Commit af84df93ffe3603fc6fc40a4338f9e740aad3b4e
1 parent
5f3a4a28ec
Exists in
master
and in
20 other branches
userns: Convert extN to support kuids and kgids in posix acls
Convert ext2, ext3, and ext4 to fully support the posix acl changes, using e_uid e_gid instead e_id. Enabled building with posix acls enabled, all filesystems supporting user namespaces, now also support posix acls when user namespaces are enabled. Cc: Theodore Tso <tytso@mit.edu> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andreas Dilger <adilger.kernel@dilger.ca> Cc: Jan Kara <jack@suse.cz> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Showing 4 changed files with 60 additions and 24 deletions Side-by-side Diff
fs/ext2/acl.c
| ... | ... | @@ -53,16 +53,23 @@ |
| 53 | 53 | case ACL_OTHER: |
| 54 | 54 | value = (char *)value + |
| 55 | 55 | sizeof(ext2_acl_entry_short); |
| 56 | - acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | |
| 57 | 56 | break; |
| 58 | 57 | |
| 59 | 58 | case ACL_USER: |
| 59 | + value = (char *)value + sizeof(ext2_acl_entry); | |
| 60 | + if ((char *)value > end) | |
| 61 | + goto fail; | |
| 62 | + acl->a_entries[n].e_uid = | |
| 63 | + make_kuid(&init_user_ns, | |
| 64 | + le32_to_cpu(entry->e_id)); | |
| 65 | + break; | |
| 60 | 66 | case ACL_GROUP: |
| 61 | 67 | value = (char *)value + sizeof(ext2_acl_entry); |
| 62 | 68 | if ((char *)value > end) |
| 63 | 69 | goto fail; |
| 64 | - acl->a_entries[n].e_id = | |
| 65 | - le32_to_cpu(entry->e_id); | |
| 70 | + acl->a_entries[n].e_gid = | |
| 71 | + make_kgid(&init_user_ns, | |
| 72 | + le32_to_cpu(entry->e_id)); | |
| 66 | 73 | break; |
| 67 | 74 | |
| 68 | 75 | default: |
| 69 | 76 | |
| 70 | 77 | |
| 71 | 78 | |
| ... | ... | @@ -96,14 +103,19 @@ |
| 96 | 103 | ext_acl->a_version = cpu_to_le32(EXT2_ACL_VERSION); |
| 97 | 104 | e = (char *)ext_acl + sizeof(ext2_acl_header); |
| 98 | 105 | for (n=0; n < acl->a_count; n++) { |
| 106 | + const struct posix_acl_entry *acl_e = &acl->a_entries[n]; | |
| 99 | 107 | ext2_acl_entry *entry = (ext2_acl_entry *)e; |
| 100 | - entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | |
| 101 | - entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | |
| 102 | - switch(acl->a_entries[n].e_tag) { | |
| 108 | + entry->e_tag = cpu_to_le16(acl_e->e_tag); | |
| 109 | + entry->e_perm = cpu_to_le16(acl_e->e_perm); | |
| 110 | + switch(acl_e->e_tag) { | |
| 103 | 111 | case ACL_USER: |
| 112 | + entry->e_id = cpu_to_le32( | |
| 113 | + from_kuid(&init_user_ns, acl_e->e_uid)); | |
| 114 | + e += sizeof(ext2_acl_entry); | |
| 115 | + break; | |
| 104 | 116 | case ACL_GROUP: |
| 105 | - entry->e_id = | |
| 106 | - cpu_to_le32(acl->a_entries[n].e_id); | |
| 117 | + entry->e_id = cpu_to_le32( | |
| 118 | + from_kgid(&init_user_ns, acl_e->e_gid)); | |
| 107 | 119 | e += sizeof(ext2_acl_entry); |
| 108 | 120 | break; |
| 109 | 121 |
fs/ext3/acl.c
| ... | ... | @@ -48,16 +48,23 @@ |
| 48 | 48 | case ACL_OTHER: |
| 49 | 49 | value = (char *)value + |
| 50 | 50 | sizeof(ext3_acl_entry_short); |
| 51 | - acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | |
| 52 | 51 | break; |
| 53 | 52 | |
| 54 | 53 | case ACL_USER: |
| 54 | + value = (char *)value + sizeof(ext3_acl_entry); | |
| 55 | + if ((char *)value > end) | |
| 56 | + goto fail; | |
| 57 | + acl->a_entries[n].e_uid = | |
| 58 | + make_kuid(&init_user_ns, | |
| 59 | + le32_to_cpu(entry->e_id)); | |
| 60 | + break; | |
| 55 | 61 | case ACL_GROUP: |
| 56 | 62 | value = (char *)value + sizeof(ext3_acl_entry); |
| 57 | 63 | if ((char *)value > end) |
| 58 | 64 | goto fail; |
