139
+
static inline int evm_inode_set_acl(struct mnt_idmap *idmap,
140
140
struct dentry *dentry, const char *acl_name,
141
141
struct posix_acl *kacl)
142
142
{
143
143
return 0;
144
144
}
145
145
146
-
static inline int evm_inode_remove_acl(struct user_namespace *mnt_userns,
146
+
static inline int evm_inode_remove_acl(struct mnt_idmap *idmap,
147
147
struct dentry *dentry,
148
148
const char *acl_name)
149
149
{
+5
-5
include/linux/ima.h
+5
-5
include/linux/ima.h
···
187
187
struct dentry *dentry);
188
188
extern int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,
189
189
const void *xattr_value, size_t xattr_value_len);
190
-
extern int ima_inode_set_acl(struct user_namespace *mnt_userns,
190
+
extern int ima_inode_set_acl(struct mnt_idmap *idmap,
191
191
struct dentry *dentry, const char *acl_name,
192
192
struct posix_acl *kacl);
193
-
static inline int ima_inode_remove_acl(struct user_namespace *mnt_userns,
193
+
static inline int ima_inode_remove_acl(struct mnt_idmap *idmap,
194
194
struct dentry *dentry,
195
195
const char *acl_name)
196
196
{
197
-
return ima_inode_set_acl(mnt_userns, dentry, acl_name, NULL);
197
+
return ima_inode_set_acl(idmap, dentry, acl_name, NULL);
198
198
}
199
199
extern int ima_inode_removexattr(struct dentry *dentry, const char *xattr_name);
200
200
#else
···
217
217
return 0;
218
218
}
219
219
220
-
static inline int ima_inode_set_acl(struct user_namespace *mnt_userns,
220
+
static inline int ima_inode_set_acl(struct mnt_idmap *idmap,
221
221
struct dentry *dentry, const char *acl_name,
222
222
struct posix_acl *kacl)
223
223
{
···
231
231
return 0;
232
232
}
233
233
234
-
static inline int ima_inode_remove_acl(struct user_namespace *mnt_userns,
234
+
static inline int ima_inode_remove_acl(struct mnt_idmap *idmap,
235
235
struct dentry *dentry,
236
236
const char *acl_name)
237
237
{
+3
-3
include/linux/lsm_hook_defs.h
+3
-3
include/linux/lsm_hook_defs.h
···
145
145
LSM_HOOK(int, 0, inode_listxattr, struct dentry *dentry)
146
146
LSM_HOOK(int, 0, inode_removexattr, struct mnt_idmap *idmap,
147
147
struct dentry *dentry, const char *name)
148
-
LSM_HOOK(int, 0, inode_set_acl, struct user_namespace *mnt_userns,
148
+
LSM_HOOK(int, 0, inode_set_acl, struct mnt_idmap *idmap,
149
149
struct dentry *dentry, const char *acl_name, struct posix_acl *kacl)
150
-
LSM_HOOK(int, 0, inode_get_acl, struct user_namespace *mnt_userns,
150
+
LSM_HOOK(int, 0, inode_get_acl, struct mnt_idmap *idmap,
151
151
struct dentry *dentry, const char *acl_name)
152
-
LSM_HOOK(int, 0, inode_remove_acl, struct user_namespace *mnt_userns,
152
+
LSM_HOOK(int, 0, inode_remove_acl, struct mnt_idmap *idmap,
153
153
struct dentry *dentry, const char *acl_name)
154
154
LSM_HOOK(int, 0, inode_need_killpriv, struct dentry *dentry)
155
155
LSM_HOOK(int, 0, inode_killpriv, struct mnt_idmap *idmap,
+2
-2
include/linux/posix_acl.h
+2
-2
include/linux/posix_acl.h
···
79
79
int posix_acl_chmod(struct mnt_idmap *, struct dentry *, umode_t);
80
80
extern int posix_acl_create(struct inode *, umode_t *, struct posix_acl **,
81
81
struct posix_acl **);
82
-
int posix_acl_update_mode(struct user_namespace *, struct inode *, umode_t *,
82
+
int posix_acl_update_mode(struct mnt_idmap *, struct inode *, umode_t *,
83
83
struct posix_acl **);
84
84
85
85
int simple_set_acl(struct mnt_idmap *, struct dentry *,
···
91
91
void forget_cached_acl(struct inode *inode, int type);
92
92
void forget_all_cached_acls(struct inode *inode);
93
