[PATCH v3 23/38] fcntl: handle idmapped mounts

[PATCH v3 00/38] idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 32/38] fat: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 32/38] fat: handle idmapped mounts · Mauricio Vásquez Bernal <hidden> · 2020-11-30
Re: [PATCH v3 32/38] fat: handle idmapped mounts · Christian Brauner <hidden> · 2020-12-01
[PATCH v3 25/38] init: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 37/38] tests: extend mount_setattr tests · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 30/38] apparmor: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 35/38] overlayfs: do not mount on top of idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 23/38] fcntl: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 21/38] af_unix: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 34/38] ecryptfs: do not mount on top of idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 36/38] fs: introduce MOUNT_ATTR_IDMAP · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 31/38] ima: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 22/38] utimes: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 26/38] ioctl: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 28/38] exec: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 20/38] open: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Mauricio Vásquez Bernal <hidden> · 2020-11-30
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 33/38] ext4: support idmapped mounts · Christian Brauner <hidden> · 2020-12-01
[PATCH v3 27/38] would_dump: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 24/38] notify: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 11/38] attr: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 14/38] commoncap: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 13/38] xattr: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 15/38] stat: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 12/38] acl: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 17/38] namei: introduce struct renamedata · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 17/38] namei: introduce struct renamedata · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 17/38] namei: introduce struct renamedata · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 02/38] mount: make {lock,unlock}_mount_hash() static · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 02/38] mount: make {lock,unlock}_mount_hash() static · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 02/38] mount: make {lock,unlock}_mount_hash() static · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 03/38] namespace: only take read lock in do_reconfigure_mnt() · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 03/38] namespace: only take read lock in do_reconfigure_mnt() · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 03/38] namespace: only take read lock in do_reconfigure_mnt() · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 19/38] open: handle idmapped mounts in do_truncate() · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 16/38] namei: handle idmapped mounts in may_*() helpers · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 01/38] namespace: take lock_mount_hash() directly when changing flags · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 01/38] namespace: take lock_mount_hash() directly when changing flags · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 01/38] namespace: take lock_mount_hash() directly when changing flags · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 08/38] capability: handle idmapped mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 08/38] capability: handle idmapped mounts · "Serge E. Hallyn" <serge@hallyn.com> · 2020-11-28
[PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · "Serge E. Hallyn" <serge@hallyn.com> · 2020-11-28
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christian Brauner <hidden> · 2020-12-01
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 09/38] namei: add idmapped mount aware permission helpers · Christian Brauner <hidden> · 2020-12-01
[PATCH v3 18/38] namei: prepare for idmapped mounts · Christian Brauner <hidden> · 2020-11-28
[PATCH v3 10/38] inode: add idmapped mount aware init and permission helpers · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 10/38] inode: add idmapped mount aware init and permission helpers · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 10/38] inode: add idmapped mount aware init and permission helpers · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 06/38] fs: add id translation helpers · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 06/38] fs: add id translation helpers · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 06/38] fs: add id translation helpers · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 04/38] fs: add mount_setattr() · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christian Brauner <hidden> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christian Brauner <hidden> · 2020-12-02
Re: [PATCH v3 04/38] fs: add mount_setattr() · Christoph Hellwig <hch@lst.de> · 2020-12-02
[PATCH v3 07/38] mount: attach mappings to mounts · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 07/38] mount: attach mappings to mounts · Christoph Hellwig <hch@lst.de> · 2020-12-01
Re: [PATCH v3 07/38] mount: attach mappings to mounts · Tycho Andersen <tycho@tycho.pizza> · 2020-12-01
Re: [PATCH v3 07/38] mount: attach mappings to mounts · Christian Brauner <hidden> · 2020-12-02
[PATCH v3 05/38] tests: add mount_setattr() selftests · Christian Brauner <hidden> · 2020-11-28
Re: [PATCH v3 00/38] idmapped mounts · "Serge E. Hallyn" <serge@hallyn.com> · 2020-11-28
Re: [PATCH v3 00/38] idmapped mounts · Christian Brauner <hidden> · 2020-12-01

STALE2004d

Revisions (4)

2020-11-28 v3 current
2020-12-04 v4 [diff vs current]
2021-01-12 v5 [diff vs current]
2021-01-21 v6 [diff vs current]

From: Christian Brauner <hidden>
Date: 2020-11-28 22:10:32
Also in: fstests, linux-api, linux-ext4, linux-fsdevel, linux-security-module, selinux
Subsystem: file locking (flock() and fcntl()/lockf()), filesystems (vfs and infrastructure), the rest · Maintainers: Jeff Layton, Chuck Lever, Alexander Viro, Christian Brauner, Linus Torvalds

Enable the setfl() helper to handle idmapped mounts by passing down the
mount's user namespace. If the initial user namespace is passed nothing changes
so non-idmapped mounts will see identical behavior as before.

Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Signed-off-by: Christian Brauner <redacted>
---
/* v2 */
patch introduced

/* v3 */
unchanged
---
 fs/fcntl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/fcntl.c b/fs/fcntl.c
index df091d435603..ed330fa91438 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c

@@ -25,6 +25,7 @@
 #include <linux/user_namespace.h>
 #include <linux/memfd.h>
 #include <linux/compat.h>
+#include <linux/mount.h>
 
 #include <linux/poll.h>
 #include <asm/siginfo.h>

@@ -46,7 +47,7 @@ static int setfl(int fd, struct file * filp, unsigned long arg)
 
 	/* O_NOATIME can only be set by the owner or superuser */
 	if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
-		if (!inode_owner_or_capable(&init_user_ns, inode))
+		if (!inode_owner_or_capable(mnt_user_ns(filp->f_path.mnt), inode))
 			return -EPERM;
 
 	/* required for strict SunOS emulation */

-- 
2.29.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help