aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/9p/acl.c8
-rw-r--r--fs/btrfs/acl.c8
-rw-r--r--fs/ext2/acl.c4
-rw-r--r--fs/ext3/acl.c4
-rw-r--r--fs/ext4/acl.c4
-rw-r--r--fs/generic_acl.c4
-rw-r--r--fs/gfs2/acl.c14
-rw-r--r--fs/jffs2/acl.c4
-rw-r--r--fs/jfs/acl.c4
-rw-r--r--fs/jfs/xattr.c4
-rw-r--r--fs/nfs/nfs3acl.c4
-rw-r--r--fs/nfsd/vfs.c8
-rw-r--r--fs/ocfs2/acl.c4
-rw-r--r--fs/reiserfs/xattr_acl.c4
-rw-r--r--fs/xattr_acl.c14
-rw-r--r--fs/xfs/xfs_acl.c4
-rw-r--r--include/linux/posix_acl_xattr.h6
17 files changed, 53 insertions, 49 deletions
diff --git a/fs/9p/acl.c b/fs/9p/acl.c
index 9a1d42630751..15b679166201 100644
--- a/fs/9p/acl.c
+++ b/fs/9p/acl.c
@@ -37,7 +37,7 @@ static struct posix_acl *__v9fs_get_acl(struct p9_fid *fid, char *name)
37 return ERR_PTR(-ENOMEM); 37 return ERR_PTR(-ENOMEM);
38 size = v9fs_fid_xattr_get(fid, name, value, size); 38 size = v9fs_fid_xattr_get(fid, name, value, size);
39 if (size > 0) { 39 if (size > 0) {
40 acl = posix_acl_from_xattr(value, size); 40 acl = posix_acl_from_xattr(&init_user_ns, value, size);
41 if (IS_ERR(acl)) 41 if (IS_ERR(acl))
42 goto err_out; 42 goto err_out;
43 } 43 }
@@ -131,7 +131,7 @@ static int v9fs_set_acl(struct dentry *dentry, int type, struct posix_acl *acl)
131 buffer = kmalloc(size, GFP_KERNEL); 131 buffer = kmalloc(size, GFP_KERNEL);
132 if (!buffer) 132 if (!buffer)
133 return -ENOMEM; 133 return -ENOMEM;
134 retval = posix_acl_to_xattr(acl, buffer, size); 134 retval = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
135 if (retval < 0) 135 if (retval < 0)
136 goto err_free_out; 136 goto err_free_out;
137 switch (type) { 137 switch (type) {
@@ -251,7 +251,7 @@ static int v9fs_xattr_get_acl(struct dentry *dentry, const char *name,
251 return PTR_ERR(acl); 251 return PTR_ERR(acl);
252 if (acl == NULL) 252 if (acl == NULL)
253 return -ENODATA; 253 return -ENODATA;
254 error = posix_acl_to_xattr(acl, buffer, size); 254 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
255 posix_acl_release(acl); 255 posix_acl_release(acl);
256 256
257 return error; 257 return error;
@@ -304,7 +304,7 @@ static int v9fs_xattr_set_acl(struct dentry *dentry, const char *name,
304 return -EPERM; 304 return -EPERM;
305 if (value) { 305 if (value) {
306 /* update the cached acl value */ 306 /* update the cached acl value */
307 acl = posix_acl_from_xattr(value, size); 307 acl = posix_acl_from_xattr(&init_user_ns, value, size);
308 if (IS_ERR(acl)) 308 if (IS_ERR(acl))
309 return PTR_ERR(acl); 309 return PTR_ERR(acl);
310 else if (acl) { 310 else if (acl) {
diff --git a/fs/btrfs/acl.c b/fs/btrfs/acl.c
index 761e2cd8fed1..0c16e3dbfd56 100644
--- a/fs/btrfs/acl.c
+++ b/fs/btrfs/acl.c
@@ -61,7 +61,7 @@ struct posix_acl *btrfs_get_acl(struct inode *inode, int type)
61 size = __btrfs_getxattr(inode, name, value, size); 61 size = __btrfs_getxattr(inode, name, value, size);
62 } 62 }
63 if (size > 0) { 63 if (size > 0) {
64 acl = posix_acl_from_xattr(value, size); 64 acl = posix_acl_from_xattr(&init_user_ns, value, size);
65 } else if (size == -ENOENT || size == -ENODATA || size == 0) { 65 } else if (size == -ENOENT || size == -ENODATA || size == 0) {
66 /* FIXME, who returns -ENOENT? I think nobody */ 66 /* FIXME, who returns -ENOENT? I think nobody */
67 acl = NULL; 67 acl = NULL;
@@ -91,7 +91,7 @@ static int btrfs_xattr_acl_get(struct dentry *dentry, const char *name,
91 return PTR_ERR(acl); 91 return PTR_ERR(acl);
92 if (acl == NULL) 92 if (acl == NULL)
