From patchwork Tue Jan 4 14:04:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703499 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29F8AC433F5 for ; Tue, 4 Jan 2022 14:04:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232680AbiADOEf (ORCPT ); Tue, 4 Jan 2022 09:04:35 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:49618 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233981AbiADOEd (ORCPT ); Tue, 4 Jan 2022 09:04:33 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id D24EE61462 for ; Tue, 4 Jan 2022 14:04:32 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 87738C36AEF; Tue, 4 Jan 2022 14:04:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305072; bh=TqhxcjSSsz5BG2JsZaDV65AFz/oNyLOr2Fc3EaW/w3s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=TPQJzD29kLiHfavjqwxdK5SGptNHJm1kT4G+F8Jq6bpxJt6suQdLWtHO7Y78w4kzj aQLrv2Ze47VMaFAlpGthA+XO9SZGjNi/EXTT7K22Q709mImdeVD90SBIoskmdhGW9H bNJBN5iZ097DaMubbrY3QGgKTflSo9bci6Fmt4ziNfuZ58KI9obXG6Z+FDEZUkw/So 55RFyEPkGFDFZwD1vmwvHYgCQq7L4WP+OUvtdWkjlCLj3wbgefUFbQfMLyyT61FRpV aQrk9ckB7ovsCT75oHg4DRq0YCzkz5BlmkeSXgF+mnpBs/fNpg5W+jySLeRM1Mu/rL SFZnaWRgZs0zw== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 01/12] ceph: stash idmapping in mdsc request Date: Tue, 4 Jan 2022 15:04:03 +0100 Message-Id: <20220104140414.155198-2-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2814; h=from:subject; bh=lUre2FF+bMPoTNWEitmuyN6zfiumvjQNh9FhgakhqbU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd7AsvLLo2tTUxz2sx8qMJjX+e3szvz5Zyvm7XnQ1Hfe Q/C2bUcpC4MYF4OsmCKLQ7tJuNxynorNRpkaMHNYmUCGMHBxCsBEfNwY/pf8X5gVvEmiRy5mX+XT/4 lBE44r/BHTkoypvPxDQ12oJICR4Z205hTmXU3C+wxPsStNeqi7rPF9Qcr/A1um51jtnV+xiRsA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner When sending a mds request cephfs will send relevant data for the requested operation. For creation requests the caller's fs{g,u}id is used to set the ownership of the newly created filesystem object. For setattr requests the caller can pass in arbitrary {g,u}id values to which the relevant filesystem object is supposed to be changed. If the caller is performing the relevant operation via an idmapped mount cephfs simply needs to take the idmapping into account when it sends the relevant mds request. In order to support idmapped mounts for cephfs we stash the idmapping whenever they are relevant for the operation for the duration of the request. Since mds requests can be queued and performed asynchronously we make sure to keep the idmapping around and release it once the request has finished. In follow-up patches we will use this to send correct ownership information over the wire. This patch just adds the basic infrastructure to keep the idmapping around. The actual conversion patches are all fairly minimal. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/mds_client.c | 7 +++++++ fs/ceph/mds_client.h | 1 + 2 files changed, 8 insertions(+) diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c index c30eefc0ac19..ae2cc4ce1d48 100644 --- a/fs/ceph/mds_client.c +++ b/fs/ceph/mds_client.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "super.h" #include "mds_client.h" @@ -862,6 +863,8 @@ void ceph_mdsc_release_request(struct kref *kref) kfree(req->r_path1); kfree(req->r_path2); put_cred(req->r_cred); + if (!initial_idmapping(req->mnt_userns)) + put_user_ns(req->mnt_userns); if (req->r_pagelist) ceph_pagelist_release(req->r_pagelist); put_request_session(req); @@ -918,6 +921,10 @@ static void __register_request(struct ceph_mds_client *mdsc, insert_request(&mdsc->request_tree, req); req->r_cred = get_current_cred(); + if (!req->mnt_userns) + req->mnt_userns = &init_user_ns; + else + get_user_ns(req->mnt_userns); if (mdsc->oldest_tid == 0 && req->r_op != CEPH_MDS_OP_SETFILELOCK) mdsc->oldest_tid = req->r_tid; diff --git a/fs/ceph/mds_client.h b/fs/ceph/mds_client.h index 97c7f7bfa55f..1b648645e340 