aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-09-10 23:17:44 -0400
committerEric W. Biederman <ebiederm@xmission.com>2012-09-18 04:01:35 -0400
commit5f3a4a28ec140a90e6058d1d09f6b1f235d485e5 (patch)
treea8fc30f22d94033bd5bb4ccfe5218b01bfafcc50 /fs
parent2f6f0654ab61961fd0f7701fe3be89ea111f0cda (diff)
userns: Pass a userns parameter into posix_acl_to_xattr and posix_acl_from_xattr
- Pass the user namespace the uid and gid values in the xattr are stored in into posix_acl_from_xattr. - Pass the user namespace kuid and kgid values should be converted into when storing uid and gid values in an xattr in posix_acl_to_xattr. - Modify all callers of posix_acl_from_xattr and posix_acl_to_xattr to pass in &init_user_ns. In the short term this change is not strictly needed but it makes the code clearer. In the longer term this change is necessary to be able to mount filesystems outside of the initial user namespace that natively store posix acls in the linux xattr format. Cc: Theodore Tso <tytso@mit.edu> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andreas Dilger <adilger.kernel@dilger.ca> Cc: Jan Kara <jack@suse.cz> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/9p/acl.c8
-rw-r--r--fs/btrfs/acl.c8
-rw-r--r--fs/ext2/acl.c4
-rw-r--r--fs/ext3/acl.c4
-rw-r--r--fs/ext4/acl.c4
-rw-r--r--fs/generic_acl.c4
-rw-r--r--fs/gfs2/acl.c14
-rw-r--r--fs/jffs2/acl.c4
-rw-r--r--fs/jfs/acl.c4
-rw-r--r--fs/jfs/xattr.c4
-rw-r--r--fs/nfs/nfs3acl.c4
-rw-r--r--fs/nfsd/vfs.c8
-rw-r--r--fs/ocfs2/acl.c4
-rw-r--r--fs/reiserfs/xattr_acl.c4
-rw-r--r--fs/xattr_acl.c14
-rw-r--r--fs/xfs/xfs_acl.c4
16 files changed, 49 insertions, 47 deletions
diff --git a/fs/9p/acl.c b/fs/9p/acl.c
index 9a1d42630751..15b679166201 100644
--- a/fs/9p/acl.c
+++ b/fs/9p/acl.c
@@ -37,7 +37,7 @@ static struct posix_acl *__v9fs_get_acl(struct p9_fid *fid, char *name)
37 return ERR_PTR(-ENOMEM); 37 return ERR_PTR(-ENOMEM);
38 size = v9fs_fid_xattr_get(fid, name, value, size); 38 size = v9fs_fid_xattr_get(fid, name, value, size);
39 if (size > 0) { 39 if (size > 0) {
40 acl = posix_acl_from_xattr(value, size); 40 acl = posix_acl_from_xattr(&init_user_ns, value, size);
41 if (IS_ERR(acl)) 41 if (IS_ERR(acl))
42 goto err_out; 42 goto err_out;
43 } 43 }
@@ -131,7 +131,7 @@ static int v9fs_set_acl(struct dentry *dentry, int type, struct posix_acl *acl)
131 buffer = kmalloc(size, GFP_KERNEL); 131 buffer = kmalloc(size, GFP_KERNEL);
132 if (!buffer) 132 if (!buffer)
133 return -ENOMEM; 133 return -ENOMEM;
134 retval = posix_acl_to_xattr(acl, buffer, size); 134 retval = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
135 if (retval < 0) 135 if (retval < 0)
136 goto err_free_out; 136 goto err_free_out;
137 switch (type) { 137 switch (type) {
@@ -251,7 +251,7 @@ static int v9fs_xattr_get_acl(struct dentry *dentry, const char *name,
251 return PTR_ERR(acl); 251 return PTR_ERR(acl);
252 if (acl == NULL) 252 if (acl == NULL)
253 return -ENODATA; 253 return -ENODATA;
254 error = posix_acl_to_xattr(acl, buffer, size); 254 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
255 posix_acl_release(acl); 255 posix_acl_release(acl);
256 256
257 return error; 257 return error;
@@ -304,7 +304,7 @@ static int v9fs_xattr_set_acl(struct dentry *dentry, const char *name,
304 return -EPERM; 304 return -EPERM;
305 if (value) { 305 if (value) {
306 /* update the cached acl value */ 306 /* update the cached acl value */
307 acl = posix_acl_from_xattr(value, size); 307 acl = posix_acl_from_xattr(&init_user_ns, value, size);
308 if (IS_ERR(acl)) 308 if (IS_ERR(acl))
309 return PTR_ERR(acl); 309 return PTR_ERR(acl);
310 else if (acl) { 310 else if (acl) {
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c
index 761e2cd8fed1..0c16e3dbfd56 100644
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -61,7 +61,7 @@ struct posix_acl *btrfs_get_acl(struct inode *inode, int type)
61 size = __btrfs_getxattr(inode, name, value, size); 61 size = __btrfs_getxattr(inode, name, value, size);
62 } 62 }
63 if (size > 0) { 63 if (size > 0) {
64 acl = posix_acl_from_xattr(value, size); 64 acl = posix_acl_from_xattr(&init_user_ns, value, size);
65 } else if (size == -ENOENT || size == -ENODATA || size == 0) { 65 } else if (size == -ENOENT || size == -ENODATA || size == 0) {
66 /* FIXME, who returns -ENOENT? I think nobody */ 66 /* FIXME, who returns -ENOENT? I think nobody */
67 acl = NULL; 67 acl = NULL;
@@ -91,7 +91,7 @@ static int btrfs_xattr_acl_get(struct dentry *dentry, const char *name,
91 return PTR_ERR(acl); 91 return PTR_ERR(acl);
92 if (acl == NULL) 92 if (acl == NULL)
93 return -ENODATA; 93 return -ENODATA;
94 ret = posix_acl_to_xattr(acl, value, size); 94 ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
95 posix_acl_release(acl); 95 posix_acl_release(acl);
96 96
97 return ret; 97 return ret;
@@ -141,7 +141,7 @@ static int btrfs_set_acl(struct btrfs_trans_handle *trans,
141 goto out; 141 goto out;
142 } 142 }
143 143
144 ret = posix_acl_to_xattr(acl, value, size); 144 ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
145 if (ret < 0) 145 if (ret < 0)
146 goto out; 146 goto out;
147 } 147 }
@@ -169,7 +169,7 @@ static int btrfs_xattr_acl_set(struct dentry *dentry, const char *name,
169 return -EOPNOTSUPP; 169 return -EOPNOTSUPP;
170 170
171 if (value) { 171 if (value) {
172 acl = posix_acl_from_xattr(value, size); 172 acl = posix_acl_from_xattr(&init_user_ns, value, size);
173 if (IS_ERR(acl)) 173 if (IS_ERR(acl))
174 return PTR_ERR(acl); 174 return PTR_ERR(acl);
175 175
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 35d6a3cfd9ff..70bb1bccc957 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -350,7 +350,7 @@ ext2_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
350 return PTR_ERR(acl); 350 return PTR_ERR(acl);
351 if (acl == NULL) 351 if (acl == NULL)
352 return -ENODATA; 352 return -ENODATA;
353 error = posix_acl_to_xattr(acl, buffer, size); 353 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
354 posix_acl_release(acl); 354 posix_acl_release(acl);
355 355
356 return error; 356 return error;
@@ -371,7 +371,7 @@ ext2_xattr_set_acl(struct dentry *dentry, const char *name, const void *value,
371 return -EPERM; 371 return -EPERM;
372 372
373 if (value) { 373 if (value) {
374 acl = posix_acl_from_xattr(value, size); 374 acl = posix_acl_from_xattr(&init_user_ns, value, size);
375 if (IS_ERR(acl)) 375 if (IS_ERR(acl))
376 return PTR_ERR(acl); 376 return PTR_ERR(acl);
377 else if (acl) { 377 else if (acl) {
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c
index c76832c8d192..2cf6a8044c80 100644
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -369,7 +369,7 @@ ext3_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
369 return PTR_ERR(acl); 369 return PTR_ERR(acl);
370 if (acl == NULL) 370 if (acl == NULL)
371 return -ENODATA; 371 return -ENODATA;
372 error = posix_acl_to_xattr(acl, buffer, size); 372 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
373 posix_acl_release(acl); 373 posix_acl_release(acl);
374 374
375 return error; 375 return error;
@@ -392,7 +392,7 @@ ext3_xattr_set_acl(struct dentry *dentry, const char *name, const void *value,
392 return -EPERM; 392 return -EPERM;
393 393
394 if (value) { 394 if (value) {
395 acl = posix_acl_from_xattr(value, size); 395 acl = posix_acl_from_xattr(&init_user_ns, value, size);
396 if (IS_ERR(acl)) 396 if (IS_ERR(acl))
397 return PTR_ERR(acl); 397 return PTR_ERR(acl);
398 else if (acl) { 398 else if (acl) {
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index a5c29bb3b835..42b95fccfb2f 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -374,7 +374,7 @@ ext4_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
374 return PTR_ERR(acl); 374 return PTR_ERR(acl);
375 if (acl == NULL) 375 if (acl == NULL)
376 return -ENODATA; 376 return -ENODATA;
377 error = posix_acl_to_xattr(acl, buffer, size); 377 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
378 posix_acl_release(acl); 378 posix_acl_release(acl);
379 379
380 return error; 380 return error;
@@ -397,7 +397,7 @@ ext4_xattr_set_acl(struct dentry *dentry, const char *name, const void *value,
397 return -EPERM; 397 return -EPERM;
398 398
399 if (value) { 399 if (value) {
400 acl = posix_acl_from_xattr(value, size); 400 acl = posix_acl_from_xattr(&init_user_ns, value, size);
401 if (IS_ERR(acl)) 401 if (IS_ERR(acl))
402 return PTR_ERR(acl); 402 return PTR_ERR(acl);
403 else if (acl) { 403 else if (acl) {
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
index d0dddaceac59..b3f3676796d3 100644
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -56,7 +56,7 @@ generic_acl_get(struct dentry *dentry, const char *name, void *buffer,
56 acl = get_cached_acl(dentry->d_inode, type); 56 acl = get_cached_acl(dentry->d_inode, type);
57 if (!acl) 57 if (!acl)
58 return -ENODATA; 58 return -ENODATA;
59 error = posix_acl_to_xattr(acl, buffer, size); 59 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
60 posix_acl_release(acl); 60 posix_acl_release(acl);
61 61
62 return error; 62 return error;
@@ -77,7 +77,7 @@ generic_acl_set(struct dentry *dentry, const char *name, const void *value,
77 if (!inode_owner_or_capable(inode)) 77 if (!inode_owner_or_capable(inode))
78 return -EPERM; 78 return -EPERM;
79 if (value) { 79 if (value) {
80 acl = posix_acl_from_xattr(value, size); 80 acl = posix_acl_from_xattr(&init_user_ns, value, size);
81 if (IS_ERR(acl)) 81 if (IS_ERR(acl))
82 return PTR_ERR(acl); 82 return PTR_ERR(acl);
83 } 83 }
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
index bd4a5892c93c..f850020ad906 100644
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -63,7 +63,7 @@ struct posix_acl *gfs2_get_acl(struct inode *inode, int type)
63 if (len == 0) 63 if (len == 0)
64 return NULL; 64 return NULL;
65 65
66 acl = posix_acl_from_xattr(data, len); 66 acl = posix_acl_from_xattr(&init_user_ns, data, len);
67 kfree(data); 67 kfree(data);
68 return acl; 68 return acl;
69} 69}
@@ -88,13 +88,13 @@ static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl)
88 const char *name = gfs2_acl_name(type); 88 const char *name = gfs2_acl_name(type);
89 89
90 BUG_ON(name == NULL); 90 BUG_ON(name == NULL);
91 len = posix_acl_to_xattr(acl, NULL, 0); 91 len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
92 if (len == 0) 92 if (len == 0)
93 return 0; 93 return 0;
