Re: [PATCH v6 05/39] namei: make permission helpers idmapped mount aware

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

If I NFS-exported an idmapped mount, I think I'd expect idmapped clients
to see the mapped IDs.

Looks like that means taking the user namespace from the struct
svc_export everwhere, for example:

On Thu, Jan 21, 2021 at 02:19:24PM +0100, Christian Brauner wrote:
> index 66f2ef67792a..8d90796e236a 100644
> --- a/fs/nfsd/nfsfh.c
> +++ b/fs/nfsd/nfsfh.c
> @@ -40,7 +40,8 @@ static int nfsd_acceptable(void *expv, struct dentry *dentry)
>  		/* make sure parents give x permission to user */
>  		int err;
>  		parent = dget_parent(tdentry);
> -		err = inode_permission(d_inode(parent), MAY_EXEC);
> +		err = inode_permission(&init_user_ns,
> +				       d_inode(parent), MAY_EXEC);

		err = inode_permission(exp->ex_path.mnt->mnt_userns,
				      d_inode(parent, MAY_EXEC);

?

--b.
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux