21 Sep, 2012
23 commits
-
Cc: Christoph Hellwig
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Christoph Hellwig
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Kai Bankett
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Anders Larsen
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Bob Copeland
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Anton Altaparmakov
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Ryusuke Konishi
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Joern Engel
Cc: Prasad Joshi
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Signed-off-by: Eric W. Biederman
-
Signed-off-by: Eric W. Biederman
-
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Benny Halevy
Acked-by: Boaz Harrosh
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Tyler Hicks
Cc: Dustin Kirkland
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Cc: Ian Campbell
Cc: Konrad Rzeszutek Wilk
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Note sysctl_hugetlb_shm_group can only be written in the root user
in the initial user namespace, so we can assume sysctl_hugetlb_shm_group
is in the initial user namespace.Cc: William Irwin
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Greg Kroah-Hartman
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Greg Kroah-Hartman
Acked-by: Felipe Balbi
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Acked-by: Greg Kroah-Hartman
Acked-by: Felipe Balbi
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman
20 Sep, 2012
1 commit
-
Acked-by: OGAWA Hirofumi
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman
18 Sep, 2012
16 commits
-
Now that the type changes are done, here is the final set of
changes to make the quota code work when user namespaces are enabled.Small cleanups and fixes to make the code build when user namespaces
are enabled.Cc: Jan Kara
Signed-off-by: "Eric W. Biederman" -
Convert w_dq_id to be a struct kquid and remove the now unncessary
w_dq_type.This is a simple conversion and enough other places have already
been converted that this actually reduces the code complexity
by a little bit, when removing now unnecessary type conversions.Cc: Jan Kara
Signed-off-by: "Eric W. Biederman" -
Change struct dquot dq_id to a struct kqid and remove the now
unecessary dq_type.Make minimal changes to dquot, quota_tree, quota_v1, quota_v2, ext3,
ext4, and ocfs2 to deal with the change in quota structures and
signatures. The ocfs2 changes are larger than most because of the
extensive tracing throughout the ocfs2 quota code that prints out
dq_id.quota_tree.c:get_index is modified to take a struct kqid instead of a
qid_t because all of it's callers pass in dquot->dq_id and it allows
me to introduce only a single conversion.The rest of the changes are either just replacing dq_type with dq_id.type,
adding conversions to deal with the change in type and occassionally
adding qid_eq to allow quota id comparisons in a user namespace safe way.Cc: Mark Fasheh
Cc: Joel Becker
Cc: Jan Kara
Cc: Andrew Morton
Cc: Andreas Dilger
Cc: Theodore Tso
Signed-off-by: "Eric W. Biederman" -
Modify dqget to take struct kqid instead of a type and an identifier
pair.Modify the callers of dqget in ocfs2 and dquot to take generate
a struct kqid so they can continue to call dqget. The conversion
to create struct kqid should all be the final conversions that
are needed in those code paths.Cc: Jan Kara
Cc: Mark Fasheh
Cc: Joel Becker
Signed-off-by: "Eric W. Biederman" -
Modify quota_send_warning to take struct kqid instead a type and
identifier pair.When sending netlink broadcasts always convert uids and quota
identifiers into the intial user namespace. There is as yet no way to
send a netlink broadcast message with different contents to receivers
in different namespaces, so for the time being just map all of the
identifiers into the initial user namespace which preserves the
current behavior.Change the callers of quota_send_warning in gfs2, xfs and dquot
to generate a struct kqid to pass to quota send warning. When
all of the user namespaces convesions are complete a struct kqid
values will be availbe without need for conversion, but a conversion
is needed now to avoid needing to convert everything at once.Cc: Ben Myers
Cc: Alex Elder
Cc: Dave Chinner
Cc: Jan Kara
Cc: Steven Whitehouse
Signed-off-by: "Eric W. Biederman" -
Update the quotactl user space interface to successfull compile with
user namespaces support enabled and to hand off quota identifiers to
lower layers of the kernel in struct kqid instead of type and qid
pairs.The quota on function is not converted because while it takes a quota
type and an id. The id is the on disk quota format to use, which
is something completely different.The signature of two struct quotactl_ops methods were changed to take
struct kqid argumetns get_dqblk and set_dqblk.The dquot, xfs, and ocfs2 implementations of get_dqblk and set_dqblk
are minimally changed so that the code continues to work with
the change in parameter type.This is the first in a series of changes to always store quota
identifiers in the kernel in struct kqid and only use raw type and qid
values when interacting with on disk structures or userspace. Always
using struct kqid internally makes it hard to miss places that need
conversion to or from the kernel internal values.Cc: Jan Kara
Cc: Dave Chinner
Cc: Mark Fasheh
Cc: Joel Becker
Cc: Ben Myers
Cc: Alex Elder
Signed-off-by: "Eric W. Biederman" -
Add the data type struct kqid which holds the kernel internal form of
the owning identifier of a quota. struct kqid is a replacement for
the implicit union of uid, gid and project id stored in an unsigned
int and the quota type field that is was used in the quota data
structures. Making the data type explicit allows the kuid_t and
kgid_t type safety to propogate more thoroughly through the code,
revealing more places where uid/gid conversions need be made.Along with the data type struct kqid comes the helper functions
qid_eq, qid_lt, from_kqid, from_kqid_munged, qid_valid, make_kqid,
make_kqid_invalid, make_kqid_uid, make_kqid_gid.Cc: Jan Kara
Cc: Dave Chinner
Signed-off-by: "Eric W. Biederman" -
Implement kprojid_t a cousin of the kuid_t and kgid_t.