94 data = kmalloc(len, GFP_NOFS); 94 data = kmalloc(len, GFP_NOFS);
95 if (data == NULL) 95 if (data == NULL)
96 return -ENOMEM; 96 return -ENOMEM;
97 error = posix_acl_to_xattr(acl, data, len); 97 error = posix_acl_to_xattr(&init_user_ns, acl, data, len);
98 if (error < 0) 98 if (error < 0)
99 goto out; 99 goto out;
100 error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS); 100 error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS);
@@ -166,12 +166,12 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
166 if (error) 166 if (error)
167 return error; 167 return error;
168 168
169 len = posix_acl_to_xattr(acl, NULL, 0); 169 len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
170 data = kmalloc(len, GFP_NOFS); 170 data = kmalloc(len, GFP_NOFS);
171 error = -ENOMEM; 171 error = -ENOMEM;
172 if (data == NULL) 172 if (data == NULL)
173 goto out; 173 goto out;
174 posix_acl_to_xattr(acl, data, len); 174 posix_acl_to_xattr(&init_user_ns, acl, data, len);
175 error = gfs2_xattr_acl_chmod(ip, attr, data); 175 error = gfs2_xattr_acl_chmod(ip, attr, data);
176 kfree(data); 176 kfree(data);
177 set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl); 177 set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl);
@@ -212,7 +212,7 @@ static int gfs2_xattr_system_get(struct dentry *dentry, const char *name,
212 if (acl == NULL) 212 if (acl == NULL)
213 return -ENODATA; 213 return -ENODATA;
214 214
215 error = posix_acl_to_xattr(acl, buffer, size); 215 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
216 posix_acl_release(acl); 216 posix_acl_release(acl);
217 217
218 return error; 218 return error;
@@ -245,7 +245,7 @@ static int gfs2_xattr_system_set(struct dentry *dentry, const char *name,
245 if (!value) 245 if (!value)
246 goto set_acl; 246 goto set_acl;
247 247
248 acl = posix_acl_from_xattr(value, size); 248 acl = posix_acl_from_xattr(&init_user_ns, value, size);
249 if (!acl) { 249 if (!acl) {
250 /* 250 /*
251 * acl_set_file(3) may request that we set default ACLs with 251 * acl_set_file(3) may request that we set default ACLs with
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c
index 922f146e4235..42e4edc17a90 100644
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -363,7 +363,7 @@ static int jffs2_acl_getxattr(struct dentry *dentry, const char *name,
363 return PTR_ERR(acl); 363 return PTR_ERR(acl);
364 if (!acl) 364 if (!acl)
365 return -ENODATA; 365 return -ENODATA;
366 rc = posix_acl_to_xattr(acl, buffer, size); 366 rc = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
367 posix_acl_release(acl); 367 posix_acl_release(acl);
368 368
369 return rc; 369 return rc;
@@ -381,7 +381,7 @@ static int jffs2_acl_setxattr(struct dentry *dentry, const char *name,
381 return -EPERM; 381 return -EPERM;
382 382
383 if (value) { 383 if (value) {
384 acl = posix_acl_from_xattr(value, size); 384 acl = posix_acl_from_xattr(&init_user_ns, value, size);
385 if (IS_ERR(acl)) 385 if (IS_ERR(acl))
386 return PTR_ERR(acl); 386 return PTR_ERR(acl);
387 if (acl) { 387 if (acl) {
diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c
index 45559dc3ea2f..d254d6d35995 100644
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -64,7 +64,7 @@ struct posix_acl *jfs_get_acl(struct inode *inode, int type)
64 else 64 else
65 acl = ERR_PTR(size); 65 acl = ERR_PTR(size);
66 } else { 66 } else {
67 acl = posix_acl_from_xattr(value, size); 67 acl = posix_acl_from_xattr(&init_user_ns, value, size);
68 } 68 }
