diff options
| author |   Christian Brauner <christian.brauner@ubuntu.com> | 2021-01-21 14:19:31 +0100 |
|---|---|---|
| committer | Christian Brauner <christian.brauner@ubuntu.com> | 2021-01-24 14:27:17 +0100 |
| commit | ba73d98745be1c10dc3cce68e8d7b95012d07d05 (patch) | |
| tree | 6b88b691fba3c40f8d1ad0c4bda7c98a376bd529 /include/linux/fs.h | |
| parent | stat: handle idmapped mounts (diff) | |
| download | linux-dev-ba73d98745be1c10dc3cce68e8d7b95012d07d05.tar.xz linux-dev-ba73d98745be1c10dc3cce68e8d7b95012d07d05.zip | |
namei: handle idmapped mounts in may_*() helpers
The may_follow_link(), may_linkat(), may_lookup(), may_open(),
may_o_create(), may_create_in_sticky(), may_delete(), and may_create()
helpers determine whether the caller is privileged enough to perform the
associated operations. Let them handle idmapped mounts by mapping the
inode or fsids according to the mount's user namespace. Afterwards the
checks are identical to non-idmapped inodes. The patch takes care to
retrieve the mount's user namespace right before performing permission
checks and passing it down into the fileystem so the user namespace
can't change in between by someone idmapping a mount that is currently
not idmapped. If the initial user namespace is passed nothing changes so
non-idmapped mounts will see identical behavior as before.
Link: https://lore.kernel.org/r/20210121131959.646623-13-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Diffstat (limited to '')
| -rw-r--r-- | include/linux/fs.h | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index 182641d8322f..a27884af7222 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2083,9 +2083,11 @@ static inline bool sb_rdonly(const struct super_block *sb) { return sb->s_flags #define IS_WHITEOUT(inode) (S_ISCHR(inode->i_mode) && \ (inode)->i_rdev == WHITEOUT_DEV) -static inline bool HAS_UNMAPPED_ID(struct inode *inode) +static inline bool HAS_UNMAPPED_ID(struct user_namespace *mnt_userns, + struct inode *inode) { - return !uid_valid(inode->i_uid) || !gid_valid(inode->i_gid); + return !uid_valid(i_uid_into_mnt(mnt_userns, inode)) || + !gid_valid(i_gid_into_mnt(mnt_userns, inode)); } static inline enum rw_hint file_write_hint(struct file *file) @@ -2823,7 +2825,8 @@ static inline int path_permission(const struct path *path, int mask) return inode_permission(mnt_user_ns(path->mnt), d_inode(path->dentry), mask); } -extern int __check_sticky(struct inode *dir, struct inode *inode); +int __check_sticky(struct user_namespace *mnt_userns, struct inode *dir, + struct inode *inode); static inline bool execute_ok(struct inode *inode) { @@ -3442,12 +3445,13 @@ static inline bool is_sxid(umode_t mode) return (mode & S_ISUID) || ((mode & S_ISGID) && (mode & S_IXGRP)); } -static inline int check_sticky(struct inode *dir, struct inode *inode) +static inline int check_sticky(struct user_namespace *mnt_userns, + struct inode *dir, struct inode *inode) { if (!(dir->i_mode & S_ISVTX)) return 0; - return __check_sticky(dir, inode); + return __check_sticky(mnt_userns, dir, inode); } static inline void inode_has_no_xattr(struct inode *inode) |