Re: [PATCH v6 16/40] open: handle idmapped mounts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 21 Jan 2021, Christian Brauner wrote:

> For core file operations such as changing directories or chrooting,
> determining file access, changing mode or ownership the vfs will verify
> that the caller is privileged over the inode. Extend the various helpers
> to handle idmapped mounts. If the inode is accessed through an idmapped
> mount map it into the mount's user namespace. Afterwards the permissions
> checks are identical to non-idmapped mounts. When changing file
> ownership we need to map the uid and gid from the mount's user
> namespace. If the initial user namespace is passed nothing changes so
> non-idmapped mounts will see identical behavior as before.
> 
> Link: https://lore.kernel.org/r/20210112220124.837960-24-christian.brauner@xxxxxxxxxx
> Cc: Christoph Hellwig <hch@xxxxxx>
> Cc: David Howells <dhowells@xxxxxxxxxx>
> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> Cc: linux-fsdevel@xxxxxxxxxxxxxxx
> Signed-off-by: Christian Brauner <christian.brauner@xxxxxxxxxx>


Reviewed-by: James Morris <jamorris@xxxxxxxxxxxxxxxxxxx>


-- 
James Morris
<jmorris@xxxxxxxxx>




[Index of Archives]     [XFS Filesystem Development (older mail)]     [Linux Filesystem Development]     [Linux Audio Users]     [Yosemite Trails]     [Linux Kernel]     [Linux RAID]     [Linux SCSI]


  Powered by Linux