69 kfree(value); 69 kfree(value);
70 if (!IS_ERR(acl)) 70 if (!IS_ERR(acl))
@@ -100,7 +100,7 @@ static int jfs_set_acl(tid_t tid, struct inode *inode, int type,
100 value = kmalloc(size, GFP_KERNEL); 100 value = kmalloc(size, GFP_KERNEL);
101 if (!value) 101 if (!value)
102 return -ENOMEM; 102 return -ENOMEM;
103 rc = posix_acl_to_xattr(acl, value, size); 103 rc = posix_acl_to_xattr(&init_user_ns, acl, value, size);
104 if (rc < 0) 104 if (rc < 0)
105 goto out; 105 goto out;
106 } 106 }
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index 26683e15b3ac..42d67f9757bf 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -685,7 +685,7 @@ static int can_set_system_xattr(struct inode *inode, const char *name,
685 * POSIX_ACL_XATTR_ACCESS is tied to i_mode 685 * POSIX_ACL_XATTR_ACCESS is tied to i_mode
686 */ 686 */
687 if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) { 687 if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) {
688 acl = posix_acl_from_xattr(value, value_len); 688 acl = posix_acl_from_xattr(&init_user_ns, value, value_len);
689 if (IS_ERR(acl)) { 689 if (IS_ERR(acl)) {
690 rc = PTR_ERR(acl); 690 rc = PTR_ERR(acl);
691 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 691 printk(KERN_ERR "posix_acl_from_xattr returned %d\n",
@@ -710,7 +710,7 @@ static int can_set_system_xattr(struct inode *inode, const char *name,
710 710
711 return 0; 711 return 0;
712 } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) { 712 } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) {
713 acl = posix_acl_from_xattr(value, value_len); 713 acl = posix_acl_from_xattr(&init_user_ns, value, value_len);
714 if (IS_ERR(acl)) { 714 if (IS_ERR(acl)) {
715 rc = PTR_ERR(acl); 715 rc = PTR_ERR(acl);
716 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 716 printk(KERN_ERR "posix_acl_from_xattr returned %d\n",
diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c
index e4498dc351a8..4a1aafba6a20 100644
--- a/fs/nfs/nfs3acl.c
+++ b/fs/nfs/nfs3acl.c
@@ -70,7 +70,7 @@ ssize_t nfs3_getxattr(struct dentry *dentry, const char *name,
70 if (type == ACL_TYPE_ACCESS && acl->a_count == 0) 70 if (type == ACL_TYPE_ACCESS && acl->a_count == 0)
71 error = -ENODATA; 71 error = -ENODATA;
72 else 72 else
73 error = posix_acl_to_xattr(acl, buffer, size); 73 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
74 posix_acl_release(acl); 74 posix_acl_release(acl);
75 } else 75 } else
76 error = -ENODATA; 76 error = -ENODATA;
@@ -92,7 +92,7 @@ int nfs3_setxattr(struct dentry *dentry, const char *name,
92 else 92 else
93 return -EOPNOTSUPP; 93 return -EOPNOTSUPP;
94 94
95 acl = posix_acl_from_xattr(value, size); 95 acl = posix_acl_from_xattr(&init_user_ns, value, size);
96 if (IS_ERR(acl)) 96 if (IS_ERR(acl))
97 return PTR_ERR(acl); 97 return PTR_ERR(acl);
98 error = nfs3_proc_setacl(inode, type, acl); 98 error = nfs3_proc_setacl(inode, type, acl);
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index a9269f142cc4..3f67b8e12251 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -480,7 +480,7 @@ set_nfsv4_acl_one(struct dentry *dentry, struct posix_acl *pacl, char *key)
480 if (buf == NULL) 480 if (buf == NULL)
481 goto out; 481 goto out;
482 482
483 len = posix_acl_to_xattr(pacl, buf, buflen); 483 len = posix_acl_to_xattr(&init_user_ns, pacl, buf, buflen);
484 if (len < 0) { 484 if (len < 0) {
485 error = len; 485 error = len;
486 goto out; 486 goto out;
@@ -549,7 +549,7 @@ _get_posix_acl(struct dentry *dentry, char *key)
