diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-10 23:44:54 -0400 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-18 04:01:36 -0400 |
| commit | af84df93ffe3603fc6fc40a4338f9e740aad3b4e (patch) | |
| tree | 872cd463edcf18c4caba8eb218e0581c2cd91c76 | |
| parent | 5f3a4a28ec140a90e6058d1d09f6b1f235d485e5 (diff) | |
userns: Convert extN to support kuids and kgids in posix acls
Convert ext2, ext3, and ext4 to fully support the posix acl changes,
using e_uid e_gid instead e_id.
Enabled building with posix acls enabled, all filesystems supporting
user namespaces, now also support posix acls when user namespaces are enabled.
Cc: Theodore Tso <tytso@mit.edu>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andreas Dilger <adilger.kernel@dilger.ca>
Cc: Jan Kara <jack@suse.cz>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
| -rw-r--r-- | fs/ext2/acl.c | 28 | ||||
| -rw-r--r-- | fs/ext3/acl.c | 28 | ||||
| -rw-r--r-- | fs/ext4/acl.c | 27 | ||||
| -rw-r--r-- | init/Kconfig | 1 |
4 files changed, 60 insertions, 24 deletions
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c index 70bb1bccc957..110b6b371a4e 100644 --- a/fs/ext2/acl.c +++ b/fs/ext2/acl.c | |||
| @@ -53,16 +53,23 @@ ext2_acl_from_disk(const void *value, size_t size) | |||
| 53 | case ACL_OTHER: | 53 | case ACL_OTHER: |
| 54 | value = (char *)value + | 54 | value = (char *)value + |
| 55 | sizeof(ext2_acl_entry_short); | 55 | sizeof(ext2_acl_entry_short); |
| 56 | acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | ||
| 57 | break; | 56 | break; |
| 58 | 57 | ||
| 59 | case ACL_USER: | 58 | case ACL_USER: |
| 59 | value = (char *)value + sizeof(ext2_acl_entry); | ||
| 60 | if ((char *)value > end) | ||
| 61 | goto fail; | ||
| 62 | acl->a_entries[n].e_uid = | ||
| 63 | make_kuid(&init_user_ns, | ||
| 64 | le32_to_cpu(entry->e_id)); | ||
| 65 | break; | ||
| 60 | case ACL_GROUP: | 66 | case ACL_GROUP: |
| 61 | value = (char *)value + sizeof(ext2_acl_entry); | 67 | value = (char *)value + sizeof(ext2_acl_entry); |
| 62 | if ((char *)value > end) | 68 | if ((char *)value > end) |
| 63 | goto fail; | 69 | goto fail; |
| 64 | acl->a_entries[n].e_id = | 70 | acl->a_entries[n].e_gid = |
| 65 | le32_to_cpu(entry->e_id); | 71 | make_kgid(&init_user_ns, |
| 72 | le32_to_cpu(entry->e_id)); | ||
| 66 | break; | 73 | break; |
| 67 | 74 | ||
| 68 | default: | 75 | default: |
| @@ -96,14 +103,19 @@ ext2_acl_to_disk(const struct posix_acl *acl, size_t *size) | |||
| 96 | ext_acl->a_version = cpu_to_le32(EXT2_ACL_VERSION); | 103 | ext_acl->a_version = cpu_to_le32(EXT2_ACL_VERSION); |
| 97 | e = (char *)ext_acl + sizeof(ext2_acl_header); | 104 | e = (char *)ext_acl + sizeof(ext2_acl_header); |
| 98 | for (n=0; n < acl->a_count; n++) { | 105 | for (n=0; n < acl->a_count; n++) { |
| 106 | const struct posix_acl_entry *acl_e = &acl->a_entries[n]; | ||
| 99 | ext2_acl_entry *entry = (ext2_acl_entry *)e; | 107 | ext2_acl_entry *entry = (ext2_acl_entry *)e; |
| 100 | entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | 108 | entry->e_tag = cpu_to_le16(acl_e->e_tag); |
| 101 | entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | 109 | entry->e_perm = cpu_to_le16(acl_e->e_perm); |
| 102 | switch(acl->a_entries[n].e_tag) { | 110 | switch(acl_e->e_tag) { |
| 103 | case ACL_USER: | 111 | case ACL_USER: |
| 112 | entry->e_id = cpu_to_le32( | ||
| 113 | from_kuid(&init_user_ns, acl_e->e_uid)); | ||
| 114 | e += sizeof(ext2_acl_entry); | ||
| 115 | break; | ||
| 104 | case ACL_GROUP: | 116 | case ACL_GROUP: |
| 105 | entry->e_id = | 117 | entry->e_id = cpu_to_le32( |
| 106 | cpu_to_le32(acl->a_entries[n].e_id); | 118 | from_kgid(&init_user_ns, acl_e->e_gid)); |
| 107 | e += sizeof(ext2_acl_entry); | 119 | e += sizeof(ext2_acl_entry); |
| 108 | break; | 120 | break; |
| 109 | 121 | ||
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c index 2cf6a8044c80..dbb5ad59a7fc 100644 --- a/fs/ext3/acl.c +++ b/fs/ext3/acl.c | |||
| @@ -48,16 +48,23 @@ ext3_acl_from_disk(const void *value, size_t size) | |||
| 48 | case ACL_OTHER: | 48 | case ACL_OTHER: |
| 49 | value = (char *)value + | 49 | value = (char *)value + |
| 50 | sizeof(ext3_acl_entry_short); | 50 | sizeof(ext3_acl_entry_short); |
| 51 | acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | ||
| 52 | break; | 51 | break; |
| 53 | 52 | ||
| 54 | case ACL_USER: | 53 | case ACL_USER: |
| 54 | value = (char *)value + sizeof(ext3_acl_entry); | ||
| 55 | if ((char *)value > end) | ||
| 56 | goto fail; | ||
| 57 | acl->a_entries[n].e_uid = | ||
| 58 | make_kuid(&init_user_ns, | ||
| 59 | le32_to_cpu(entry->e_id)); | ||
| 60 | break; | ||
| 55 | case ACL_GROUP: | 61 | case ACL_GROUP: |
| 56 | value = (char *)value + sizeof(ext3_acl_entry); | 62 | value = (char *)value + sizeof(ext3_acl_entry); |
| 57 | if ((char *)value > end) | 63 | if ((char *)value > end) |
| 58 | goto fail; | 64 | goto fail; |
| 59 | acl->a_entries[n].e_id = | 65 | acl->a_entries[n].e_gid = |
| 60 | le32_to_cpu(entry->e_id); | 66 | make_kgid(&init_user_ns, |
| 67 | le32_to_cpu(entry->e_id)); | ||
| 61 | break; | 68 | break; |
| 62 | 69 | ||
| 63 | default: | 70 | default: |
| @@ -91,14 +98,19 @@ ext3_acl_to_disk(const struct posix_acl *acl, size_t *size) | |||
| 91 | ext_acl->a_version = cpu_to_le32(EXT3_ACL_VERSION); | 98 | ext_acl->a_version = cpu_to_le32(EXT3_ACL_VERSION); |
| 92 | e = (char *)ext_acl + sizeof(ext3_acl_header); | 99 | e = (char *)ext_acl + sizeof(ext3_acl_header); |
| 93 | for (n=0; n < acl->a_count; n++) { | 100 | for (n=0; n < acl->a_count; n++) { |
| 101 | const struct posix_acl_entry *acl_e = &acl->a_entries[n]; | ||
| 94 | ext3_acl_entry *entry = (ext3_acl_entry *)e; | 102 | ext3_acl_entry *entry = (ext3_acl_entry *)e; |
| 95 | entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | 103 | entry->e_tag = cpu_to_le16(acl_e->e_tag); |
| 96 | entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | 104 | entry->e_perm = cpu_to_le16(acl_e->e_perm); |
| 97 | switch(acl->a_entries[n].e_tag) { | 105 | switch(acl_e->e_tag) { |
| 98 | case ACL_USER: | 106 | case ACL_USER: |
| 107 | entry->e_id = cpu_to_le32( | ||
| 108 | from_kuid(&init_user_ns, acl_e->e_uid)); | ||
| 109 | e += sizeof(ext3_acl_entry); | ||
| 110 | break; | ||
| 99 | case ACL_GROUP: | 111 | case ACL_GROUP: |
| 100 | entry->e_id = | 112 | entry->e_id = cpu_to_le32( |
| 101 | cpu_to_le32(acl->a_entries[n].e_id); | 113 | from_kgid(&init_user_ns, acl_e->e_gid)); |
| 102 | e += sizeof(ext3_acl_entry); | 114 | e += sizeof(ext3_acl_entry); |
| 103 | break; | 115 | break; |
| 104 | 116 | ||
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c index 42b95fccfb2f..d3c5b88fd89f 100644 --- a/fs/ext4/acl.c +++ b/fs/ext4/acl.c | |||
| @@ -55,16 +55,23 @@ ext4_acl_from_disk(const void *value, size_t size) | |||
| 55 | case ACL_OTHER: | 55 | case ACL_OTHER: |
| 56 | value = (char *)value + | 56 | value = (char *)value + |
| 57 | sizeof(ext4_acl_entry_short); | 57 | sizeof(ext4_acl_entry_short); |
| 58 | acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | ||
| 59 | break; | 58 | break; |
| 60 | 59 | ||
| 61 | case ACL_USER: | 60 | case ACL_USER: |
| 61 | value = (char *)value + sizeof(ext4_acl_entry); | ||
| 62 | if ((char *)value > end) | ||
| 63 | goto fail; | ||
| 64 | acl->a_entries[n].e_uid = | ||
| 65 | make_kuid(&init_user_ns, | ||
| 66 | le32_to_cpu(entry->e_id)); | ||
| 67 | break; | ||
| 62 | case ACL_GROUP: | 68 | case ACL_GROUP: |
| 63 | value = (char *)value + sizeof(ext4_acl_entry); | 69 | value = (char *)value + sizeof(ext4_acl_entry); |
| 64 | if ((char *)value > end) | 70 | if ((char *)value > end) |
| 65 | goto fail; | 71 | goto fail; |
| 66 | acl->a_entries[n].e_id = | 72 | acl->a_entries[n].e_gid = |
| 67 | le32_to_cpu(entry->e_id); | 73 | make_kgid(&init_user_ns, |
| 74 | le32_to_cpu(entry->e_id)); | ||
| 68 | break; | 75 | break; |
| 69 | 76 | ||
| 70 | default: | 77 | default: |
| @@ -98,13 +105,19 @@ ext4_acl_to_disk(const struct posix_acl *acl, size_t *size) | |||
| 98 | ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION); | 105 | ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION); |
| 99 | e = (char *)ext_acl + sizeof(ext4_acl_header); | 106 | e = (char *)ext_acl + sizeof(ext4_acl_header); |
| 100 | for (n = 0; n < acl->a_count; n++) { | 107 | for (n = 0; n < acl->a_count; n++) { |
| 108 | const struct posix_acl_entry *acl_e = &acl->a_entries[n]; | ||
| 101 | ext4_acl_entry *entry = (ext4_acl_entry *)e; | 109 | ext4_acl_entry *entry = (ext4_acl_entry *)e; |
| 102 | entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | 110 | entry->e_tag = cpu_to_le16(acl_e->e_tag); |
| 103 | entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | 111 | entry->e_perm = cpu_to_le16(acl_e->e_perm); |
| 104 | switch (acl->a_entries[n].e_tag) { | 112 | switch (acl_e->e_tag) { |
| 105 | case ACL_USER: | 113 | case ACL_USER: |
| 114 | entry->e_id = cpu_to_le32( | ||
| 115 | from_kuid(&init_user_ns, acl_e->e_uid)); | ||
| 116 | e += sizeof(ext4_acl_entry); | ||
| 117 | break; | ||
| 106 | case ACL_GROUP: | 118 | case ACL_GROUP: |
| 107 | entry->e_id = cpu_to_le32(acl->a_entries[n].e_id); | 119 | entry->e_id = cpu_to_le32( |
| 120 | from_kgid(&init_user_ns, acl_e->e_gid)); | ||
| 108 | e += sizeof(ext4_acl_entry); | 121 | e += sizeof(ext4_acl_entry); |
| 109 | break; | 122 | break; |
| 110 | 123 | ||
diff --git a/init/Kconfig b/init/Kconfig index 2a388e569a28..ed6310b6042b 100644 --- a/init/Kconfig +++ b/init/Kconfig | |||
| @@ -927,7 +927,6 @@ config UIDGID_CONVERTED | |||
| 927 | # Features | 927 | # Features |
| 928 | depends on IMA = n | 928 | depends on IMA = n |
| 929 | depends on EVM = n | 929 | depends on EVM = n |
| 930 | depends on FS_POSIX_ACL = n | ||
| 931 | depends on QUOTA = n | 930 | depends on QUOTA = n |
| 932 | depends on QUOTACTL = n | 931 | depends on QUOTACTL = n |
| 933 | 932 | ||