From patchwork Tue Nov 23 11:42:22 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12633989 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D86A7C433F5 for ; Tue, 23 Nov 2021 11:43:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236425AbhKWLqI (ORCPT ); Tue, 23 Nov 2021 06:46:08 -0500 Received: from mail.kernel.org ([198.145.29.99]:37466 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236422AbhKWLqE (ORCPT ); Tue, 23 Nov 2021 06:46:04 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 3EC936069B; Tue, 23 Nov 2021 11:42:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1637667776; bh=1UTjjQkNaYHI2FzQq25hRglMFeRNj7vYSe8g1jhfbM0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fq1BhDQKds4SckhIPiNxowbV3eT/F5dFBaDgowjTxSkQkLOt5Gt+zqvtKT7DXaDzv 8eHVGhaSSHX6k2KlpB6VhngLyBCLc41FfhnUrEuXaXKcQBj65O0rh85srqxhLobNP1 ZiRhYC/70vmnDO4MLwmBgBZFKHskKce7QTRpS5GHVhZs3xhwH9khWZxH2C2gJjkmjZ 4gZ9eoJ6/+z8C+dikEFvwzoPtE3LYd3YGz82pWjzp30TlwHXk344oi2AUTXD/8NOT2 92M+bY/JqwtxhzZZvgtTKCbhrxm/MDKqKI7SPS2rR6YLzQ39gTkskLEOlYJQd4ibjJ qZSb0pgICD7Xg== From: Christian Brauner To: Christoph Hellwig Cc: Seth Forshee , Al Viro , linux-fsdevel@vger.kernel.org, Christian Brauner Subject: [PATCH 05/10] docs: update mapping documentation Date: Tue, 23 Nov 2021 12:42:22 +0100 Message-Id: <20211123114227.3124056-6-brauner@kernel.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20211123114227.3124056-1-brauner@kernel.org> References: <20211123114227.3124056-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4363; h=from:subject; bh=CetfUNWVqeKWRx77n5cjC8kVF3k66TOA5SiS1xK5kHM=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSTOuVyyQHMSe1uXtfQlzrMiJ4Om2r2yrXuYL3VfdNPOvm9v vojwdpSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEzEdibD/7zpP8NuTfA7mnWcRWefkH 1VoXn5IoMD/Mf5/hrfOnXL/yYjw+Nz5VMPvYxW+K1eKcKTfGXtNLPY6zdnMLHE7RCO5Wh8zwQA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org From: Christian Brauner Now that we implement the full remapping algorithms described in our documentation remove the section about shortcircuting them. Cc: Seth Forshee Cc: Christoph Hellwig Cc: Al Viro CC: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner --- Documentation/filesystems/idmappings.rst | 72 ------------------------ 1 file changed, 72 deletions(-) diff --git a/Documentation/filesystems/idmappings.rst b/Documentation/filesystems/idmappings.rst index 1229a75ec75d..7a879ec3b6bf 100644 --- a/Documentation/filesystems/idmappings.rst +++ b/Documentation/filesystems/idmappings.rst @@ -952,75 +952,3 @@ The raw userspace id that is put on disk is ``u1000`` so when the user takes their home directory back to their home computer where they are assigned ``u1000`` using the initial idmapping and mount the filesystem with the initial idmapping they will see all those files owned by ``u1000``. - -Shortcircuting --------------- - -Currently, the implementation of idmapped mounts enforces that the filesystem -is mounted with the initial idmapping. The reason is simply that none of the -filesystems that we targeted were mountable with a non-initial idmapping. But -that might change soon enough. As we've seen above, thanks to the properties of -idmappings the translation works for both filesystems mounted with the initial -idmapping and filesystem with non-initial idmappings. - -Based on this current restriction to filesystem mounted with the initial -idmapping two noticeable shortcuts have been taken: - -1. We always stash a reference to the initial user namespace in ``struct - vfsmount``. Idmapped mounts are thus mounts that have a non-initial user - namespace attached to them. - - In order to support idmapped mounts this needs to be changed. Instead of - stashing the initial user namespace the user namespace the filesystem was - mounted with must be stashed. An idmapped mount is then any mount that has - a different user namespace attached then the filesystem was mounted with. - This has no user-visible consequences. - -2. The translation algorithms in ``mapped_fs*id()`` and ``i_*id_into_mnt()`` - are simplified. - - Let's consider ``mapped_fs*id()`` first. This function translates the - caller's kernel id into a kernel id in the filesystem's idmapping via - a mount's idmapping. The full algorithm is:: - - mapped_fsuid(kid): - /* Map the kernel id up into a userspace id in the mount's idmapping. */ - from_kuid(mount-idmapping, kid) = uid - - /* Map the userspace id down into a kernel id in the filesystem's idmapping. */ - make_kuid(filesystem-idmapping, uid) = kuid - - We know that the filesystem is always mounted with the initial idmapping as - we enforce this in ``mount_setattr()``. So this can be shortened to:: - - mapped_fsuid(kid): - /* Map the kernel id up into a userspace id in the mount's idmapping. */ - from_kuid(mount-idmapping, kid) = uid - - /* Map the userspace id down into a kernel id in the filesystem's idmapping. */ - KUIDT_INIT(uid) = kuid - - Similarly, for ``i_*id_into_mnt()`` which translated the filesystem's kernel - id into a mount's kernel id:: - - i_uid_into_mnt(kid): - /* Map the kernel id up into a userspace id in the filesystem's idmapping. */ - from_kuid(filesystem-idmapping, kid) = uid - - /* Map the userspace id down into a kernel id in the mounts's idmapping. */ - make_kuid(mount-idmapping, uid) = kuid - - Again, we know that the filesystem is always mounted with the initial - idmapping as we enforce this in ``mount_setattr()``. So this can be - shortened to:: - - i_uid_into_mnt(kid): - /* Map the kernel id up into a userspace id in the filesystem's idmapping. */ - __kuid_val(kid) = uid - - /* Map the userspace id down into a kernel id in the mounts's idmapping. */ - make_kuid(mount-idmapping, uid) = kuid - -Handling filesystems mounted with non-initial idmappings requires that the -translation functions be converted to their full form. They can still be -shortcircuited on non-idmapped mounts. This has no user-visible consequences.