On 12/7/23 4:57 AM, Jie Jiang wrote:
Parse uid and gid in bpf_parse_param() so that they can be passed in as
the `data` parameter when mount() bpffs. This will be useful when we
want to control which user/group has the control to the mounted bpffs,
otherwise a separate chown() call will be needed.
Signed-off-by: Jie Jiang <jiejiang@xxxxxxxxxxxx>
Acked-by: Mike Frysinger <vapier@xxxxxxxxxxxx>
Acked-by: Christian Brauner <brauner@xxxxxxxxxx>
Acked-by: Andrii Nakryiko <andrii@xxxxxxxxxx>
---
v2 -> v3: Rebase to resolve conflicts.
v1 -> v2: Add additional validation in bpf_parse_param() for if the
requested uid/gid is representable in the fs's idmapping.
include/linux/bpf.h | 2 ++
kernel/bpf/inode.c | 48 ++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 49 insertions(+), 1 deletion(-)
Looks good, for clarity, should this be folded into the patch?
Thanks,
Daniel
diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c
index 273d7e0cfbde..f5ca533c62af 100644
--- a/kernel/bpf/inode.c
+++ b/kernel/bpf/inode.c
@@ -889,6 +889,8 @@ static int bpf_init_fs_context(struct fs_context *fc)
return -ENOMEM;
opts->mode = S_IRWXUGO;
+ opts->uid = GLOBAL_ROOT_UID;
+ opts->gid = GLOBAL_ROOT_GID;
/* start out with no BPF token delegation enabled */
opts->delegate_cmds = 0;