The per user namespace mapping of project id values can be set with
/proc//projid_map.A full compliment of helpers is provided: make_kprojid, from_kprojid,
from_kprojid_munged, kporjid_has_mapping, projid_valid, projid_eq,
projid_eq, projid_lt.Project identifiers are part of the generic disk quota interface,
although it appears only xfs implements project identifiers currently.The xfs code allows anyone who has permission to set the project
identifier on a file to use any project identifier so when
setting up the user namespace project identifier mappings I do
not require a capability.Cc: Dave Chinner
Cc: Jan Kara
Signed-off-by: "Eric W. Biederman" -
Cc: Joel Becker
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
Convert ext2, ext3, and ext4 to fully support the posix acl changes,
using e_uid e_gid instead e_id.Enabled building with posix acls enabled, all filesystems supporting
user namespaces, now also support posix acls when user namespaces are enabled.Cc: Theodore Tso
Cc: Andrew Morton
Cc: Andreas Dilger
Cc: Jan Kara
Cc: Al Viro
Signed-off-by: Eric W. Biederman -
- Pass the user namespace the uid and gid values in the xattr are stored
in into posix_acl_from_xattr.- Pass the user namespace kuid and kgid values should be converted into
when storing uid and gid values in an xattr in posix_acl_to_xattr.- Modify all callers of posix_acl_from_xattr and posix_acl_to_xattr to
pass in &init_user_ns.In the short term this change is not strictly needed but it makes the
code clearer. In the longer term this change is necessary to be able to
mount filesystems outside of the initial user namespace that natively
store posix acls in the linux xattr format.Cc: Theodore Tso
Cc: Andrew Morton
Cc: Andreas Dilger
Cc: Jan Kara
Cc: Al Viro
Signed-off-by: "Eric W. Biederman" -
- In setxattr if we are setting a posix acl convert uids and gids from
the current user namespace into the initial user namespace, before
the xattrs are passed to the underlying filesystem.Untranslatable uids and gids are represented as -1 which
posix_acl_from_xattr will represent as INVALID_UID or INVALID_GID.
posix_acl_valid will fail if an acl from userspace has any
INVALID_UID or INVALID_GID values. In net this guarantees that
untranslatable posix acls will not be stored by filesystems.- In getxattr if we are reading a posix acl convert uids and gids from
the initial user namespace into the current user namespace.Uids and gids that can not be tranlsated into the current user namespace
will be represented as -1.- Replace e_id in struct posix_acl_entry with an anymouns union of
e_uid and e_gid. For the short term retain the e_id field
until all of the users are converted.- Don't set struct posix_acl.e_id in the cases where the acl type
does not use e_id. Greatly reducing the use of ACL_UNDEFINED_ID.- Rework the ordering checks in posix_acl_valid so that I use kuid_t
and kgid_t types throughout the code, and so that I don't need
arithmetic on uid and gid types.Cc: Theodore Tso
Cc: Andrew Morton
Cc: Andreas Dilger
Cc: Jan Kara
Cc: Al Viro
Signed-off-by: Eric W. Biederman -
- When tracing capture the kuid.
- When displaying the data to user space convert the kuid into the
user namespace of the process that opened the report file.Cc: Steven Rostedt
Cc: Frederic Weisbecker
Cc: Ingo Molnar
Signed-off-by: Eric W. Biederman -
BSD process accounting conveniently passes the file the accounting
records will be written into to do_acct_process. The file credentials
captured the user namespace of the opener of the file. Use the file
credentials to format the uid and the gid of the current process into
the user namespace of the user that started the bsd process
accounting.Cc: Pavel Emelyanov
Reviewed-by: Serge Hallyn
Signed-off-by: Eric W. Biederman -
- Explicitly limit exit task stat broadcast to the initial user and
pid namespaces, as it is already limited to the initial network
namespace.- For broadcast task stats explicitly generate all of the idenitiers
in terms of the initial user namespace and the initial pid
namespace.- For request stats report them in terms of the current user namespace
and the current pid namespace. Netlink messages are delivered
syncrhonously to the kernel allowing us to get the user namespace
and the pid namespace from the current task.- Pass the namespaces for representing pids and uids and gids
into bacct_add_task.Cc: Balbir Singh
Signed-off-by: Eric W. Biederman -
- Explicitly format uids gids in audit messges in the initial user
namespace. This is safe because auditd is restrected to be in
the initial user namespace.- Convert audit_sig_uid into a kuid_t.
- Enable building the audit code and user namespaces at the same time.
The net result is that the audit subsystem now uses kuid_t and kgid_t whenever
possible making it almost impossible to confuse a raw uid_t with a kuid_t
preventing bugs.Cc: Al Viro
Cc: Eric Paris
Cc: Greg Kroah-Hartman
Signed-off-by: Eric W. Biederman