1 |
From e717e6ab90d3e93c757ffff46c9844ce7eeba973 Mon Sep 17 00:00:00 2001 |
2 |
From: Sasha Levin <sashal@kernel.org> |
3 |
Date: Wed, 20 Jul 2022 14:32:52 +0200 |
4 |
Subject: ntfs: fix acl handling |
5 |
|
6 |
From: Christian Brauner <brauner@kernel.org> |
7 |
|
8 |
[ Upstream commit 0c3bc7899e6dfb52df1c46118a5a670ae619645f ] |
9 |
|
10 |
While looking at our current POSIX ACL handling in the context of some |
11 |
overlayfs work I went through a range of other filesystems checking how they |
12 |
handle them currently and encountered ntfs3. |
13 |
|
14 |
The posic_acl_{from,to}_xattr() helpers always need to operate on the |
15 |
filesystem idmapping. Since ntfs3 can only be mounted in the initial user |
16 |
namespace the relevant idmapping is init_user_ns. |
17 |
|
18 |
The posix_acl_{from,to}_xattr() helpers are concerned with translating between |
19 |
the kernel internal struct posix_acl{_entry} and the uapi struct |
20 |
posix_acl_xattr_{header,entry} and the kernel internal data structure is cached |
21 |
filesystem wide. |
22 |
|
23 |
Additional idmappings such as the caller's idmapping or the mount's idmapping |
24 |
are handled higher up in the VFS. Individual filesystems usually do not need to |
25 |
concern themselves with these. |
26 |
|
27 |
The posix_acl_valid() helper is concerned with checking whether the values in |
28 |
the kernel internal struct posix_acl can be represented in the filesystem's |
29 |
idmapping. IOW, if they can be written to disk. So this helper too needs to |
30 |
take the filesystem's idmapping. |
31 |
|
32 |
Fixes: be71b5cba2e6 ("fs/ntfs3: Add attrib operations") |
33 |
Cc: Konstantin Komarov <almaz.alexandrovich@paragon-software.com> |
34 |
Cc: ntfs3@lists.linux.dev |
35 |
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org> |
36 |
Signed-off-by: Sasha Levin <sashal@kernel.org> |
37 |
--- |
38 |
fs/ntfs3/xattr.c | 16 +++++++--------- |
39 |
1 file changed, 7 insertions(+), 9 deletions(-) |
40 |
|
41 |
diff --git a/fs/ntfs3/xattr.c b/fs/ntfs3/xattr.c |
42 |
index 1b8c89dbf6684..3629049decac1 100644 |
43 |
--- a/fs/ntfs3/xattr.c |
44 |
+++ b/fs/ntfs3/xattr.c |
45 |
@@ -478,8 +478,7 @@ static noinline int ntfs_set_ea(struct inode *inode, const char *name, |
46 |
} |
47 |
|
48 |
#ifdef CONFIG_NTFS3_FS_POSIX_ACL |
49 |
-static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns, |
50 |
- struct inode *inode, int type, |
51 |
+static struct posix_acl *ntfs_get_acl_ex(struct inode *inode, int type, |
52 |
int locked) |
53 |
{ |
54 |
struct ntfs_inode *ni = ntfs_i(inode); |
55 |
@@ -514,7 +513,7 @@ static struct posix_acl *ntfs_get_acl_ex(struct user_namespace *mnt_userns, |
56 |
|
57 |
/* Translate extended attribute to acl. */ |
58 |
if (err >= 0) { |
59 |
- acl = posix_acl_from_xattr(mnt_userns, buf, err); |
60 |
+ acl = posix_acl_from_xattr(&init_user_ns, buf, err); |
61 |
} else if (err == -ENODATA) { |
62 |
acl = NULL; |
63 |
} else { |
64 |
@@ -537,8 +536,7 @@ struct posix_acl *ntfs_get_acl(struct inode *inode, int type, bool rcu) |
65 |
if (rcu) |
66 |
return ERR_PTR(-ECHILD); |
67 |
|
68 |
- /* TODO: init_user_ns? */ |
69 |
- return ntfs_get_acl_ex(&init_user_ns, inode, type, 0); |
70 |
+ return ntfs_get_acl_ex(inode, type, 0); |
71 |
} |
72 |
|
73 |
static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, |
74 |
@@ -590,7 +588,7 @@ static noinline int ntfs_set_acl_ex(struct user_namespace *mnt_userns, |
75 |
value = kmalloc(size, GFP_NOFS); |
76 |
if (!value) |
77 |
return -ENOMEM; |
78 |
- err = posix_acl_to_xattr(mnt_userns, acl, value, size); |
79 |
+ err = posix_acl_to_xattr(&init_user_ns, acl, value, size); |
80 |
if (err < 0) |
81 |
goto out; |
82 |
flags = 0; |
83 |
@@ -641,7 +639,7 @@ static int ntfs_xattr_get_acl(struct user_namespace *mnt_userns, |
84 |
if (!acl) |
85 |
return -ENODATA; |
86 |
|
87 |
- err = posix_acl_to_xattr(mnt_userns, acl, buffer, size); |
88 |
+ err = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); |
89 |
posix_acl_release(acl); |
90 |
|
91 |
return err; |
92 |
@@ -665,12 +663,12 @@ static int ntfs_xattr_set_acl(struct user_namespace *mnt_userns, |
93 |
if (!value) { |
94 |
acl = NULL; |
95 |
} else { |
96 |
- acl = posix_acl_from_xattr(mnt_userns, value, size); |
97 |
+ acl = posix_acl_from_xattr(&init_user_ns, value, size); |
98 |
if (IS_ERR(acl)) |
99 |
return PTR_ERR(acl); |
100 |
|
101 |
if (acl) { |
102 |
- err = posix_acl_valid(mnt_userns, acl); |
103 |
+ err = posix_acl_valid(&init_user_ns, acl); |
104 |
if (err) |
105 |
goto release_and_out; |
106 |
} |
107 |
-- |
108 |
2.35.1 |
109 |
|