93 return -ENODATA; 93 return -ENODATA;
94 ret = posix_acl_to_xattr(acl, value, size); 94 ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
95 posix_acl_release(acl); 95 posix_acl_release(acl);
96 96
97 return ret; 97 return ret;
@@ -141,7 +141,7 @@ static int btrfs_set_acl(struct btrfs_trans_handle *trans,
141 goto out; 141 goto out;
142 } 142 }
143 143
144 ret = posix_acl_to_xattr(acl, value, size); 144 ret = posix_acl_to_xattr(&init_user_ns, acl, value, size);
145 if (ret < 0) 145 if (ret < 0)
146 goto out; 146 goto out;
147 } 147 }
@@ -169,7 +169,7 @@ static int btrfs_xattr_acl_set(struct dentry *dentry, const char *name,
169 return -EOPNOTSUPP; 169 return -EOPNOTSUPP;
170 170
171 if (value) { 171 if (value) {
172 acl = posix_acl_from_xattr(value, size); 172 acl = posix_acl_from_xattr(&init_user_ns, value, size);
173 if (IS_ERR(acl)) 173 if (IS_ERR(acl))
174 return PTR_ERR(acl); 174 return PTR_ERR(acl);
175 175
diff --git a/fs/ext2/acl.c b/fs/ext2/acl.c
index 35d6a3cfd9ff..70bb1bccc957 100644
--- a/fs/ext2/acl.c
+++ b/fs/ext2/acl.c
@@ -350,7 +350,7 @@ ext2_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
350 return PTR_ERR(acl); 350 return PTR_ERR(acl);
351 if (acl == NULL) 351 if (acl == NULL)
352 return -ENODATA; 352 return -ENODATA;
353 error = posix_acl_to_xattr(acl, buffer, size); 353 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
354 posix_acl_release(acl); 354 posix_acl_release(acl);
355 355
356 return error; 356 return error;
@@ -371,7 +371,7 @@ ext2_xattr_set_acl(struct dentry *dentry, const char *name, const void *value,
371 return -EPERM; 371 return -EPERM;
372 372
373 if (value) { 373 if (value) {
374 acl = posix_acl_from_xattr(value, size); 374 acl = posix_acl_from_xattr(&init_user_ns, value, size);
375 if (IS_ERR(acl)) 375 if (IS_ERR(acl))
376 return PTR_ERR(acl); 376 return PTR_ERR(acl);
377 else if (acl) { 377 else if (acl) {
diff --git a/fs/ext3/acl.c b/fs/ext3/acl.c
index c76832c8d192..2cf6a8044c80 100644
--- a/fs/ext3/acl.c
+++ b/fs/ext3/acl.c
@@ -369,7 +369,7 @@ ext3_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
369 return PTR_ERR(acl); 369 return PTR_ERR(acl);
370 if (acl == NULL) 370 if (acl == NULL)
371 return -ENODATA; 371 return -ENODATA;
372 error = posix_acl_to_xattr(acl, buffer, size); 372 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
373 posix_acl_release(acl); 373 posix_acl_release(acl);
374 374
375 return error; 375 return error;
@@ -392,7 +392,7 @@ ext3_xattr_set_acl(struct dentry *dentry, const char *name, const void *value,
392 return -EPERM; 392 return -EPERM;
393 393
394 if (value) { 394 if (value) {
395 acl = posix_acl_from_xattr(value, size); 395 acl = posix_acl_from_xattr(&init_user_ns, value, size);
396 if (IS_ERR(acl)) 396 if (IS_ERR(acl))
397 return PTR_ERR(acl); 397 return PTR_ERR(acl);
398 else if (acl) { 398 else if (acl) {
diff --git a/fs/ext4/acl.c b/fs/ext4/acl.c
index a5c29bb3b835..42b95fccfb2f 100644
--- a/fs/ext4/acl.c
+++ b/fs/ext4/acl.c
@@ -374,7 +374,7 @@ ext4_xattr_get_acl(struct dentry *dentry, const char *name, void *buffer,
374 return PTR_ERR(acl); 374 return PTR_ERR(acl);
375 if (acl == NULL) 375 if (acl == NULL)
376 return -ENODATA; 376 return -ENODATA;
377 error = posix_acl_to_xattr(acl, buffer, size); 377 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
378 posix_acl_release(acl); 378 posix_acl_release(acl);
379 379
380 return error; 380 return error;
@@ -397,7 +397,7 @@ ext4_xattr_set_acl(struct dentry *dentry, const char *name, const void *value,