| 59 | - acl->a_entries[n].e_id = | |
| 60 | - le32_to_cpu(entry->e_id); | |
| 65 | + acl->a_entries[n].e_gid = | |
| 66 | + make_kgid(&init_user_ns, | |
| 67 | + le32_to_cpu(entry->e_id)); | |
| 61 | 68 | break; |
| 62 | 69 | |
| 63 | 70 | default: |
| 64 | 71 | |
| 65 | 72 | |
| 66 | 73 | |
| ... | ... | @@ -91,14 +98,19 @@ |
| 91 | 98 | ext_acl->a_version = cpu_to_le32(EXT3_ACL_VERSION); |
| 92 | 99 | e = (char *)ext_acl + sizeof(ext3_acl_header); |
| 93 | 100 | for (n=0; n < acl->a_count; n++) { |
| 101 | + const struct posix_acl_entry *acl_e = &acl->a_entries[n]; | |
| 94 | 102 | ext3_acl_entry *entry = (ext3_acl_entry *)e; |
| 95 | - entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | |
| 96 | - entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | |
| 97 | - switch(acl->a_entries[n].e_tag) { | |
| 103 | + entry->e_tag = cpu_to_le16(acl_e->e_tag); | |
| 104 | + entry->e_perm = cpu_to_le16(acl_e->e_perm); | |
| 105 | + switch(acl_e->e_tag) { | |
| 98 | 106 | case ACL_USER: |
| 107 | + entry->e_id = cpu_to_le32( | |
| 108 | + from_kuid(&init_user_ns, acl_e->e_uid)); | |
| 109 | + e += sizeof(ext3_acl_entry); | |
| 110 | + break; | |
| 99 | 111 | case ACL_GROUP: |
| 100 | - entry->e_id = | |
| 101 | - cpu_to_le32(acl->a_entries[n].e_id); | |
| 112 | + entry->e_id = cpu_to_le32( | |
| 113 | + from_kgid(&init_user_ns, acl_e->e_gid)); | |
| 102 | 114 | e += sizeof(ext3_acl_entry); |
| 103 | 115 | break; |
| 104 | 116 |
fs/ext4/acl.c
| ... | ... | @@ -55,16 +55,23 @@ |
| 55 | 55 | case ACL_OTHER: |
| 56 | 56 | value = (char *)value + |
| 57 | 57 | sizeof(ext4_acl_entry_short); |
| 58 | - acl->a_entries[n].e_id = ACL_UNDEFINED_ID; | |
| 59 | 58 | break; |
| 60 | 59 | |
| 61 | 60 | case ACL_USER: |
| 61 | + value = (char *)value + sizeof(ext4_acl_entry); | |
| 62 | + if ((char *)value > end) | |
| 63 | + goto fail; | |
| 64 | + acl->a_entries[n].e_uid = | |
| 65 | + make_kuid(&init_user_ns, | |
| 66 | + le32_to_cpu(entry->e_id)); | |
| 67 | + break; | |
| 62 | 68 | case ACL_GROUP: |
| 63 | 69 | value = (char *)value + sizeof(ext4_acl_entry); |
| 64 | 70 | if ((char *)value > end) |
| 65 | 71 | goto fail; |
| 66 | - acl->a_entries[n].e_id = | |
| 67 | - le32_to_cpu(entry->e_id); | |
| 72 | + acl->a_entries[n].e_gid = | |
| 73 | + make_kgid(&init_user_ns, | |
| 74 | + le32_to_cpu(entry->e_id)); | |
| 68 | 75 | break; |
| 69 | 76 | |
| 70 | 77 | default: |
| 71 | 78 | |
| 72 | 79 | |
| 73 | 80 | |
| ... | ... | @@ -98,13 +105,19 @@ |
| 98 | 105 | ext_acl->a_version = cpu_to_le32(EXT4_ACL_VERSION); |
| 99 | 106 | e = (char *)ext_acl + sizeof(ext4_acl_header); |
| 100 | 107 | for (n = 0; n < acl->a_count; n++) { |
| 108 | + const struct posix_acl_entry *acl_e = &acl->a_entries[n]; | |
| 101 | 109 | ext4_acl_entry *entry = (ext4_acl_entry *)e; |
| 102 | - entry->e_tag = cpu_to_le16(acl->a_entries[n].e_tag); | |
| 103 | - entry->e_perm = cpu_to_le16(acl->a_entries[n].e_perm); | |
| 104 | - switch (acl->a_entries[n].e_tag) { | |
| 110 | + entry->e_tag = cpu_to_le16(acl_e->e_tag); | |
| 111 | + entry->e_perm = cpu_to_le16(acl_e->e_perm); | |
| 112 | + switch (acl_e->e_tag) { | |
| 105 | 113 | case ACL_USER: |
| 114 | + entry->e_id = cpu_to_le32( | |
| 115 | + from_kuid(&init_user_ns, acl_e->e_uid)); | |
| 116 | + e += sizeof(ext4_acl_entry); | |
| 117 | + break; | |
| 106 | 118 | case ACL_GROUP: |
| 107 | - entry->e_id = cpu_to_le32(acl->a_entries[n].e_id); | |
| 119 | + entry->e_id = cpu_to_le32( | |
| 120 | + from_kgid(&init_user_ns, acl_e->e_gid)); | |
| 108 | 121 | e += sizeof(ext4_acl_entry); |
| 109 | 122 | break; |
| 110 | 123 |