[v3,0/3] NFS User Namespaces

Message

Sargun Dhillon Oct. 21, 2020, 12:05 p.m. UTC

This patchset adds some functionality to allow NFS to be used from
containers. It piggybacks on the previous work Trond did to properly
encode, and decode UIDs / GIDs based on user namespaces, and the work
that Scott did in order to use the new fs_context API.

I removed the samples in this patchset, and I added safety in this re-roll.

We can likely "pull back" on this safety over time, in that we can
enable/disable id mapping per mount, and add some logic to make nfs4idmap
user namespace aware. Doing this for GSS is more complicated though.


Changes since v2:
  * Removed samples
  * Split out NFSv2/v3 patchset from NFSv4 patchset
  * Added restrictions around use
Changes since v1:
  * Added samples

Sargun Dhillon (3):
  NFS: NFSv2/NFSv3: Use cred from fs_context during mount
  NFSv4: Refactor: reference user namespace from nfs4idmap
  NFSv4: Refactor NFS to be use user namespaces

 fs/nfs/client.c     | 10 ++++++++--
 fs/nfs/nfs4client.c | 27 ++++++++++++++++++++++++++-
 fs/nfs/nfs4idmap.c  | 17 +++++++++--------
 fs/nfs/nfs4idmap.h  |  3 ++-
 4 files changed, 45 insertions(+), 12 deletions(-)