397 return -EPERM; 397 return -EPERM;
398 398
399 if (value) { 399 if (value) {
400 acl = posix_acl_from_xattr(value, size); 400 acl = posix_acl_from_xattr(&init_user_ns, value, size);
401 if (IS_ERR(acl)) 401 if (IS_ERR(acl))
402 return PTR_ERR(acl); 402 return PTR_ERR(acl);
403 else if (acl) { 403 else if (acl) {
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
index d0dddaceac59..b3f3676796d3 100644
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -56,7 +56,7 @@ generic_acl_get(struct dentry *dentry, const char *name, void *buffer,
56 acl = get_cached_acl(dentry->d_inode, type); 56 acl = get_cached_acl(dentry->d_inode, type);
57 if (!acl) 57 if (!acl)
58 return -ENODATA; 58 return -ENODATA;
59 error = posix_acl_to_xattr(acl, buffer, size); 59 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
60 posix_acl_release(acl); 60 posix_acl_release(acl);
61 61
62 return error; 62 return error;
@@ -77,7 +77,7 @@ generic_acl_set(struct dentry *dentry, const char *name, const void *value,
77 if (!inode_owner_or_capable(inode)) 77 if (!inode_owner_or_capable(inode))
78 return -EPERM; 78 return -EPERM;
79 if (value) { 79 if (value) {
80 acl = posix_acl_from_xattr(value, size); 80 acl = posix_acl_from_xattr(&init_user_ns, value, size);
81 if (IS_ERR(acl)) 81 if (IS_ERR(acl))
82 return PTR_ERR(acl); 82 return PTR_ERR(acl);
83 } 83 }
diff --git a/fs/gfs2/acl.c b/fs/gfs2/acl.c
index bd4a5892c93c..f850020ad906 100644
--- a/fs/gfs2/acl.c
+++ b/fs/gfs2/acl.c
@@ -63,7 +63,7 @@ struct posix_acl *gfs2_get_acl(struct inode *inode, int type)
63 if (len == 0) 63 if (len == 0)
64 return NULL; 64 return NULL;
65 65
66 acl = posix_acl_from_xattr(data, len); 66 acl = posix_acl_from_xattr(&init_user_ns, data, len);
67 kfree(data); 67 kfree(data);
68 return acl; 68 return acl;
69} 69}
@@ -88,13 +88,13 @@ static int gfs2_acl_set(struct inode *inode, int type, struct posix_acl *acl)
88 const char *name = gfs2_acl_name(type); 88 const char *name = gfs2_acl_name(type);
89 89
90 BUG_ON(name == NULL); 90 BUG_ON(name == NULL);
91 len = posix_acl_to_xattr(acl, NULL, 0); 91 len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
92 if (len == 0) 92 if (len == 0)
93 return 0; 93 return 0;
94 data = kmalloc(len, GFP_NOFS); 94 data = kmalloc(len, GFP_NOFS);
95 if (data == NULL) 95 if (data == NULL)
96 return -ENOMEM; 96 return -ENOMEM;
97 error = posix_acl_to_xattr(acl, data, len); 97 error = posix_acl_to_xattr(&init_user_ns, acl, data, len);
98 if (error < 0) 98 if (error < 0)
99 goto out; 99 goto out;
100 error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS); 100 error = __gfs2_xattr_set(inode, name, data, len, 0, GFS2_EATYPE_SYS);
@@ -166,12 +166,12 @@ int gfs2_acl_chmod(struct gfs2_inode *ip, struct iattr *attr)
166 if (error) 166 if (error)
167 return error; 167 return error;
168 168
169 len = posix_acl_to_xattr(acl, NULL, 0); 169 len = posix_acl_to_xattr(&init_user_ns, acl, NULL, 0);
170 data = kmalloc(len, GFP_NOFS); 170 data = kmalloc(len, GFP_NOFS);
171 error = -ENOMEM; 171 error = -ENOMEM;
172 if (data == NULL) 172 if (data == NULL)
173 goto out; 173 goto out;
174 posix_acl_to_xattr(acl, data, len); 174 posix_acl_to_xattr(&init_user_ns, acl, data, len);
175 error = gfs2_xattr_acl_chmod(ip, attr, data); 175 error = gfs2_xattr_acl_chmod(ip, attr, data);
176 kfree(data); 176 kfree(data);
177 set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl); 177 set_cached_acl(&ip->i_inode, ACL_TYPE_ACCESS, acl);
