[v1,3/3] fs/fuse: convert to use invalid_mnt_idmap

Message ID	20240906143453.179506-3-aleksandr.mikhalitsyn@canonical.com (mailing list archive)
State	New
Headers	show Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 427001D3189 for <linux-fsdevel@vger.kernel.org>; Fri, 6 Sep 2024 14:35:12 +0000 (UTC) From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com> To: mszeredi@redhat.com Cc: brauner@kernel.org, linux-fsdevel@vger.kernel.org, Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>, Miklos Szeredi <miklos@szeredi.hu>, linux-kernel@vger.kernel.org Subject: [PATCH v1 3/3] fs/fuse: convert to use invalid_mnt_idmap Date: Fri, 6 Sep 2024 16:34:53 +0200 Message-Id: <20240906143453.179506-3-aleksandr.mikhalitsyn@canonical.com> In-Reply-To: <20240906143453.179506-1-aleksandr.mikhalitsyn@canonical.com> References: <20240906143453.179506-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[v1,1/3] fs/fuse: introduce and use fuse_simple_idmap_request() helper \| expand [v1,1/3] fs/fuse: introduce and use fuse_simple_idmap_request() helper [v1,2/3] fs/mnt_idmapping: introduce an invalid_mnt_idmap [v1,3/3] fs/fuse: convert to use invalid_mnt_idmap

Message ID

20240906143453.179506-3-aleksandr.mikhalitsyn@canonical.com (mailing list archive)

State

New

Headers

From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
To: mszeredi@redhat.com
Cc: brauner@kernel.org,
	linux-fsdevel@vger.kernel.org,
	Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>,
	Miklos Szeredi <miklos@szeredi.hu>,
	linux-kernel@vger.kernel.org
Subject: [PATCH v1 3/3] fs/fuse: convert to use invalid_mnt_idmap
Date: Fri,  6 Sep 2024 16:34:53 +0200
Message-Id: <20240906143453.179506-3-aleksandr.mikhalitsyn@canonical.com>
In-Reply-To: <20240906143453.179506-1-aleksandr.mikhalitsyn@canonical.com>
References: <20240906143453.179506-1-aleksandr.mikhalitsyn@canonical.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[v1,1/3] fs/fuse: introduce and use fuse_simple_idmap_request() helper | expand

Commit Message

Aleksandr Mikhalitsyn Sept. 6, 2024, 2:34 p.m. UTC

We should convert fs/fuse code to use a newly introduced
invalid_mnt_idmap instead of passing a NULL as idmap pointer.

Suggested-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
---
 fs/fuse/dev.c    | 47 +++++++++++++++++++++++------------------------
 fs/fuse/dir.c    |  6 +++---
 fs/fuse/fuse_i.h |  2 +-
 3 files changed, 27 insertions(+), 28 deletions(-)

Comments

Christian Brauner Sept. 9, 2024, 12:59 p.m. UTC | #1

On Fri, Sep 06, 2024 at 04:34:53PM GMT, Alexander Mikhalitsyn wrote:
> We should convert fs/fuse code to use a newly introduced
> invalid_mnt_idmap instead of passing a NULL as idmap pointer.
> 
> Suggested-by: Christian Brauner <brauner@kernel.org>
> Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
> ---

Reviewed-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index 04a6490a587c..e42b2f38d35f 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -114,7 +114,11 @@  static struct fuse_req *fuse_get_req(struct mnt_idmap *idmap,
 {
 	struct fuse_conn *fc = fm->fc;
 	struct fuse_req *req;
+	bool no_idmap = (fm->sb->s_iflags & SB_I_NOIDMAP);
+	kuid_t fsuid;
+	kgid_t fsgid;
 	int err;
+
 	atomic_inc(&fc->num_waiting);
 
 	if (fuse_block_alloc(fc, for_background)) {
@@ -148,29 +152,24 @@  static struct fuse_req *fuse_get_req(struct mnt_idmap *idmap,
 	if (for_background)
 		__set_bit(FR_BACKGROUND, &req->flags);
 
-	if ((fm->sb->s_iflags & SB_I_NOIDMAP) || idmap) {
-		kuid_t idmapped_fsuid;
-		kgid_t idmapped_fsgid;
+	/*
+	 * Keep the old behavior when idmappings support was not
+	 * declared by a FUSE server.
+	 *
+	 * For those FUSE servers who support idmapped mounts,
+	 * we send UID/GID only along with "inode creation"
+	 * fuse requests, otherwise idmap == &invalid_mnt_idmap and
+	 * req->in.h.{u,g}id will be equal to FUSE_INVALID_UIDGID.
+	 */
+	fsuid = no_idmap ? current_fsuid() : mapped_fsuid(idmap, fc->user_ns);
+	fsgid = no_idmap ? current_fsgid() : mapped_fsgid(idmap, fc->user_ns);
+	req->in.h.uid = from_kuid(fc->user_ns, fsuid);
+	req->in.h.gid = from_kgid(fc->user_ns, fsgid);
 
