From: Christian Brauner <christian.brauner@xxxxxxxxxx> Hey everyone, This patch series enables cephfs to support idmapped mounts, i.e. the ability to alter ownership information on a per-mount basis. Container managers such as LXD support sharaing data via cephfs between the host and unprivileged containers and between unprivileged containers. They may all use different idmappings. Idmapped mounts can be used to create mounts with the idmapping used for the container (or a different one specific to the use-case). There are in fact more use-cases such as remapping ownership for mountpoints on the host itself to grant or restrict access to different users or to make it possible to enforce that programs running as root will write with a non-zero {g,u}id to disk. The patch series is simple overall and few changes are needed to cephfs. There is one cephfs specific issue that I would like to discuss and solve which I explain in detail in: [PATCH 02/12] ceph: handle idmapped mounts in create_request_message() It has to do with how to handle mds serves which have id-based access restrictions configured. I would ask you to please take a look at the explanation in the aforementioned patch. The patch series passes the vfs and idmapped mount testsuite as part of xfstests. To run it you will need a config like: [ceph] export FSTYP=ceph export TEST_DIR=/mnt/test export TEST_DEV=10.103.182.10:6789:/ export TEST_FS_MOUNT_OPTS="-o name=admin,secret=$password and then simply call sudo ./check -g idmapped The patch series is on top of my patches scheduled for v5.17. The easiest way is to either fetch the branch (fs.idmapped.ceph.v1) or the tag (tag.fs.idmapped.ceph.v1): git fetch git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux.git fs.idmapped.ceph.v1 git fetch git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux.git tag.fs.idmapped.ceph.v1 Thanks! Christian Christian Brauner (12): ceph: stash idmapping in mdsc request ceph: handle idmapped mounts in create_request_message() ceph: allow idmapped mknod inode op ceph: allow idmapped symlink inode op ceph: allow idmapped mkdir inode op ceph: allow idmapped rename inode op ceph: allow idmapped getattr inode op ceph: allow idmapped permission inode op ceph: allow idmapped setattr inode op ceph/acl: allow idmapped set_acl inode op ceph/file: allow idmapped atomic_open inode op ceph: allow idmapped mounts fs/ceph/acl.c | 2 +- fs/ceph/dir.c | 4 ++++ fs/ceph/file.c | 16 ++++++++++++---- fs/ceph/inode.c | 15 +++++++++++---- fs/ceph/mds_client.c | 29 +++++++++++++++++++++++++---- fs/ceph/mds_client.h | 1 + fs/ceph/super.c | 2 +- 7 files changed, 55 insertions(+), 14 deletions(-) -- 2.32.0