@@ -212,7 +212,7 @@ static int gfs2_xattr_system_get(struct dentry *dentry, const char *name,
212 if (acl == NULL) 212 if (acl == NULL)
213 return -ENODATA; 213 return -ENODATA;
214 214
215 error = posix_acl_to_xattr(acl, buffer, size); 215 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
216 posix_acl_release(acl); 216 posix_acl_release(acl);
217 217
218 return error; 218 return error;
@@ -245,7 +245,7 @@ static int gfs2_xattr_system_set(struct dentry *dentry, const char *name,
245 if (!value) 245 if (!value)
246 goto set_acl; 246 goto set_acl;
247 247
248 acl = posix_acl_from_xattr(value, size); 248 acl = posix_acl_from_xattr(&init_user_ns, value, size);
249 if (!acl) { 249 if (!acl) {
250 /* 250 /*
251 * acl_set_file(3) may request that we set default ACLs with 251 * acl_set_file(3) may request that we set default ACLs with
diff --git a/fs/jffs2/acl.c b/fs/jffs2/acl.c
index 922f146e4235..42e4edc17a90 100644
--- a/fs/jffs2/acl.c
+++ b/fs/jffs2/acl.c
@@ -363,7 +363,7 @@ static int jffs2_acl_getxattr(struct dentry *dentry, const char *name,
363 return PTR_ERR(acl); 363 return PTR_ERR(acl);
364 if (!acl) 364 if (!acl)
365 return -ENODATA; 365 return -ENODATA;
366 rc = posix_acl_to_xattr(acl, buffer, size); 366 rc = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
367 posix_acl_release(acl); 367 posix_acl_release(acl);
368 368
369 return rc; 369 return rc;
@@ -381,7 +381,7 @@ static int jffs2_acl_setxattr(struct dentry *dentry, const char *name,
381 return -EPERM; 381 return -EPERM;
382 382
383 if (value) { 383 if (value) {
384 acl = posix_acl_from_xattr(value, size); 384 acl = posix_acl_from_xattr(&init_user_ns, value, size);
385 if (IS_ERR(acl)) 385 if (IS_ERR(acl))
386 return PTR_ERR(acl); 386 return PTR_ERR(acl);
387 if (acl) { 387 if (acl) {
diff --git a/fs/jfs/acl.c b/fs/jfs/acl.c
index 45559dc3ea2f..d254d6d35995 100644
--- a/fs/jfs/acl.c
+++ b/fs/jfs/acl.c
@@ -64,7 +64,7 @@ struct posix_acl *jfs_get_acl(struct inode *inode, int type)
64 else 64 else
65 acl = ERR_PTR(size); 65 acl = ERR_PTR(size);
66 } else { 66 } else {
67 acl = posix_acl_from_xattr(value, size); 67 acl = posix_acl_from_xattr(&init_user_ns, value, size);
68 } 68 }
69 kfree(value); 69 kfree(value);
70 if (!IS_ERR(acl)) 70 if (!IS_ERR(acl))
@@ -100,7 +100,7 @@ static int jfs_set_acl(tid_t tid, struct inode *inode, int type,
100 value = kmalloc(size, GFP_KERNEL); 100 value = kmalloc(size, GFP_KERNEL);
101 if (!value) 101 if (!value)
102 return -ENOMEM; 102 return -ENOMEM;
103 rc = posix_acl_to_xattr(acl, value, size); 103 rc = posix_acl_to_xattr(&init_user_ns, acl, value, size);
104 if (rc < 0) 104 if (rc < 0)
105 goto out; 105 goto out;
106 } 106 }
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index 26683e15b3ac..42d67f9757bf 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -685,7 +685,7 @@ static int can_set_system_xattr(struct inode *inode, const char *name,
685 * POSIX_ACL_XATTR_ACCESS is tied to i_mode 685 * POSIX_ACL_XATTR_ACCESS is tied to i_mode
686 */ 686 */
687 if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) { 687 if (strcmp(name, POSIX_ACL_XATTR_ACCESS) == 0) {
688 acl = posix_acl_from_xattr(value, value_len); 688 acl = posix_acl_from_xattr(&init_user_ns, value, value_len);
689 if (IS_ERR(acl)) { 689 if (IS_ERR(acl)) {
690 rc = PTR_ERR(acl); 690 rc = PTR_ERR(acl);
691 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 691 printk(KERN_ERR "posix_acl_from_xattr returned %d\n",