100644 --- a/fs/ceph/mds_client.h +++ b/fs/ceph/mds_client.h @@ -275,6 +275,7 @@ struct ceph_mds_request { union ceph_mds_request_args r_args; int r_fmode; /* file mode, if expecting cap */ const struct cred *r_cred; + struct user_namespace *mnt_userns; int r_request_release_offset; struct timespec64 r_stamp; From patchwork Tue Jan 4 14:04:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703501 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5E09C4332F for ; Tue, 4 Jan 2022 14:04:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233689AbiADOEh (ORCPT ); Tue, 4 Jan 2022 09:04:37 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:60142 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233918AbiADOEg (ORCPT ); Tue, 4 Jan 2022 09:04:36 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 9B36FB8160C for ; Tue, 4 Jan 2022 14:04:35 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CFA12C36AE9; Tue, 4 Jan 2022 14:04:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305074; bh=JCB98K+ZtNFTY1jORPneeDOJCnHstBC7WcJpEEu2jzY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=EzLI83nM8Ov5Gy79+4LLf49v0DTXqzrZ8QkYB2PZQ7JIRLxPXvg9vgj0i29ojdkYQ kwzBIQVx4jx5phjUgST63jNsIEYd+A4G2SRz0PXhRPqADk4RZec7hnqH2otcVL7qVv oY6jQ6FZLrIaP1HL8FetQaqM+XD7j5wYe8a3InGzlTdF0WI8HIqCmaTIlNZw0IUZq5 eXCoeXfmMJM8awuPdmMW5SBhqiXkX4oh73TrtEMRMiXPbEK92DA12aeOno+xuixA/W wwll9yVkS4IIguISriEW+Z0QZLQUXUNjXRX+a94zFBQ1TFeUt8qSfnJJ0R138JTxUT 7QK0S4aHC4Mug== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 02/12] ceph: handle idmapped mounts in create_request_message() Date: Tue, 4 Jan 2022 15:04:04 +0100 Message-Id: <20220104140414.155198-3-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=6934; h=from:subject; bh=HeS/l/uqP7506m0pqd4QzxPH1ZZBq3Jag/7+sQ7u7cc=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd6gFjZV+hNzrmp2vJHq2Y08R56vNVxi/zx8yxP+7QmN W7IlO0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACaybSvD/yCHvUmJhW18wlOvshpXsC yfPTXj3/Z/6zLOcMUctDn+ZwcjwxbuC3WfzVY6bVL6vM9kjpEHs72N1owN+2JTO3+23z76mBMA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Inode operations that create a new filesystem object such as ->mknod, ->create, ->mkdir() and others don't take a {g,u}id argument explicitly. Instead the caller's fs{g,u}id is used for the {g,u}id of the new filesystem object. Cephfs mds creation request argument structures mirror this filesystem behavior. They don't encode a {g,u}id explicitly. Instead the caller's fs{g,u}id that is always sent as part of any mds request is used by the servers to set the {g,u}id of the new filesystem object. In order to ensure that the correct {g,u}id is used map the caller's fs{g,u}id for creation requests. This doesn't require complex changes. It suffices to pass in the relevant idmapping recorded in the request message. If this request message was triggered from an inode operation that creates filesystem objects it will have passed down the relevant idmaping. If this is a request message that was triggered from an inode operation that doens't need to take idmappings into account the initial idmapping is passed down which is an identity mapping and thus is guaranteed to leave the caller's fs{g,u}id unchanged.,u}id is sent. The last few weeks before Christmas 2021 I have spent time not just reading and poking the cephfs kernel code but also took a look at the ceph mds server userspace to ensure I didn't miss some subtlety. This made me aware of one complication to solve. All requests send the caller's fs{g,u}id over the wire. The caller's fs{g,u}id matters for the server in exactly two cases: 1. to set the ownership for creation requests 2. to determine whether this client is allowed access on this server Case 1. we already covered and explained. Case 2. is only relevant for servers where an explicit uid access restriction has been set. That is to say the mds server