93
int posix_acl_valid(struct user_namespace *, const struct posix_acl *);
94
-
int posix_acl_permission(struct user_namespace *, struct inode *,
94
+
int posix_acl_permission(struct mnt_idmap *, struct inode *,
95
95
const struct posix_acl *, int);
96
96
97
97
static inline void cache_no_acl(struct inode *inode)
+6
-6
include/linux/security.h
+6
-6
include/linux/security.h
···
361
361
int security_inode_setxattr(struct mnt_idmap *idmap,
362
362
struct dentry *dentry, const char *name,
363
363
const void *value, size_t size, int flags);
364
-
int security_inode_set_acl(struct user_namespace *mnt_userns,
364
+
int security_inode_set_acl(struct mnt_idmap *idmap,
365
365
struct dentry *dentry, const char *acl_name,
366
366
struct posix_acl *kacl);
367
-
int security_inode_get_acl(struct user_namespace *mnt_userns,
367
+
int security_inode_get_acl(struct mnt_idmap *idmap,
368
368
struct dentry *dentry, const char *acl_name);
369
-
int security_inode_remove_acl(struct user_namespace *mnt_userns,
369
+
int security_inode_remove_acl(struct mnt_idmap *idmap,
370
370
struct dentry *dentry, const char *acl_name);
371
371
void security_inode_post_setxattr(struct dentry *dentry, const char *name,
372
372
const void *value, size_t size, int flags);
···
879
879
return cap_inode_setxattr(dentry, name, value, size, flags);
880
880
}
881
881
882
-
static inline int security_inode_set_acl(struct user_namespace *mnt_userns,
882
+
static inline int security_inode_set_acl(struct mnt_idmap *idmap,
883
883
struct dentry *dentry,
884
884
const char *acl_name,
885
885
struct posix_acl *kacl)
···
887
887
return 0;
888
888
}
889
889
890
-
static inline int security_inode_get_acl(struct user_namespace *mnt_userns,
890
+
static inline int security_inode_get_acl(struct mnt_idmap *idmap,
891
891
struct dentry *dentry,
892
892
const char *acl_name)
893
893
{
894
894
return 0;
895
895
}
896
896
897
-
static inline int security_inode_remove_acl(struct user_namespace *mnt_userns,
897
+
static inline int security_inode_remove_acl(struct mnt_idmap *idmap,
898
898
struct dentry *dentry,
899
899
const char *acl_name)
900
900
{
+6
-6
security/integrity/evm/evm_main.c
+6
-6
security/integrity/evm/evm_main.c
···
610
610
}
611
611
612
612
#ifdef CONFIG_FS_POSIX_ACL
613
-
static int evm_inode_set_acl_change(struct user_namespace *mnt_userns,
613
+
static int evm_inode_set_acl_change(struct mnt_idmap *idmap,
614
614
struct dentry *dentry, const char *name,
615
615
struct posix_acl *kacl)
616
616
{
···
622
622
if (!kacl)
623
623
return 1;
624
624
625
-
rc = posix_acl_update_mode(mnt_userns, inode, &mode, &kacl);
625
+
rc = posix_acl_update_mode(idmap, inode, &mode, &kacl);
626
626
if (rc || (inode->i_mode != mode))
627
627
return 1;
628
628
629
629
return 0;
630
630
}
631
631
#else
632
-
static inline int evm_inode_set_acl_change(struct user_namespace *mnt_userns,
632
+
static inline int evm_inode_set_acl_change(struct mnt_idmap *idmap,
633
633
struct dentry *dentry,
634
634
const char *name,
635
635
struct posix_acl *kacl)
···
640
640
641
641
/**
642
642
* evm_inode_set_acl - protect the EVM extended attribute from posix acls
643
-
* @mnt_userns: user namespace of the idmapped mount
643
+
* @idmap: idmap of the idmapped mount
644
644
* @dentry: pointer to the affected dentry
645
645
* @acl_name: name of the posix acl
646
646
* @kacl: pointer to the posix acls
···
649
649
* and 'security.evm' xattr updated, unless the existing 'security.evm' is
650
650
* valid.