@@ -710,7 +710,7 @@ static int can_set_system_xattr(struct inode *inode, const char *name,
710 710
711 return 0; 711 return 0;
712 } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) { 712 } else if (strcmp(name, POSIX_ACL_XATTR_DEFAULT) == 0) {
713 acl = posix_acl_from_xattr(value, value_len); 713 acl = posix_acl_from_xattr(&init_user_ns, value, value_len);
714 if (IS_ERR(acl)) { 714 if (IS_ERR(acl)) {
715 rc = PTR_ERR(acl); 715 rc = PTR_ERR(acl);
716 printk(KERN_ERR "posix_acl_from_xattr returned %d\n", 716 printk(KERN_ERR "posix_acl_from_xattr returned %d\n",
diff --git a/fs/nfs/nfs3acl.c b/fs/nfs/nfs3acl.c
index e4498dc351a8..4a1aafba6a20 100644
--- a/fs/nfs/nfs3acl.c
+++ b/fs/nfs/nfs3acl.c
@@ -70,7 +70,7 @@ ssize_t nfs3_getxattr(struct dentry *dentry, const char *name,
70 if (type == ACL_TYPE_ACCESS && acl->a_count == 0) 70 if (type == ACL_TYPE_ACCESS && acl->a_count == 0)
71 error = -ENODATA; 71 error = -ENODATA;
72 else 72 else
73 error = posix_acl_to_xattr(acl, buffer, size); 73 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
74 posix_acl_release(acl); 74 posix_acl_release(acl);
75 } else 75 } else
76 error = -ENODATA; 76 error = -ENODATA;
@@ -92,7 +92,7 @@ int nfs3_setxattr(struct dentry *dentry, const char *name,
92 else 92 else
93 return -EOPNOTSUPP; 93 return -EOPNOTSUPP;
94 94
95 acl = posix_acl_from_xattr(value, size); 95 acl = posix_acl_from_xattr(&init_user_ns, value, size);
96 if (IS_ERR(acl)) 96 if (IS_ERR(acl))
97 return PTR_ERR(acl); 97 return PTR_ERR(acl);
98 error = nfs3_proc_setacl(inode, type, acl); 98 error = nfs3_proc_setacl(inode, type, acl);
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index a9269f142cc4..3f67b8e12251 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -480,7 +480,7 @@ set_nfsv4_acl_one(struct dentry *dentry, struct posix_acl *pacl, char *key)
480 if (buf == NULL) 480 if (buf == NULL)
481 goto out; 481 goto out;
482 482
483 len = posix_acl_to_xattr(pacl, buf, buflen); 483 len = posix_acl_to_xattr(&init_user_ns, pacl, buf, buflen);
484 if (len < 0) { 484 if (len < 0) {
485 error = len; 485 error = len;
486 goto out; 486 goto out;
@@ -549,7 +549,7 @@ _get_posix_acl(struct dentry *dentry, char *key)
549 if (buflen <= 0) 549 if (buflen <= 0)
550 return ERR_PTR(buflen); 550 return ERR_PTR(buflen);
551 551
552 pacl = posix_acl_from_xattr(buf, buflen); 552 pacl = posix_acl_from_xattr(&init_user_ns, buf, buflen);
553 kfree(buf); 553 kfree(buf);
554 return pacl; 554 return pacl;
555} 555}
@@ -2264,7 +2264,7 @@ nfsd_get_posix_acl(struct svc_fh *fhp, int type)
2264 if (size < 0) 2264 if (size < 0)
2265 return ERR_PTR(size); 2265 return ERR_PTR(size);
2266 2266
2267 acl = posix_acl_from_xattr(value, size); 2267 acl = posix_acl_from_xattr(&init_user_ns, value, size);
2268 kfree(value); 2268 kfree(value);
2269 return acl; 2269 return acl;
2270} 2270}
@@ -2297,7 +2297,7 @@ nfsd_set_posix_acl(struct svc_fh *fhp, int type, struct posix_acl *acl)
2297 value = kmalloc(size, GFP_KERNEL); 2297 value = kmalloc(size, GFP_KERNEL);
2298 if (!value) 2298 if (!value)
2299 return -ENOMEM; 2299 return -ENOMEM;
2300 error = posix_acl_to_xattr(acl, value, size); 2300 error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
2301 if (error < 0) 2301 if (error < 0)
2302 goto getout; 2302 goto getout;
2303 size = error; 2303 size = error;
diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c
index a7219075b4de..260b16281fc3 100644
--- a/fs/ocfs2/acl.c
+++ b/fs/ocfs2/acl.c