restricts access to requests coming from a specific uid. Servers without uid restrictions will grant access to requests from any uid by setting MDS_AUTH_UID_ANY. Case 2. introduces the complication because the caller's fs{g,u}id is not just used to record ownership but also serves as the {g,u}id used when checking access to the server. Consider a user mounting a cephfs client and creating an idmapped mount from it that maps files owned by uid 1000 to be owned uid 0: mount -t cephfs -o [...] /unmapped mount-idmapped --map-mount 1000:0:1 /idmapped That is to say if the mounted cephfs filesystem contains a file "file1" which is owned by uid 1000: - looking at it via /unmapped/file1 will report it as owned by uid 1000 (One can think of this as the on-disk value.) - looking at it via /idmapped/file1 will report it as owned by uid 0 Now, consider creating new files via the idmapped mount at /idmapped. When a caller with fs{g,u}id 1000 creates a file "file2" by going through the idmapped mount mounted at /idmapped it will create a file that is owned by uid 1000 on-disk, i.e.: - looking at it via /unmapped/file2 will report it as owned by uid 1000 - looking at it via /idmapped/file2 will report it as owned by uid 0 Now consider an mds server that has a uid access restriction set and only grants access to requests from uid 0. If the client sends a creation request for a file e.g. /idmapped/file2 it will send the caller's fs{g,u}id idmapped according to the idmapped mount. So if the caller has fs{g,u}id 1000 it will be mapped to {g,u}id 0 in the idmapped mount and will be sent over the wire allowing the caller access to the mds server. However, if the caller is not issuing a creation request the caller's fs{g,u}id will be send without the mount's idmapping applied. So if the caller that just successfully created a new file on the restricted mds server sends a request as fs{g,u}id 1000 access will be refused. This however is inconsistent. From my perspective the root of the problem lies in the fact that creation requests implicitly infer the ownership from the {g,u}id that gets sent along with every mds request. I have thought of multiple ways of addressing this problem but the one I prefer is to give all mds requests that create a filesystem object a proper, separate {g,u}id field entry in the argument struct. This is, for example how ->setattr mds requests work. This way the caller's fs{g,u}id can be used consistenly for server access checks and is separated from the ownership for new filesystem objects. Servers could then be updated to refuse creation requests whenever the {g,u}id used for access checking doesn't match the {g,u}id used for creating the filesystem object just as is done for setattr requests on a uid restricted server. But I am, of course, open to other suggestions. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/mds_client.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c index ae2cc4ce1d48..1fb43a8fd64c 100644 --- a/fs/ceph/mds_client.c +++ b/fs/ceph/mds_client.c @@ -2459,6 +2459,8 @@ static struct ceph_msg *create_request_message(struct ceph_mds_session *session, void *p, *end; int ret; bool legacy = !(session->s_con.peer_features & CEPH_FEATURE_FS_BTIME); + kuid_t caller_fsuid; + kgid_t caller_fsgid; ret = set_request_path_attr(req->r_inode, req->r_dentry, req->r_parent, req->r_path1, req->r_ino1.ino, @@ -2524,10 +2526,22 @@ static struct ceph_msg *create_request_message(struct ceph_mds_session *session, head->mdsmap_epoch = cpu_to_le32(mdsc->mdsmap->m_epoch); head->op = cpu_to_le32(req->r_op); - head->caller_uid = cpu_to_le32(from_kuid(&init_user_ns, - req->r_cred->fsuid)); - head->caller_gid = cpu_to_le32(from_kgid(&init_user_ns, - req->r_cred->fsgid)); + /* + * Inode operations that create filesystem objects based on the + * caller's fs{g,u}id like ->mknod(), ->create(), ->mkdir() etc. don't + * have separate {g,u}id fields in their respective structs in the + * ceph_mds_request_args union. Instead the caller_{g,u}id field is + * used to set ownership of the newly created inode by the mds server. + * For these inode operations we need to send the mapped fs{g,u}id over + * the wire. For other cases we simple set req->mnt_userns to the + * initial idmapping meaning the unmapped fs{g,u}id is sent. + */ + caller_fsuid = mapped_kuid_user(req->mnt_userns, &init_user_ns, + req->r_cred->fsuid); + caller_fsgid = mapped_kgid_user(req->mnt_userns, &init_user_ns, + req->r_cred->fsgid); + head->caller_uid = cpu_to_le32(from_kuid(&init_user_ns, caller_fsuid)); + head->caller_gid = cpu_to_le32(from_kgid(&init_user_ns, caller_fsgid)); head->ino = cpu_to_le64(req->r_deleg_ino); head->args = req->r_args; From patchwork Tue Jan 4 14:04:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703502 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C11E3C433F5 for ; Tue, 4 Jan 2022 14:04:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233980AbiADOEj (ORCPT ); Tue, 4 Jan 2022 09:04:39 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:60168 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233716AbiADOEj (ORCPT ); Tue, 4 Jan 2022 09:04:39 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 3F54BB81125 for ; Tue, 4 Jan 2022 14:04:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 00587C36AEF; Tue, 4 Jan 2022 14:04:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305077; bh=V8wDUe1mE6v6Pe/YK1MY4TTQkx8oz9Huk1KCABhGIYc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OlImx59C4HY36LPUWgdzCcbNvdIT+7eD4D887X4RmBIfOrfHVTz4nh53rsjLx7r58 j6gHVAEtmZSxvPWw7ovSIXvvO3SjSEdaLQY0S1pTYPTnefPfFKRSS8N87ds4AT/n8H fAq+rxyQHS6+izboCjtUrp9dKhtdyff7lESOaaJ5BWuwCsa82enHP+aD5Tx0GRN8Vw t48OJmaSfmTi5f8sUfKKKjTWwBkFkoXwrZ0wqbEaZWrMmRdc/uIW25kjOySE3Ky2oS M33gJFezwPwE9m5xogEP/DaPPYKWll5H6ZX65oBvuJ1aPChSf+4MU0BqNw9LNQeThQ UwkfsHziZUHDQ== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 03/12] ceph: allow idmapped mknod inode op Date: Tue, 4 Jan 2022 15:04:05 +0100 Message-Id: <20220104140414.155198-4-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=875; h=from:subject; bh=YLblXcGDq7nV80TG+RfbU2nhtFvggg7pRbf0kvvRh2k=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd5wQXPL1qtCh66VvtE+tHOL9iSZLvXD9+557tOKERO9 vP3j7Y5SFgYxLgZZMUUWh3aTcLnlPBWbjTI1YOawMoEMYeDiFICJfLvL8L8kN1K65tJzjqerI7WnF9 /uuMB06wCnqV5311IHrw/fHzgxMuxYU+Vu5Jzo6xqqdDthdk/KG41FS47zPvxx2da0ve+7DisA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_mknod() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 133dbd9338e7..7278863fbd4a 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -871,6 +871,7 @@ static int ceph_mknod(struct user_namespace *mnt_userns, struct inode *dir, req->r_parent = dir; ihold(dir); set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags); + req->mnt_userns = mnt_userns; req->r_args.mknod.mode = cpu_to_le32(mode); req->r_args.mknod.rdev = cpu_to_le32(rdev); req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL; From patchwork Tue Jan 4 14:04:06 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703503 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93F08C433EF for ; Tue, 4 Jan 2022 14:04:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233981AbiADOEm (ORCPT ); Tue, 4 Jan 2022 09:04:42 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:60198 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233716AbiADOEl (ORCPT ); Tue, 4 Jan 2022 09:04:41 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 8B620B81125 for ; Tue, 4 Jan 2022 14:04:40 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8C64BC36AF2; Tue, 4 Jan 2022 14:04:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305079; bh=6nkPMhNjieNZ6m4ePI1Riszj8h8K846d0G0gWvovSwY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=H97d8CA03POUlXlgc7Lxj/UX8j2qOoKvItdnuTDZSaqD0vc/nqtNY0kMY6h3HGKE4 