651
651
*/
652
-
int evm_inode_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
652
+
int evm_inode_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
653
653
const char *acl_name, struct posix_acl *kacl)
654
654
{
655
655
enum integrity_status evm_status;
···
678
678
return 0;
679
679
680
680
if (evm_status == INTEGRITY_PASS_IMMUTABLE &&
681
-
!evm_inode_set_acl_change(mnt_userns, dentry, acl_name, kacl))
681
+
!evm_inode_set_acl_change(idmap, dentry, acl_name, kacl))
682
682
return 0;
683
683
684
684
if (evm_status != INTEGRITY_PASS_IMMUTABLE)
+1
-1
security/integrity/ima/ima_appraise.c
+1
-1
security/integrity/ima/ima_appraise.c
···
774
774
return result;
775
775
}
776
776
777
-
int ima_inode_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
777
+
int ima_inode_set_acl(struct mnt_idmap *idmap, struct dentry *dentry,
778
778
const char *acl_name, struct posix_acl *kacl)
779
779
{
780
780
if (evm_revalidate_status(acl_name))
+10
-10
security/security.c
+10
-10
security/security.c
···
1400
1400
return evm_inode_setxattr(idmap, dentry, name, value, size);
1401
1401
}
1402
1402
1403
-
int security_inode_set_acl(struct user_namespace *mnt_userns,
1403
+
int security_inode_set_acl(struct mnt_idmap *idmap,
1404
1404
struct dentry *dentry, const char *acl_name,
1405
1405
struct posix_acl *kacl)
1406
1406
{
···
1408
1408
1409
1409
if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1410
1410
return 0;
1411
-
ret = call_int_hook(inode_set_acl, 0, mnt_userns, dentry, acl_name,
1411
+
ret = call_int_hook(inode_set_acl, 0, idmap, dentry, acl_name,
1412
1412
kacl);
1413
1413
if (ret)
1414
1414
return ret;
1415
-
ret = ima_inode_set_acl(mnt_userns, dentry, acl_name, kacl);
1415
+
ret = ima_inode_set_acl(idmap, dentry, acl_name, kacl);
1416
1416
if (ret)
1417
1417
return ret;
1418
-
return evm_inode_set_acl(mnt_userns, dentry, acl_name, kacl);
1418
+
return evm_inode_set_acl(idmap, dentry, acl_name, kacl);
1419
1419
}
1420
1420
1421
-
int security_inode_get_acl(struct user_namespace *mnt_userns,
1421
+
int security_inode_get_acl(struct mnt_idmap *idmap,
1422
1422
struct dentry *dentry, const char *acl_name)
1423
1423
{
1424
1424
if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1425
1425
return 0;
1426
-
return call_int_hook(inode_get_acl, 0, mnt_userns, dentry, acl_name);
1426
+
return call_int_hook(inode_get_acl, 0, idmap, dentry, acl_name);
1427
1427
}
1428
1428
1429
-
int security_inode_remove_acl(struct user_namespace *mnt_userns,
1429
+
int security_inode_remove_acl(struct mnt_idmap *idmap,
1430
1430
struct dentry *dentry, const char *acl_name)
1431
1431
{
1432
1432
int ret;
1433
1433
1434
1434
if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))
1435
1435
return 0;
1436
-
ret = call_int_hook(inode_remove_acl, 0, mnt_userns, dentry, acl_name);
1436
+
ret = call_int_hook(inode_remove_acl, 0, idmap, dentry, acl_name);
1437
1437
if (ret)
1438
1438
return ret;
1439
-
ret = ima_inode_remove_acl(mnt_userns, dentry, acl_name);
1439
+
ret = ima_inode_remove_acl(idmap, dentry, acl_name);
1440
1440
if (ret)
1441
1441
return ret;
1442
-
return evm_inode_remove_acl(mnt_userns, dentry, acl_name);
1442
+
