diff options
| author | Trond Myklebust <trondmy@gmail.com> | 2019-04-09 12:13:42 -0400 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2019-04-24 09:46:35 -0400 |
| commit | e45d1a1835b889676374fb74ff4d0e6b06ad173f (patch) | |
| tree | ccb99869e92ef128774ab5a9f2405d3e869a4a80 /fs/nfsd/export.c | |
| parent | e6667c73a27d80078f8d7fca516d6b14bc4e18a7 (diff) | |
nfsd: knfsd must use the container user namespace
Convert knfsd to use the user namespace of the container that started
the server processes.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd/export.c')
| -rw-r--r-- | fs/nfsd/export.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c index 802993d8912f..baa01956a5b3 100644 --- a/fs/nfsd/export.c +++ b/fs/nfsd/export.c | |||
| @@ -570,13 +570,13 @@ static int svc_export_parse(struct cache_detail *cd, char *mesg, int mlen) | |||
| 570 | err = get_int(&mesg, &an_int); | 570 | err = get_int(&mesg, &an_int); |
| 571 | if (err) | 571 | if (err) |
| 572 | goto out3; | 572 | goto out3; |
| 573 | exp.ex_anon_uid= make_kuid(&init_user_ns, an_int); | 573 | exp.ex_anon_uid= make_kuid(current_user_ns(), an_int); |
| 574 | 574 | ||
| 575 | /* anon gid */ | 575 | /* anon gid */ |
| 576 | err = get_int(&mesg, &an_int); | 576 | err = get_int(&mesg, &an_int); |
| 577 | if (err) | 577 | if (err) |
| 578 | goto out3; | 578 | goto out3; |
| 579 | exp.ex_anon_gid= make_kgid(&init_user_ns, an_int); | 579 | exp.ex_anon_gid= make_kgid(current_user_ns(), an_int); |
| 580 | 580 | ||
| 581 | /* fsid */ | 581 | /* fsid */ |
| 582 | err = get_int(&mesg, &an_int); | 582 | err = get_int(&mesg, &an_int); |
| @@ -1170,15 +1170,17 @@ static void show_secinfo(struct seq_file *m, struct svc_export *exp) | |||
| 1170 | static void exp_flags(struct seq_file *m, int flag, int fsid, | 1170 | static void exp_flags(struct seq_file *m, int flag, int fsid, |
| 1171 | kuid_t anonu, kgid_t anong, struct nfsd4_fs_locations *fsloc) | 1171 | kuid_t anonu, kgid_t anong, struct nfsd4_fs_locations *fsloc) |
| 1172 | { | 1172 | { |
| 1173 | struct user_namespace *userns = m->file->f_cred->user_ns; | ||
| 1174 | |||
| 1173 | show_expflags(m, flag, NFSEXP_ALLFLAGS); | 1175 | show_expflags(m, flag, NFSEXP_ALLFLAGS); |
| 1174 | if (flag & NFSEXP_FSID) | 1176 | if (flag & NFSEXP_FSID) |
| 1175 | seq_printf(m, ",fsid=%d", fsid); | 1177 | seq_printf(m, ",fsid=%d", fsid); |
| 1176 | if (!uid_eq(anonu, make_kuid(&init_user_ns, (uid_t)-2)) && | 1178 | if (!uid_eq(anonu, make_kuid(userns, (uid_t)-2)) && |
| 1177 | !uid_eq(anonu, make_kuid(&init_user_ns, 0x10000-2))) | 1179 | !uid_eq(anonu, make_kuid(userns, 0x10000-2))) |
| 1178 | seq_printf(m, ",anonuid=%u", from_kuid(&init_user_ns, anonu)); | 1180 | seq_printf(m, ",anonuid=%u", from_kuid_munged(userns, anonu)); |
| 1179 | if (!gid_eq(anong, make_kgid(&init_user_ns, (gid_t)-2)) && | 1181 | if (!gid_eq(anong, make_kgid(userns, (gid_t)-2)) && |
| 1180 | !gid_eq(anong, make_kgid(&init_user_ns, 0x10000-2))) | 1182 | !gid_eq(anong, make_kgid(userns, 0x10000-2))) |
| 1181 | seq_printf(m, ",anongid=%u", from_kgid(&init_user_ns, anong)); | 1183 | seq_printf(m, ",anongid=%u", from_kgid_munged(userns, anong)); |
| 1182 | if (fsloc && fsloc->locations_count > 0) { | 1184 | if (fsloc && fsloc->locations_count > 0) { |
| 1183 | char *loctype = (fsloc->migrated) ? "refer" : "replicas"; | 1185 | char *loctype = (fsloc->migrated) ? "refer" : "replicas"; |
| 1184 | int i; | 1186 | int i; |