owFgG/GdTJKEDMeaMGqGkVmQGFIdXuT6nrdwlOwx62xkMcvNQ8+48e/pH220oRm5xX bQj1wNFzzyZM+ZPEMpjBUkBqTz1TX8a82HeOk5E0xpU+CSfK4pnDni0hPwWLUe/Mbp OoDjIKhT4pNW0Ip7bM6kUK3VfZBzZEltNio90MsxExVsQkJiqQMxK7MYf1QmsOelJr fdgoWPMCyXLVpuBE/cjQ/r89D6qLOeyhrZS6DdmDu8hU+b/6RmchBD4/qiA+9T+S2k RGU+l8wx2cz0A== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 04/12] ceph: allow idmapped symlink inode op Date: Tue, 4 Jan 2022 15:04:06 +0100 Message-Id: <20220104140414.155198-5-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=852; h=from:subject; bh=lW3f+u4vQ+fYlwMHWHIapFP13msWwROsGLxaq1Nvh1Y=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd4Yu+rF6S+zDosck5d2jZq54NC5/cl/WyPWO2Qn2Cze OpNNpaOUhUGMi0FWTJHFod0kXG45T8Vmo0wNmDmsTCBDGLg4BWAiq5wYGZpSZJIOn9g/YXPyqw+6Nf O3fAr6lcS8TPrBuZT8LstV75YyMrRe8P59df/ifl/XIxMu25V0ffS4+Xgjl0rUqty96y8k3GAEAA== X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_symlink() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 7278863fbd4a..67ce448a9ff5 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -939,6 +939,7 @@ static int ceph_symlink(struct user_namespace *mnt_userns, struct inode *dir, req->r_num_caps = 2; req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL; req->r_dentry_unless = CEPH_CAP_FILE_EXCL; + req->mnt_userns = mnt_userns; if (as_ctx.pagelist) { req->r_pagelist = as_ctx.pagelist; as_ctx.pagelist = NULL; From patchwork Tue Jan 4 14:04:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703504 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B1BCC433F5 for ; Tue, 4 Jan 2022 14:04:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233983AbiADOEo (ORCPT ); Tue, 4 Jan 2022 09:04:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48366 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233976AbiADOEn (ORCPT ); Tue, 4 Jan 2022 09:04:43 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3C4FC061761 for ; Tue, 4 Jan 2022 06:04:42 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 4699F6145F for ; Tue, 4 Jan 2022 14:04:42 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E6C2EC36AED; Tue, 4 Jan 2022 14:04:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305081; bh=kdapNRIiHRvmAkuAkJkPUSrnzX8VwpOawS4krFB8eoY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=N0R4DLQXB8sw2xZCkBGKqlgnB+8sDeAAkIq9n8hlafB0zqumFFEKfvXuDn/ByO+4P UfuE538WoWisYQM/1JI/oCNmT338GQgpgfJVfEanCurohWvYicVJ66ADLbMCrujBnu hAHFSikJEls9SC2Zw/KKLQWdfkgqTw4Cs139XjVm+1xYZoVqkLuk4q/0iVOi+kvcLU Uqj1olyw5zOIT0Do4UjmBNoZ7bTKtDNEA+YgjUzBv8Uce7ku1tNAo75cRn7Wn5HFeJ uAd+aVhk4469rP9mOHk2OUjt1kdjk05A45j2yrUweWrwho7c6N9knRr/sa9pMqjN4/ 5OsB3+KMp586A== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 05/12] ceph: allow idmapped mkdir inode op Date: Tue, 4 Jan 2022 15:04:07 +0100 Message-Id: <20220104140414.155198-6-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=878; h=from:subject; bh=lK/JAkFEaquLxUpARZctsQdyX/6TrkzXiRgfniaafaI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd5YuLrjl85rqaKfUbcvhF8vUlQSU9/k0bxa5d8Htd0c sUcsOkpZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACYyu5yRYQbDZ/6bdmU1PwyuWCnMcp CxjFowOy34gW9gvlfcdjlORYa/MlECfEeZly77KsJ2fWe9oe4fTt43TjuLXiu8Nd32gNuVDQA= X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_mkdir() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 67ce448a9ff5..210257afb346 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1002,6 +1002,7 @@ static int ceph_mkdir(struct user_namespace *mnt_userns, struct inode *dir, ihold(dir); set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags); req->r_args.mkdir.mode = cpu_to_le32(mode); + req->mnt_userns = mnt_userns; req->r_dentry_drop = CEPH_CAP_FILE_SHARED | CEPH_CAP_AUTH_EXCL; req->r_dentry_unless = CEPH_CAP_FILE_EXCL; if (as_ctx.pagelist) { From patchwork Tue Jan 4 14:04:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703505 