@@ -452,7 +452,7 @@ static int ocfs2_xattr_get_acl(struct dentry *dentry, const char *name,
452 return PTR_ERR(acl); 452 return PTR_ERR(acl);
453 if (acl == NULL) 453 if (acl == NULL)
454 return -ENODATA; 454 return -ENODATA;
455 ret = posix_acl_to_xattr(acl, buffer, size); 455 ret = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
456 posix_acl_release(acl); 456 posix_acl_release(acl);
457 457
458 return ret; 458 return ret;
@@ -475,7 +475,7 @@ static int ocfs2_xattr_set_acl(struct dentry *dentry, const char *name,
475 return -EPERM; 475 return -EPERM;
476 476
477 if (value) { 477 if (value) {
478 acl = posix_acl_from_xattr(value, size); 478 acl = posix_acl_from_xattr(&init_user_ns, value, size);
479 if (IS_ERR(acl)) 479 if (IS_ERR(acl))
480 return PTR_ERR(acl); 480 return PTR_ERR(acl);
481 else if (acl) { 481 else if (acl) {
diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c
index 44474f9b990d..87d6911c659d 100644
--- a/fs/reiserfs/xattr_acl.c
+++ b/fs/reiserfs/xattr_acl.c
@@ -30,7 +30,7 @@ posix_acl_set(struct dentry *dentry, const char *name, const void *value,
30 return -EPERM; 30 return -EPERM;
31 31
32 if (value) { 32 if (value) {
33 acl = posix_acl_from_xattr(value, size); 33 acl = posix_acl_from_xattr(&init_user_ns, value, size);
34 if (IS_ERR(acl)) { 34 if (IS_ERR(acl)) {
35 return PTR_ERR(acl); 35 return PTR_ERR(acl);
36 } else if (acl) { 36 } else if (acl) {
@@ -77,7 +77,7 @@ posix_acl_get(struct dentry *dentry, const char *name, void *buffer,
77 return PTR_ERR(acl); 77 return PTR_ERR(acl);
78 if (acl == NULL) 78 if (acl == NULL)
79 return -ENODATA; 79 return -ENODATA;
80 error = posix_acl_to_xattr(acl, buffer, size); 80 error = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
81 posix_acl_release(acl); 81 posix_acl_release(acl);
82 82
83 return error; 83 return error;
diff --git a/fs/xattr_acl.c b/fs/xattr_acl.c
index bf472ca1b348..11efd830b5f5 100644
--- a/fs/xattr_acl.c
+++ b/fs/xattr_acl.c
@@ -73,7 +73,8 @@ void posix_acl_fix_xattr_to_user(void *value, size_t size)
73 * Convert from extended attribute to in-memory representation. 73 * Convert from extended attribute to in-memory representation.
74 */ 74 */
75struct posix_acl * 75struct posix_acl *
76posix_acl_from_xattr(const void *value, size_t size) 76posix_acl_from_xattr(struct user_namespace *user_ns,
77 const void *value, size_t size)
77{ 78{
78 posix_acl_xattr_header *header = (posix_acl_xattr_header *)value; 79 posix_acl_xattr_header *header = (posix_acl_xattr_header *)value;
79 posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end; 80 posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end;
@@ -112,14 +113,14 @@ posix_acl_from_xattr(const void *value, size_t size)
112 113
113 case ACL_USER: 114 case ACL_USER:
114 acl_e->e_uid = 115 acl_e->e_uid =
115 make_kuid(&init_user_ns, 116 make_kuid(user_ns,
116 le32_to_cpu(entry->e_id)); 117 le32_to_cpu(entry->e_id));
117 if (!uid_valid(acl_e->e_uid)) 118 if (!uid_valid(acl_e->e_uid))
118 goto fail; 119 goto fail;
119 break; 120 break;
120 case ACL_GROUP: 121 case ACL_GROUP:
121 acl_e->e_gid = 122 acl_e->e_gid =
122 make_kgid(&init_user_ns, 123 make_kgid(user_ns,
123 le32_to_cpu(entry->e_id)); 124 le32_to_cpu(entry->e_id));
124 if (!gid_valid(acl_e->e_gid)) 125 if (!gid_valid(acl_e->e_gid))
125 goto fail; 126 goto fail;
@@ -141,7 +142,8 @@ EXPORT_SYMBOL (posix_acl_from_xattr);
141 * Convert from in-memory to extended attribute representation. 142 * Convert from in-memory to extended attribute representation.
