tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
userns: Convert extN to support kuids and kgids in posix acls
Convert ext2, ext3, and ext4 to fully support the posix acl changes,
using e_uid e_gid instead e_id.
Enabled building with posix acls enabled, all filesystems supporting
user namespaces, now also support posix acls when user namespaces are enabled.
Cc: Theodore Tso <tytso@mit.edu>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andreas Dilger <adilger.kernel@dilger.ca>
Cc: Jan Kara <jack@suse.cz>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
+60
-24
+20
-8
fs/ext2/acl.c
+20
-8
fs/ext2/acl.c
···
53
53
case ACL_OTHER:
54
54
value = (char *)value +
55
55
sizeof(ext2_acl_entry_short);
56
-
acl->a_entries[n].e_id = ACL_UNDEFINED_ID;
57
56
break;
58
57
59
58
case ACL_USER:
59
+
value = (char *)value + sizeof(ext2_acl_entry);
60
+
if ((char *)value > end)
61
+
goto fail;
62
+
acl->a_entries[n].e_uid =
63
+
make_kuid(&init_user_ns,
64
+
le32_to_cpu(entry->e_id));
65
+
break;
60
66
case ACL_GROUP:
61
67
value = (char *)value + sizeof(ext2_acl_entry);
62
68
if ((char *)value > end)
63
69
goto fail;
64
-
acl->a_entries[n].e_id =
65
-
le32_to_cpu(entry->e_id);
70
+
acl->a_entries[n].e_gid =
71
+
make_kgid(&init_user_ns,
72
+
le32_to_cpu(entry->e_id));
66
73
break;
67
74
68
75
default:
···
103
96
ext_acl->a_version = cpu_to_le32(EXT2_ACL_VERSION);
104
97
e = (char *)ext_acl + sizeof(ext2_acl_header);
105
98
for (n=0; n < acl->a_count; n++) {
99
+
const struct posix_acl_entry *acl_e = &acl->a_entries[n];
106
100
ext2_acl_entry *entry = (ext2_acl_entry *)e;
107
-
entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag);
108
-
entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm);
109
-
switch(acl->a_entries[n].e_tag) {
101
+
entry->e_tag = cpu_to_le16(acl_e->e_tag);
102
+
entry->e_perm = cpu_to_le16(acl_e->e_perm);
103
+
switch(acl_e->e_tag) {
110
104
case ACL_USER:
105
+
entry->e_id = cpu_to_le32(
106
+
from_kuid(&init_user_ns, acl_e->e_uid));
107
+
e += sizeof(ext2_acl_entry);
108
+
break;
111
109
case ACL_GROUP:
112
-
entry->e_id =
113
-
cpu_to_le32(acl->a_entries[n].e_id);
110
+
entry->e_id = cpu_to_le32(
111
+
from_kgid(&init_user_ns, acl_e->e_gid));
114
112
e += sizeof(ext2_acl_entry);
115
113
break;
116
114
+20
-8
fs/ext3/acl.c
+20
-8
fs/ext3/acl.c
···
48
48
case ACL_OTHER:
49
49
value = (char *)value +
50
50
sizeof(ext3_acl_entry_short);
51
-
acl->a_entries[n].e_id = ACL_UNDEFINED_ID;
52
51
break;
53
52
54
53
case ACL_USER:
54
+
value = (char *)value + sizeof(ext3_acl_entry);
55
+
if ((char *)value > end)
56
+
goto fail;
57
+
acl->a_entries[n].e_uid =
58
+
make_kuid(&init_user_ns,
59
+
le32_to_cpu(entry->e_id));
60
+
break;
55
61
case ACL_GROUP:
56
62
value = (char *)value + sizeof(ext3_acl_entry);
57
63
if ((char *)value > end)
58
64
goto fail;
59
-
acl->a_entries[n].e_id =
60
-
le32_to_cpu(entry->e_id);
65
+
acl->a_entries[n].e_gid =
66
+
make_kgid(&init_user_ns,
67
+
le32_to_cpu(entry->e_id));
61
68
break;
62
69
63
70
default:
···
98
91
ext_acl->a_version = cpu_to_le32(EXT3_ACL_VERSION);
99
92
e = (char *)ext_acl + sizeof(ext3_acl_header);
100
93
for (n=0; n < acl->a_count; n++) {
94
+
const struct posix_acl_entry *acl_e = &acl->a_entries[n];
101
95
ext3_acl_entry *entry = (ext3_acl_entry *)e;
102
-
entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag);
103
-
entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm);
104
-
switch(acl->a_entries[n].e_tag) {
96
+
entry->e_tag = cpu_to_le16(acl_e->e_tag);
97
+
entry->e_perm = cpu_to_le16(acl_e->e_perm);
98
+
switch(acl_e->e_tag) {
105
99
case ACL_USER:
100
+
entry->e_id = cpu_to_le32(
101
+
from_kuid(&init_user_ns, acl_e->e_uid));
102
+
e += sizeof(ext3_acl_entry);
103
+
break;
106
104
case ACL_GROUP:
107
-
entry->e_id =
108
-
cpu_to_le32(acl->a_entries[n].e_id);
105
+
entry->e_id = cpu_to_le32(
106
+
from_kgid(&init_user_ns, acl_e->e_gid));
109
107
e += sizeof(ext3_acl_entry);
110
108
break;
111
109
+20
-7
fs/ext4/acl.c
+20
-7
fs/ext4/acl.c
···
55
55
case ACL_OTHER:
56
56
value = (char *)value +
57
57
sizeof(ext4_acl_entry_short);
58
-
acl->a_entries[n].e_id = ACL_UNDEFINED_ID;
59
58
break;
60
59
61
60
case ACL_USER:
61
+
value = (char *)value + sizeof(ext4_acl_entry);
62
+
if ((char *)value > end)
63
+
goto fail;
64
+
acl->a_entries[n].e_uid =
65
+
make_kuid(&init_user_ns,
66
+
le32_to_cpu(entry->e_id));
67
+
break;
62
68
case ACL_GROUP:
63
69
value = (char *)value + sizeof(ext4_acl_entry);
64
70
if ((char *)value > end)
65
71
goto fail;
66
-
acl->a_entries[n].e_id =
67
-
le32_to_cpu(entry->e_id);
72
+
acl->a_entries[n].e_gid =
73
+
make_kgid(&init_user_ns,
74
+
le32_to_cpu(entry->e_id));
68
75
break;
69
76
70
77
default:
···
105
98
ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION);
106
99
e = (char *)ext_acl + sizeof(ext4_acl_header);
107
100
for (n = 0; n < acl->a_count; n++) {
101
+
const struct posix_acl_entry *acl_e = &acl->a_entries[n];
108
102
ext4_acl_entry *entry = (ext4_acl_entry *)e;
109
-
entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag);
110
-
entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm);
111
-
switch (acl->a_entries[n].e_tag) {
103
+
entry->e_tag = cpu_to_le16(acl_e->e_tag);
104
+
entry->e_perm = cpu_to_le16(acl_e->e_perm);
105
+
switch (acl_e->e_tag) {
112
106
case ACL_USER:
107
+
entry->e_id = cpu_to_le32(
108
+
from_kuid(&init_user_ns, acl_e->e_uid));
109
+
e += sizeof(ext4_acl_entry);
110
+
break;
113
111
case ACL_GROUP:
114
-
entry->e_id = cpu_to_le32(acl->a_entries[n].e_id);
112
+
entry->e_id = cpu_to_le32(
113
+
from_kgid(&init_user_ns, acl_e->e_gid));
115
114
e += sizeof(ext4_acl_entry);
116
115
break;
117
116