diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-02 14:11:09 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-02 14:11:09 -0400 |
| commit | 437589a74b6a590d175f86cf9f7b2efcee7765e7 (patch) | |
| tree | 37bf8635b1356d80ef002b00e84f3faf3d555a63 /fs/gfs2 | |
| parent | 68d47a137c3bef754923bccf73fb639c9b0bbd5e (diff) | |
| parent | 72235465864d84cedb2d9f26f8e1de824ee20339 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull user namespace changes from Eric Biederman:
"This is a mostly modest set of changes to enable basic user namespace
support. This allows the code to code to compile with user namespaces
enabled and removes the assumption there is only the initial user
namespace. Everything is converted except for the most complex of the
filesystems: autofs4, 9p, afs, ceph, cifs, coda, fuse, gfs2, ncpfs,
nfs, ocfs2 and xfs as those patches need a bit more review.
The strategy is to push kuid_t and kgid_t values are far down into
subsystems and filesystems as reasonable. Leaving the make_kuid and
from_kuid operations to happen at the edge of userspace, as the values
come off the disk, and as the values come in from the network.
Letting compile type incompatible compile errors (present when user
namespaces are enabled) guide me to find the issues.
The most tricky areas have been the places where we had an implicit
union of uid and gid values and were storing them in an unsigned int.
Those places were converted into explicit unions. I made certain to
handle those places with simple trivial patches.
Out of that work I discovered we have generic interfaces for storing
quota by projid. I had never heard of the project identifiers before.
Adding full user namespace support for project identifiers accounts
for most of the code size growth in my git tree.
Ultimately there will be work to relax privlige checks from
"capable(FOO)" to "ns_capable(user_ns, FOO)" where it is safe allowing
root in a user names to do those things that today we only forbid to
non-root users because it will confuse suid root applications.
While I was pushing kuid_t and kgid_t changes deep into the audit code
I made a few other cleanups. I capitalized on the fact we process
netlink messages in the context of the message sender. I removed
usage of NETLINK_CRED, and started directly using current->tty.
Some of these patches have also made it into maintainer trees, with no
problems from identical code from different trees showing up in
linux-next.
After reading through all of this code I feel like I might be able to
win a game of kernel trivial pursuit."
Fix up some fairly trivial conflicts in netfilter uid/git logging code.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (107 commits)
userns: Convert the ufs filesystem to use kuid/kgid where appropriate
userns: Convert the udf filesystem to use kuid/kgid where appropriate
userns: Convert ubifs to use kuid/kgid
userns: Convert squashfs to use kuid/kgid where appropriate
userns: Convert reiserfs to use kuid and kgid where appropriate
userns: Convert jfs to use kuid/kgid where appropriate
userns: Convert jffs2 to use kuid and kgid where appropriate
userns: Convert hpfs to use kuid and kgid where appropriate
userns: Convert btrfs to use kuid/kgid where appropriate
userns: Convert bfs to use kuid/kgid where appropriate
userns: Convert affs to use kuid/kgid wherwe appropriate
userns: On alpha modify linux_to_osf_stat to use convert from kuids and kgids
userns: On ia64 deal with current_uid and current_gid being kuid and kgid
userns: On ppc convert current_uid from a kuid before printing.
userns: Convert s390 getting uid and gid system calls to use kuid and kgid
userns: Convert s390 hypfs to use kuid and kgid where appropriate
userns: Convert binder ipc to use kuids
userns: Teach security_path_chown to take kuids and kgids
userns: Add user namespace support to IMA
userns: Convert EVM to deal with kuids and kgids in it's hmac computation
...
