mbox series

[GIT,PULL] fs idmapped fixes for v6.0-rc3

Message ID 20220822121125.715295-1-brauner@kernel.org (mailing list archive)
State New, archived
Headers show
Series [GIT,PULL] fs idmapped fixes for v6.0-rc3 | expand

Pull-request

ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.idmapped.fixes.v6.0-rc3

Message

Christian Brauner Aug. 22, 2022, 12:11 p.m. UTC
Hey Linus,

/* Summary */
This contains a few fixes:

- Since Seth joined as co-maintainer for idmapped mounts we decided to use a
  shared git tree. Konstantin suggested we use vfs/idmapping.git on kernel.org
  under the vfs/ namespace. So this updates the tree in the maintainers file.

- Ensure that POSIX ACLs checking, getting, and setting works correctly
  for filesystems mountable with a filesystem idmapping that want to support
  idmapped mounts. Since no filesystems mountable with an fs_idmapping do yet
  support idmapped mounts there is no problem. But this could change in the
  future, so add a check to refuse to create idmapped mounts when the mounter
  is not privileged over the mount's idmapping.

- Check that caller is privileged over the idmapping that will be attached to a
  mount. Currently no FS_USERNS_MOUNT filesystems support idmapped mounts, thus
  this is not a problem as only CAP_SYS_ADMIN in init_user_ns is allowed to set
  up idmapped mounts. But this could change in the future, so add a check to
  refuse to create idmapped mounts when the mounter is not privileged over the
  mount's idmapping.

- Fix POSIX ACLs for ntfs3. While looking at our current POSIX ACL handling in
  the context of some overlayfs work I went through a range of other
  filesystems checking how they handle them currently and encountered a few
  bugs in ntfs3. I've sent this some time ago and the fixes haven't been picked
  up even though the pull request for other ntfs3 fixes got sent after. This
  should really be fixed as right now POSIX ACLs are broken in certain
  circumstances for ntfs3.

/* Testing */
All patches are based on v6.0-rc1 and have been sitting in linux-next. No build
failures or warnings were observed and fstests, selftests, and LTP have seen no
regressions.

/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next and no merge conflicts showed up doing a test-merge with current
mainline.

The following changes since commit 568035b01cfb107af8d2e4bd2fb9aea22cf5b868:

  Linux 6.0-rc1 (2022-08-14 15:50:18 -0700)

are available in the Git repository at:

  ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.idmapped.fixes.v6.0-rc3

for you to fetch changes up to 0c3bc7899e6dfb52df1c46118a5a670ae619645f:

  ntfs: fix acl handling (2022-08-22 12:52:23 +0200)

Please consider pulling these changes from the signed fs.idmapped.fixes.v6.0-rc3 tag.

Thanks!
Christian

----------------------------------------------------------------
fs.idmapped.fixes.v6.0-rc3

----------------------------------------------------------------
Christian Brauner (3):
      acl: handle idmapped mounts for idmapped filesystems
      MAINTAINERS: update idmapping tree
      ntfs: fix acl handling

Seth Forshee (1):
      fs: require CAP_SYS_ADMIN in target namespace for idmapped mounts

 MAINTAINERS          |  2 +-
 fs/namespace.c       |  7 +++++++
 fs/ntfs3/xattr.c     | 16 +++++++---------
 fs/overlayfs/inode.c | 11 +++++++----
 fs/posix_acl.c       | 15 +++++++++------
 5 files changed, 31 insertions(+), 20 deletions(-)

Comments

pr-tracker-bot@kernel.org Aug. 22, 2022, 6:48 p.m. UTC | #1
The pull request you sent on Mon, 22 Aug 2022 14:11:25 +0200:

> ssh://git@gitolite.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git tags/fs.idmapped.fixes.v6.0-rc3

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/d3cd67d671eea1f0d3860996863bd95e1e0b1c76

Thank you!