On 7/29/24 2:30 PM, Eric Sandeen wrote: > commit 049584807f1d797fc3078b68035450a9769eb5c3 upstream. > > As was done in > 0200679fc795 ("tmpfs: verify {g,u}id mount options correctly") > we need to validate that the requested uid and/or gid is representable in > the filesystem's idmapping. > > Cribbing from the above commit log, > > The contract for {g,u}id mount options and {g,u}id values in general set > from userspace has always been that they are translated according to the > caller's idmapping. In so far, fuse has been doing the correct thing. > But since fuse is mountable in unprivileged contexts it is also > necessary to verify that the resulting {k,g}uid is representable in the > namespace of the superblock. > > Fixes: c30da2e981a7 ("fuse: convert to use the new mount API") > Cc: stable@xxxxxxxxxxxxxxx # 5.4+ > Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx> > > --- > > (compile-tested only) Sorry, I lied, I compile-tested this patch with the dependency added. Ignore this one, moving too quickly. :( -Eric