Diffstat (limited to 'fs/gfs2')
| -rw-r--r-- | fs/gfs2/acl.c | 14 | ||||
| -rw-r--r-- | fs/gfs2/quota.c | 32 |
2 files changed, 26 insertions, 20 deletions
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c index bd4a5892c93..f850020ad90 100644 --- a/fs/gfs2/acl.c +++ b/fs/gfs2/acl.c | |||
| @@ -63,7 +63,7 @@ struct posix_acl *gfs2_get_acl(struct inode *inode, int type) | |||
| 63 | if (len == 0) | 63 | if (len == 0) |
| 64 | return NULL; | 64 | return NULL; |
| 65 | 65 | ||
| 66 | acl = posix_acl_from_xattr(data, len); | 66 | acl = posix_acl_from_xattr(&init_user_ns, data, len); |
| 67 | kfree(data); | 67 | kfree(data); |
| 68 | return acl; | 68 | return acl; |
| 69 | } | 69 | } |
| @@ -88,13 +88,13 @@ static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl) | |||
| 88 | const char *name = gfs2_acl_name(type); | 88 | const char *name = gfs2_acl_name(type); |
| 89 | 89 | ||
| 90 | BUG_ON(name == NULL); | 90 | BUG_ON(name == NULL); |
| 91 | len = posix_acl_to_xattr(acl, NULL, 0); | 91 | len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0); |
| 92 | if (len == 0) | 92 | if (len == 0) |
| 93 | return 0; | 93 | return 0; |
| 94 | data = kmalloc(len, GFP_NOFS); | 94 | data = kmalloc(len, GFP_NOFS); |
| 95 | if (data == NULL) | 95 | if (data == NULL) |
| 96 | return -ENOMEM; | 96 | return -ENOMEM; |
| 97 | error = posix_acl_to_xattr(acl, data, len); | 97 | error = posix_acl_to_xattr(&init_user_ns, acl, data, len); |
| 98 | if (error < 0) | 98 | if (error < 0) |
| 99 | goto out; | 99 | goto out; |
| 100 | error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS); | 100 | error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS); |
| @@ -166,12 +166,12 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr) | |||
| 166 | if (error) | 166 | if (error) |
| 167 | return error; | 167 | return error; |
| 168 | 168 | ||
| 169 | len = posix_acl_to_xattr(acl, NULL, 0); | 169 | len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0); |
| 170 | data = kmalloc(len, GFP_NOFS); | 170 | data = kmalloc(len, GFP_NOFS); |
| 171 | error = -ENOMEM; | 171 | error = -ENOMEM; |
| 172 | if (data == NULL) | 172 | if (data == NULL) |
| 173 | goto out; | 173 | goto out; |
| 174 | posix_acl_to_xattr(acl, data, len); | 174 | posix_acl_to_xattr(&init_user_ns, acl, data, len); |
| 175 | error = gfs2_xattr_acl_chmod(ip, attr, data); | 175 | error = gfs2_xattr_acl_chmod(ip, attr, data); |
| 176 | kfree(data); | 176 | kfree(data); |
| 177 | set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl); | 177 | set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl); |
| @@ -212,7 +212,7 @@ static int gfs2_xattr_system_get(struct dentry *dentry, const char *name, | |||
| 212 | if (acl == NULL) | 212 | if (acl == NULL) |
| 213 | return -ENODATA; | 213 | return -ENODATA; |
| 214 | 214 | ||
| 215 | error = posix_acl_to_xattr(acl, buffer, size); | 215 | error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); |
| 216 | posix_acl_release(acl); | 216 | posix_acl_release(acl); |
| 217 | 217 | ||
| 218 | return error; | 218 | return error; |
| @@ -245,7 +245,7 @@ static int gfs2_xattr_system_set(struct dentry *dentry, const char *name, | |||
| 245 | if (!value) | 245 | if (!value) |
| 246 | goto set_acl; | 246 | goto set_acl; |
| 247 | 247 | ||
| 248 | acl = posix_acl_from_xattr(value, size); | 248 | acl = posix_acl_from_xattr(&init_user_ns, value, size); |
| 249 | if (!acl) { | 249 | if (!acl) { |
| 250 | /* | 250 | /* |
| 251 | * acl_set_file(3) may request that we set default ACLs with | 251 | * acl_set_file(3) may request that we set default ACLs with |
diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c index 4021deca61e..40c4b0d42fa 100644 --- a/fs/gfs2/quota.c +++ b/fs/gfs2/quota.c | |||
| @@ -1071,8 +1071,10 @@ int gfs2_quota_check(struct gfs2_inode *ip, u32 uid, u32 gid) | |||
| 1071 | 1071 | ||
| 1072 | if (be64_to_cpu(qd->qd_qb.qb_limit) && (s64)be64_to_cpu(qd->qd_qb.qb_limit) < value) { | 1072 | if (be64_to_cpu(qd->qd_qb.qb_limit) && (s64)be64_to_cpu(qd->qd_qb.qb_limit) < value) { |
| 1073 | print_message(qd, "exceeded"); | 1073 | print_message(qd, "exceeded"); |
| 1074 | quota_send_warning(test_bit(QDF_USER, &qd->qd_flags) ? | 1074 | quota_send_warning(make_kqid(&init_user_ns, |
| 1075 | USRQUOTA : GRPQUOTA, qd->qd_id, | 1075 | test_bit(QDF_USER, &qd->qd_flags) ? |
| 1076 | USRQUOTA : GRPQUOTA, | ||
| 1077 | qd->qd_id), | ||
| 1076 | sdp->sd_vfs->s_dev, QUOTA_NL_BHARDWARN); | 1078 | sdp->sd_vfs->s_dev, QUOTA_NL_BHARDWARN); |
| 1077 | 1079 | ||
| 1078 | error = -EDQUOT; | 1080 | error = -EDQUOT; |
| @@ -1082,8 +1084,10 @@ int gfs2_quota_check(struct gfs2_inode *ip, u32 uid, u32 gid) | |||
| 1082 | time_after_eq(jiffies, qd->qd_last_warn + | 1084 | time_after_eq(jiffies, qd->qd_last_warn + |
| 1083 | gfs2_tune_get(sdp, | 1085 | gfs2_tune_get(sdp, |
| 1084 | gt_quota_warn_period) * HZ)) { | 1086 | gt_quota_warn_period) * HZ)) { |
| 1085 | quota_send_warning(test_bit(QDF_USER, &qd->qd_flags) ? | 1087 | quota_send_warning(make_kqid(&init_user_ns, |
| 1086 | USRQUOTA : GRPQUOTA, qd->qd_id, | 1088 | test_bit(QDF_USER, &qd->qd_flags) ? |
| 1089 | USRQUOTA : GRPQUOTA, | ||
| 1090 | qd->qd_id), | ||
| 1087 | sdp->sd_vfs->s_dev, QUOTA_NL_BSOFTWARN); | 1091 | sdp->sd_vfs->s_dev, QUOTA_NL_BSOFTWARN); |
| 1088 | error = print_message(qd, "warning"); | 1092 | error = print_message(qd, "warning"); |
| 1089 | qd->qd_last_warn = jiffies; | 1093 | qd->qd_last_warn = jiffies; |
| @@ -1470,7 +1474,7 @@ static int gfs2_quota_get_xstate(struct super_block *sb, | |||
| 1470 | return 0; | 1474 | return 0; |
| 1471 | } | 1475 | } |
| 1472 | 1476 | ||
| 1473 | static int gfs2_get_dqblk(struct super_block *sb, int type, qid_t id, | 1477 | static int gfs2_get_dqblk(struct super_block *sb, struct kqid qid, |
| 1474 | struct fs_disk_quota *fdq) | 1478 | struct fs_disk_quota *fdq) |
| 1475 | { | 1479 | { |
| 1476 | struct gfs2_sbd *sdp = sb->s_fs_info; | 1480 | struct gfs2_sbd *sdp = sb->s_fs_info; |
| @@ -1478,20 +1482,21 @@ static int gfs2_get_dqblk(struct super_block *sb, int type, qid_t id, | |||
| 1478 | struct gfs2_quota_data *qd; | 1482 | struct gfs2_quota_data *qd; |
| 1479 | struct gfs2_holder q_gh; | 1483 | struct gfs2_holder q_gh; |
| 1480 | int error; | 1484 | int error; |
| 1485 | int type; | ||
| 1481 | 1486 | ||
| 1482 | memset(fdq, 0, sizeof(struct fs_disk_quota)); | 1487 | memset(fdq, 0, sizeof(struct fs_disk_quota)); |
| 1483 | 1488 | ||
| 1484 | if (sdp->sd_args.ar_quota == GFS2_QUOTA_OFF) | 1489 | if (sdp->sd_args.ar_quota == GFS2_QUOTA_OFF) |
| 1485 | return -ESRCH; /* Crazy XFS error code */ | 1490 | return -ESRCH; /* Crazy XFS error code */ |
| 1486 | 1491 | ||
| 1487 | if (type == USRQUOTA) | 1492 | if (qid.type == USRQUOTA) |
| 1488 | type = QUOTA_USER; | 1493 | type = QUOTA_USER; |
| 1489 | else if (type == GRPQUOTA) | 1494 | else if (qid.type == GRPQUOTA) |
| 1490 | type = QUOTA_GROUP; | 1495 | type = QUOTA_GROUP; |
| 1491 | else | 1496 | else |
| 1492 | return -EINVAL; | 1497 | return -EINVAL; |
| 1493 | 1498 | ||
| 1494 | error = qd_get(sdp, type, id, &qd); | 1499 | error = qd_get(sdp, type, from_kqid(&init_user_ns, qid), &qd); |
| 1495 | if (error) | 1500 | if (error) |
| 1496 | return error; | 1501 | return error; |
| 1497 | error = do_glock(qd, FORCE, &q_gh); | 1502 | error = do_glock(qd, FORCE, &q_gh); |
| @@ -1501,7 +1506,7 @@ static int gfs2_get_dqblk(struct super_block *sb, int type, qid_t id, | |||
| 1501 | qlvb = (struct gfs2_quota_lvb *)qd->qd_gl->gl_lvb; | 1506 | qlvb = (struct gfs2_quota_lvb *)qd->qd_gl->gl_lvb; |
| 1502 | fdq->d_version = FS_DQUOT_VERSION; | 1507 | fdq->d_version = FS_DQUOT_VERSION; |
| 1503 | fdq->d_flags = (type == QUOTA_USER) ? FS_USER_QUOTA : FS_GROUP_QUOTA; | 1508 | fdq->d_flags = (type == QUOTA_USER) ? FS_USER_QUOTA : FS_GROUP_QUOTA; |
| 1504 | fdq->d_id = id; | 1509 | fdq->d_id = from_kqid(&init_user_ns, qid); |
| 1505 | fdq->d_blk_hardlimit = be64_to_cpu(qlvb->qb_limit) << sdp->sd_fsb2bb_shift; | 1510 | fdq->d_blk_hardlimit = be64_to_cpu(qlvb->qb_limit) << sdp->sd_fsb2bb_shift; |
| 1506 | fdq->d_blk_softlimit = be64_to_cpu(qlvb->qb_warn) << sdp->sd_fsb2bb_shift; | 1511 | fdq->d_blk_softlimit = be64_to_cpu(qlvb->qb_warn) << sdp->sd_fsb2bb_shift; |
| 1507 | fdq->d_bcount = be64_to_cpu(qlvb->qb_value) << sdp->sd_fsb2bb_shift; | 1512 | fdq->d_bcount = be64_to_cpu(qlvb->qb_value) << sdp->sd_fsb2bb_shift; |
| @@ -1515,7 +1520,7 @@ out: | |||
| 1515 | /* GFS2 only supports a subset of the XFS fields */ | 1520 | /* GFS2 only supports a subset of the XFS fields */ |
| 1516 | #define GFS2_FIELDMASK (FS_DQ_BSOFT|FS_DQ_BHARD|FS_DQ_BCOUNT) | 1521 | #define GFS2_FIELDMASK (FS_DQ_BSOFT|FS_DQ_BHARD|FS_DQ_BCOUNT) |
| 1517 | 1522 | ||
| 1518 | static int gfs2_set_dqblk(struct super_block *sb, int type, qid_t id, | 1523 | static int gfs2_set_dqblk(struct super_block *sb, struct kqid qid, |
| 1519 | struct fs_disk_quota *fdq) | 1524 | struct fs_disk_quota *fdq) |
| 1520 | { | 1525 | { |
| 1521 | struct gfs2_sbd *sdp = sb->s_fs_info; | 1526 | struct gfs2_sbd *sdp = sb->s_fs_info; |
| @@ -1527,11 +1532,12 @@ static int gfs2_set_dqblk(struct super_block *sb, int type, qid_t id, | |||
| 1527 | int alloc_required; | 1532 | int alloc_required; |
| 1528 | loff_t offset; | 1533 | loff_t offset; |
| 1529 | int error; | 1534 | int error; |
| 1535 | int type; | ||
| 1530 | 1536 | ||
| 1531 | if (sdp->sd_args.ar_quota == GFS2_QUOTA_OFF) | 1537 | if (sdp->sd_args.ar_quota == GFS2_QUOTA_OFF) |
| 1532 | return -ESRCH; /* Crazy XFS error code */ | 1538 | return -ESRCH; /* Crazy XFS error code */ |
| 1533 | 1539 | ||
| 1534 | switch(type) { | 1540 | switch(qid.type) { |
| 1535 | case USRQUOTA: | 1541 | case USRQUOTA: |
| 1536 | type = QUOTA_USER; | 1542 | type = QUOTA_USER; |
| 1537 | if (fdq->d_flags != FS_USER_QUOTA) | 1543 | if (fdq->d_flags != FS_USER_QUOTA) |
| @@ -1548,10 +1554,10 @@ static int gfs2_set_dqblk(struct super_block *sb, int type, qid_t id, | |||
| 1548 | 1554 | ||
| 1549 | if (fdq->d_fieldmask & ~GFS2_FIELDMASK) | 1555 | if (fdq->d_fieldmask & ~GFS2_FIELDMASK) |
| 1550 | return -EINVAL; | 1556 | return -EINVAL; |
| 1551 | if (fdq->d_id != id) | 1557 | if (fdq->d_id != from_kqid(&init_user_ns, qid)) |
| 1552 | return -EINVAL; | 1558 | return -EINVAL; |
| 1553 | 1559 | ||
| 1554 | error = qd_get(sdp, type, id, &qd); | 1560 | error = qd_get(sdp, type, from_kqid(&init_user_ns, qid), &qd); |
| 1555 | if (error) | 1561 | if (error) |
| 1556 | return error; | 1562 | return error; |
| 1557 | 1563 | ||