549 if (buflen <= 0) 549 if (buflen <= 0)
550 return ERR_PTR(buflen); 550 return ERR_PTR(buflen);
551 551
552 pacl = posix_acl_from_xattr(buf, buflen); 552 pacl = posix_acl_from_xattr(&init_user_ns, buf, buflen);
553 kfree(buf); 553 kfree(buf);
554 return pacl; 554 return pacl;
555} 555}
@@ -2264,7 +2264,7 @@ nfsd_get_posix_acl(struct svc_fh *fhp, int type)
2264 if (size < 0) 2264 if (size < 0)
2265 return ERR_PTR(size); 2265 return ERR_PTR(size);
2266 2266
2267 acl = posix_acl_from_xattr(value, size); 2267 acl = posix_acl_from_xattr(&init_user_ns, value, size);
2268 kfree(value); 2268 kfree(value);
2269 return acl; 2269 return acl;
2270} 2270}
@@ -2297,7 +2297,7 @@ nfsd_set_posix_acl(struct svc_fh *fhp, int type, struct posix_acl *acl)
2297 value = kmalloc(size, GFP_KERNEL); 2297 value = kmalloc(size, GFP_KERNEL);
2298 if (!value) 2298 if (!value)
2299 return -ENOMEM; 2299 return -ENOMEM;
2300 error = posix_acl_to_xattr(acl, value, size); 2300 error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
2301 if (error < 0) 2301 if (error < 0)
2302 goto getout; 2302 goto getout;
2303 size = error; 2303 size = error;
diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c
index a7219075b4de..260b16281fc3 100644
--- a/fs/ocfs2/acl.c
+++ b/fs/ocfs2/acl.c
@@ -452,7 +452,7 @@ static int ocfs2_xattr_get_acl(struct dentry *dentry, const char *name,
452 return PTR_ERR(acl); 452 return PTR_ERR(acl);
453 if (acl == NULL) 453 if (acl == NULL)
454 return -ENODATA; 454 return -ENODATA;
455 ret = posix_acl_to_xattr(acl, buffer, size); 455 ret = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
456 posix_acl_release(acl); 456 posix_acl_release(acl);
457 457
458 return ret; 458 return ret;
@@ -475,7 +475,7 @@ static int ocfs2_xattr_set_acl(struct dentry *dentry, const char *name,
475 return -EPERM; 475 return -EPERM;
476 476
477 if (value) { 477 if (value) {
478 acl = posix_acl_from_xattr(value, size); 478 acl = posix_acl_from_xattr(&init_user_ns, value, size);
479 if (IS_ERR(acl)) 479 if (IS_ERR(acl))
480 return PTR_ERR(acl); 480 return PTR_ERR(acl);
481 else if (acl) { 481 else if (acl) {
diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c
index 44474f9b990d..87d6911c659d 100644
--- a/fs/reiserfs/xattr_acl.c
+++ b/fs/reiserfs/xattr_acl.c
@@ -30,7 +30,7 @@ posix_acl_set(struct dentry *dentry, const char *name, const void *value,
30 return -EPERM; 30 return -EPERM;
31 31
32 if (value) { 32 if (value) {
33 acl = posix_acl_from_xattr(value, size); 33 acl = posix_acl_from_xattr(&init_user_ns, value, size);
34 if (IS_ERR(acl)) { 34 if (IS_ERR(acl)) {
35 return PTR_ERR(acl); 35 return PTR_ERR(acl);
36 } else if (acl) { 36 } else if (acl) {
@@ -77,7 +77,7 @@ posix_acl_get(struct dentry *dentry, const char *name, void *buffer,
77 return PTR_ERR(acl); 77 return PTR_ERR(acl);
78 if (acl == NULL) 78 if (acl == NULL)
79 return -ENODATA; 79 return -ENODATA;
80 error = posix_acl_to_xattr(acl, buffer, size); 80 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
81 posix_acl_release(acl); 81 posix_acl_release(acl);
82 82
83 return error; 83 return error;
diff --git a/fs/xattr_acl.c b/fs/xattr_acl.c
index bf472ca1b348..11efd830b5f5 100644
--- a/fs/xattr_acl.c
+++ b/fs/xattr_acl.c
@@ -73,7 +73,8 @@ void posix_acl_fix_xattr_to_user(void *value, size_t size)
73 * Convert from extended attribute to in-memory representation. 73 * Convert from extended attribute to in-memory representation.