142 */ 143 */
143int 144int
144posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size) 145posix_acl_to_xattr(struct user_namespace *user_ns, const struct posix_acl *acl,
146 void *buffer, size_t size)
145{ 147{
146 posix_acl_xattr_header *ext_acl = (posix_acl_xattr_header *)buffer; 148 posix_acl_xattr_header *ext_acl = (posix_acl_xattr_header *)buffer;
147 posix_acl_xattr_entry *ext_entry = ext_acl->a_entries; 149 posix_acl_xattr_entry *ext_entry = ext_acl->a_entries;
@@ -162,11 +164,11 @@ posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size)
162 switch(acl_e->e_tag) { 164 switch(acl_e->e_tag) {
163 case ACL_USER: 165 case ACL_USER:
164 ext_entry->e_id = 166 ext_entry->e_id =
165 cpu_to_le32(from_kuid(&init_user_ns, acl_e->e_uid)); 167 cpu_to_le32(from_kuid(user_ns, acl_e->e_uid));
166 break; 168 break;
167 case ACL_GROUP: 169 case ACL_GROUP:
168 ext_entry->e_id = 170 ext_entry->e_id =
169 cpu_to_le32(from_kgid(&init_user_ns, acl_e->e_gid)); 171 cpu_to_le32(from_kgid(user_ns, acl_e->e_gid));
170 break; 172 break;
171 default: 173 default:
172 ext_entry->e_id = cpu_to_le32(ACL_UNDEFINED_ID); 174 ext_entry->e_id = cpu_to_le32(ACL_UNDEFINED_ID);
diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c
index ac702a6eab9b..1d32f1d52763 100644
--- a/fs/xfs/xfs_acl.c
+++ b/fs/xfs/xfs_acl.c
@@ -337,7 +337,7 @@ xfs_xattr_acl_get(struct dentry *dentry, const char *name,
337 if (acl == NULL) 337 if (acl == NULL)
338 return -ENODATA; 338 return -ENODATA;
339 339
340 error = posix_acl_to_xattr(acl, value, size); 340 error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
341 posix_acl_release(acl); 341 posix_acl_release(acl);
342 342
343 return error; 343 return error;
@@ -361,7 +361,7 @@ xfs_xattr_acl_set(struct dentry *dentry, const char *name,
361 if (!value) 361 if (!value)
362 goto set_acl; 362 goto set_acl;
363 363
364 acl = posix_acl_from_xattr(value, size); 364 acl = posix_acl_from_xattr(&init_user_ns, value, size);
365 if (!acl) { 365 if (!acl) {
366 /* 366 /*
367 * acl_set_file(3) may request that we set default ACLs with 367 * acl_set_file(3) may request that we set default ACLs with
diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h
index 8bd5fcf06916..ad93ad0f1db0 100644
--- a/include/linux/posix_acl_xattr.h
+++ b/include/linux/posix_acl_xattr.h
@@ -64,7 +64,9 @@ static inline void posix_acl_fix_xattr_to_user(void *value, size_t size)
64} 64}
65#endif 65#endif
66 66
67struct posix_acl *posix_acl_from_xattr(const void *value, size_t size); 67struct posix_acl *posix_acl_from_xattr(struct user_namespace *user_ns,
68int posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size); 68 const void *value, size_t size);
69int posix_acl_to_xattr(struct user_namespace *user_ns,
70 const struct posix_acl *acl, void *buffer, size_t size);
69 71
70#endif /* _POSIX_ACL_XATTR_H */ 72#endif /* _POSIX_ACL_XATTR_H */