-		/*
-		 * Note, that when
-		 * (fm->sb->s_iflags & SB_I_NOIDMAP) is true, then
-		 * (idmap == &nop_mnt_idmap) is always true and therefore,
-		 * mapped_fsuid(idmap, fc->user_ns) == current_fsuid().
-		 */
-		idmapped_fsuid = idmap ? mapped_fsuid(idmap, fc->user_ns) : current_fsuid();
-		idmapped_fsgid = idmap ? mapped_fsgid(idmap, fc->user_ns) : current_fsgid();
-		req->in.h.uid = from_kuid(fc->user_ns, idmapped_fsuid);
-		req->in.h.gid = from_kgid(fc->user_ns, idmapped_fsgid);
-
-		if (unlikely(req->in.h.uid == ((uid_t)-1) ||
-			     req->in.h.gid == ((gid_t)-1))) {
-			fuse_put_request(req);
-			return ERR_PTR(-EOVERFLOW);
-		}
-	} else {
-		req->in.h.uid = FUSE_INVALID_UIDGID;
-		req->in.h.gid = FUSE_INVALID_UIDGID;
+	if (no_idmap && unlikely(req->in.h.uid == ((uid_t)-1) ||
+				 req->in.h.gid == ((gid_t)-1))) {
+		fuse_put_request(req);
+		return ERR_PTR(-EOVERFLOW);
 	}
 
 	return req;
@@ -619,7 +618,7 @@  int fuse_simple_background(struct fuse_mount *fm, struct fuse_args *args,
 		__set_bit(FR_BACKGROUND, &req->flags);
 	} else {
 		WARN_ON(args->nocreds);
-		req = fuse_get_req(NULL, fm, true);
+		req = fuse_get_req(&invalid_mnt_idmap, fm, true);
 		if (IS_ERR(req))
 			return PTR_ERR(req);
 	}
@@ -641,7 +640,7 @@  static int fuse_simple_notify_reply(struct fuse_mount *fm,
 	struct fuse_req *req;
 	struct fuse_iqueue *fiq = &fm->fc->iq;
 
-	req = fuse_get_req(NULL, fm, false);
+	req = fuse_get_req(&invalid_mnt_idmap, fm, false);
 	if (IS_ERR(req))
 		return PTR_ERR(req);
 
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 491e112819be..54104dd48af7 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -1093,7 +1093,7 @@  static int fuse_rename2(struct mnt_idmap *idmap, struct inode *olddir,
 		if (fc->no_rename2 || fc->minor < 23)
 			return -EINVAL;
 
-		err = fuse_rename_common((flags & RENAME_WHITEOUT) ? idmap : NULL,
+		err = fuse_rename_common((flags & RENAME_WHITEOUT) ? idmap : &invalid_mnt_idmap,
 					 olddir, oldent, newdir, newent, flags,
 					 FUSE_RENAME2,
 					 sizeof(struct fuse_rename2_in));
@@ -1102,7 +1102,7 @@  static int fuse_rename2(struct mnt_idmap *idmap, struct inode *olddir,
 			err = -EINVAL;
 		}
 	} else {
-		err = fuse_rename_common(NULL, olddir, oldent, newdir, newent, 0,
+		err = fuse_rename_common(&invalid_mnt_idmap, olddir, oldent, newdir, newent, 0,
 					 FUSE_RENAME,
 					 sizeof(struct fuse_rename_in));
 	}
@@ -1127,7 +1127,7 @@  static int fuse_link(struct dentry *entry, struct inode *newdir,
 	args.in_args[0].value = &inarg;
 	args.in_args[1].size = newent->d_name.len + 1;
 	args.in_args[1].value = newent->d_name.name;
-	err = create_new_entry(NULL, fm, &args, newdir, newent, inode->i_mode);
+	err = create_new_entry(&invalid_mnt_idmap, fm, &args, newdir, newent, inode->i_mode);
 	if (!err)
 		fuse_update_ctime_in_cache(inode);
 	else if (err == -EINTR)
diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h
index b2c7834f21b5..e6cc3d552b13 100644
--- a/fs/fuse/fuse_i.h
+++ b/fs/fuse/fuse_i.h
@@ -1153,7 +1153,7 @@  ssize_t __fuse_simple_request(struct mnt_idmap *idmap,
 
 static inline ssize_t fuse_simple_request(struct fuse_mount *fm, struct fuse_args *args)
 {
-	return __fuse_simple_request(NULL, fm, args);
+	return __fuse_simple_request(&invalid_mnt_idmap, fm, args);
 }
 
 static inline ssize_t fuse_simple_idmap_request(struct mnt_idmap *idmap,

[v1,3/3] fs/fuse: convert to use invalid_mnt_idmap

Commit Message

Comments

Patch