return evm_inode_remove_acl(idmap, dentry, acl_name);
1443
1443
}
1444
1444
1445
1445
void security_inode_post_setxattr(struct dentry *dentry, const char *name,
+3
-3
security/selinux/hooks.c
+3
-3
security/selinux/hooks.c
···
3241
3241
&ad);
3242
3242
}
3243
3243
3244
-
static int selinux_inode_set_acl(struct user_namespace *mnt_userns,
3244
+
static int selinux_inode_set_acl(struct mnt_idmap *idmap,
3245
3245
struct dentry *dentry, const char *acl_name,
3246
3246
struct posix_acl *kacl)
3247
3247
{
3248
3248
return dentry_has_perm(current_cred(), dentry, FILE__SETATTR);
3249
3249
}
3250
3250
3251
-
static int selinux_inode_get_acl(struct user_namespace *mnt_userns,
3251
+
static int selinux_inode_get_acl(struct mnt_idmap *idmap,
3252
3252
struct dentry *dentry, const char *acl_name)
3253
3253
{
3254
3254
return dentry_has_perm(current_cred(), dentry, FILE__GETATTR);
3255
3255
}
3256
3256
3257
-
static int selinux_inode_remove_acl(struct user_namespace *mnt_userns,
3257
+
static int selinux_inode_remove_acl(struct mnt_idmap *idmap,
3258
3258
struct dentry *dentry, const char *acl_name)
3259
3259
{
3260
3260
return dentry_has_perm(current_cred(), dentry, FILE__SETATTR);
+6
-6
security/smack/smack_lsm.c
+6
-6
security/smack/smack_lsm.c
···
1394
1394
1395
1395
/**
1396
1396
* smack_inode_set_acl - Smack check for setting posix acls
1397
-
* @mnt_userns: the userns attached to the mnt this request came from
1397
+
* @idmap: idmap of the mnt this request came from
1398
1398
* @dentry: the object
1399
1399
* @acl_name: name of the posix acl
1400
1400
* @kacl: the posix acls
1401
1401
*
1402
1402
* Returns 0 if access is permitted, an error code otherwise
1403
1403
*/
1404
-
static int smack_inode_set_acl(struct user_namespace *mnt_userns,
1404
+
static int smack_inode_set_acl(struct mnt_idmap *idmap,
1405
1405
struct dentry *dentry, const char *acl_name,
1406
1406
struct posix_acl *kacl)
1407
1407
{
···
1418
1418
1419
1419
/**
1420
1420
* smack_inode_get_acl - Smack check for getting posix acls
1421
-
* @mnt_userns: the userns attached to the mnt this request came from
1421
+
* @idmap: idmap of the mnt this request came from
1422
1422
* @dentry: the object
1423
1423
* @acl_name: name of the posix acl
1424
1424
*
1425
1425
* Returns 0 if access is permitted, an error code otherwise
1426
1426
*/
1427
-
static int smack_inode_get_acl(struct user_namespace *mnt_userns,
1427
+
static int smack_inode_get_acl(struct mnt_idmap *idmap,
1428
1428
struct dentry *dentry, const char *acl_name)
1429
1429
{
1430
1430
struct smk_audit_info ad;
···
1440
1440
1441
1441
/**
1442
1442
* smack_inode_remove_acl - Smack check for getting posix acls
1443
-
* @mnt_userns: the userns attached to the mnt this request came from
1443
+
* @idmap: idmap of the mnt this request came from
1444
1444
* @dentry: the object
1445
1445
* @acl_name: name of the posix acl
1446
1446
*
1447
1447
* Returns 0 if access is permitted, an error code otherwise
1448
1448
*/
1449
-
static int smack_inode_remove_acl(struct user_namespace *mnt_userns,
1449
+
static int smack_inode_remove_acl(struct mnt_idmap *idmap,
1450
1450
struct dentry *dentry, const char *acl_name)
1451
1451
{
1452
1452
struct smk_audit_info ad;