74 */ 74 */
75struct posix_acl * 75struct posix_acl *
76posix_acl_from_xattr(const void *value, size_t size) 76posix_acl_from_xattr(struct user_namespace *user_ns,
77 const void *value, size_t size)
77{ 78{
78 posix_acl_xattr_header *header = (posix_acl_xattr_header *)value; 79 posix_acl_xattr_header *header = (posix_acl_xattr_header *)value;
79 posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end; 80 posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end;
@@ -112,14 +113,14 @@ posix_acl_from_xattr(const void *value, size_t size)
112 113
113 case ACL_USER: 114 case ACL_USER:
114 acl_e->e_uid = 115 acl_e->e_uid =
115 make_kuid(&init_user_ns, 116 make_kuid(user_ns,
116 le32_to_cpu(entry->e_id)); 117 le32_to_cpu(entry->e_id));
117 if (!uid_valid(acl_e->e_uid)) 118 if (!uid_valid(acl_e->e_uid))
118 goto fail; 119 goto fail;
119 break; 120 break;
120 case ACL_GROUP: 121 case ACL_GROUP:
121 acl_e->e_gid = 122 acl_e->e_gid =
122 make_kgid(&init_user_ns, 123 make_kgid(user_ns,
123 le32_to_cpu(entry->e_id)); 124 le32_to_cpu(entry->e_id));
124 if (!gid_valid(acl_e->e_gid)) 125 if (!gid_valid(acl_e->e_gid))
125 goto fail; 126 goto fail;
@@ -141,7 +142,8 @@ EXPORT_SYMBOL (posix_acl_from_xattr);
141 * Convert from in-memory to extended attribute representation. 142 * Convert from in-memory to extended attribute representation.
142 */ 143 */
143int 144int
144posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size) 145posix_acl_to_xattr(struct user_namespace *user_ns, const struct posix_acl *acl,
146 void *buffer, size_t size)
145{ 147{
146 posix_acl_xattr_header *ext_acl = (posix_acl_xattr_header *)buffer; 148 posix_acl_xattr_header *ext_acl = (posix_acl_xattr_header *)buffer;
147 posix_acl_xattr_entry *ext_entry = ext_acl->a_entries; 149 posix_acl_xattr_entry *ext_entry = ext_acl->a_entries;
@@ -162,11 +164,11 @@ posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size)
162 switch(acl_e->e_tag) { 164 switch(acl_e->e_tag) {
163 case ACL_USER: 165 case ACL_USER:
164 ext_entry->e_id = 166 ext_entry->e_id =
165 cpu_to_le32(from_kuid(&init_user_ns, acl_e->e_uid)); 167 cpu_to_le32(from_kuid(user_ns, acl_e->e_uid));
166 break; 168 break;
167 case ACL_GROUP: 169 case ACL_GROUP:
168 ext_entry->e_id = 170 ext_entry->e_id =
169 cpu_to_le32(from_kgid(&init_user_ns, acl_e->e_gid)); 171 cpu_to_le32(from_kgid(user_ns, acl_e->e_gid));
170 break; 172 break;
171 default: 173 default:
172 ext_entry->e_id = cpu_to_le32(ACL_UNDEFINED_ID); 174 ext_entry->e_id = cpu_to_le32(ACL_UNDEFINED_ID);
diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c
index ac702a6eab9b..1d32f1d52763 100644
--- a/fs/xfs/xfs_acl.c
+++ b/fs/xfs/xfs_acl.c
@@ -337,7 +337,7 @@ xfs_xattr_acl_get(struct dentry *dentry, const char *name,
337 if (acl == NULL) 337 if (acl == NULL)
338 return -ENODATA; 338 return -ENODATA;
339 339
340 error = posix_acl_to_xattr(acl, value, size); 340 error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
341 posix_acl_release(acl); 341 posix_acl_release(acl);
342 342
343 return error; 343 return error;
@@ -361,7 +361,7 @@ xfs_xattr_acl_set(struct dentry *dentry, const char *name,
361 if (!value) 361 if (!value)
362 goto set_acl; 362 goto set_acl;
363 363
364 acl = posix_acl_from_xattr(value, size); 364 acl = posix_acl_from_xattr(&init_user_ns, value, size);
365 if (!acl) { 365 if (!acl) {
366 /* 366 /*
367 * acl_set_file(3) may request that we set default ACLs with 367 * acl_set_file(3) may request that we set default ACLs with
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-06 18:54:43 -0500