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 53BCEC433EF for ; Tue, 4 Jan 2022 14:04:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234025AbiADOEq (ORCPT ); Tue, 4 Jan 2022 09:04:46 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:49700 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233984AbiADOEp (ORCPT ); Tue, 4 Jan 2022 09:04:45 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id CE59E6144A for ; Tue, 4 Jan 2022 14:04:44 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5D0A2C36AF2; Tue, 4 Jan 2022 14:04:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305084; bh=7xWSS+VpiP8dfSlEHjbHYvxxgbifdP+JryNLZ3+XfJs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=TfhazTTCZUHTJvB5FYhTI+1f+G1p/gMMquDTRjkPlZU9KC8P6lf2LLPyzsqpi3wcQ IJQPwglChFTHTvKiI4gQHv8w3LzyLZpZQWcM7aTNxFWZfKqbYFLaKQACv/G0oiUWVK +oHVq86Ek304Rk+M0JSJut7weIzod4Idfw1OJkyTC0bO++SInc0Fhs0HXrIB2nX6yb xY+SFI/qsJoo2ocumz3NJApU2QWpwfXswK7w5f5WLWUyuMK2SagQ1fIDLLcjILnnV+ I2+YJygvNl36yxkuZ4K+848FAnXaPSuulNW2jODxp6VnwY+oC2cgt7Z72Ma63wHdUG HG7BH8fZRYBeA== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 06/12] ceph: allow idmapped rename inode op Date: Tue, 4 Jan 2022 15:04:08 +0100 Message-Id: <20220104140414.155198-7-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=946; h=from:subject; bh=mbk8SDzhQb6ZEo6K3hHL8WO2mNfdbln+y3NHHYE09h0=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd64ZNefsmN5ac8tX/XvTvh+9dKq/yfn1UV+bHvEo5ly sDUtoKOUhUGMi0FWTJHFod0kXG45T8Vmo0wNmDmsTCBDGLg4BWAix5MYGeaw8i4OOjV/dqPfyajQsJ 7Xd0+8aZm713CXn7yyU8OK7W2MDDcMp9wRfrJOqfDyuTkxfwwK8sutFv5ZKftM+hx/VGAlGy8A X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_rename() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 210257afb346..9463c960f03b 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1248,6 +1248,7 @@ static int ceph_rename(struct user_namespace *mnt_userns, struct inode *old_dir, req->r_old_dentry_unless = CEPH_CAP_FILE_EXCL; req->r_dentry_drop = CEPH_CAP_FILE_SHARED; req->r_dentry_unless = CEPH_CAP_FILE_EXCL; + req->mnt_userns = mnt_userns; /* release LINK_RDCACHE on source inode (mds will lock it) */ req->r_old_inode_drop = CEPH_CAP_LINK_SHARED | CEPH_CAP_LINK_EXCL; if (d_really_is_positive(new_dentry)) { From patchwork Tue Jan 4 14:04:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703506 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C84C0C433FE for ; Tue, 4 Jan 2022 14:04:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234004AbiADOEs (ORCPT ); Tue, 4 Jan 2022 09:04:48 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:49716 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233984AbiADOEr (ORCPT ); Tue, 4 Jan 2022 09:04:47 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 162AC6144A for ; Tue, 4 Jan 2022 14:04:47 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CE73BC36AEF; Tue, 4 Jan 2022 14:04:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305086; bh=bnpE2OLbiGrXgcKzK+xawh7T4+9jfQRkRWyZlrDa6E8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gr1LI3OE/GN7Ig4hIXy7KUS9fiyb+kNJjkHNxsjaApWslbm+Xc0+PirLVQQlh5miY uEjQGmLYnlGf0yCySvzHkXU8+wCyPQ1hdIh0HKCos7TufpL1UvVuH0PK/Ydw7eTJH0 /7xEY6g0SP/F16LQa9zazKaqHyyDcGiZDCdPA85tjBR3QO45yCIyf1jskRgazrlmju Tln0Z+PGGb1w0RxoG1D+O/4gWGgWghQCGCGkRF03i+8HhOoaplYNnF9JeaIyL6vtcR DRwLSwJSmtcbBpykrztR/wQqoBmwrX/Rt3d5eF7cSyHMAosR0iHB16nOG7FWi4Sgrh j6GrdUka7h5Cw== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 07/12] ceph: allow idmapped getattr inode op Date: Tue, 4 Jan 2022 15:04:09 +0100 Message-Id: <20220104140414.155198-8-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=787; h=from:subject; bh=MwhNjtywN6dSstNOGp9w0GC8zs5JE/ZTuRy+D4xhwIY=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd5UnvwyLuA6S/BSnzd3NXX44ngivu83mNavbCOurGQa 9PlwRykLgxgXg6yYIotDu0m43HKeis1GmRowc1iZQIYwcHEKwESc0xn+17+Qy1V/LvtS57Tk6/uhU2 572xqZ6J7j0bfguV02ze70MUaGjUfr1njPPSh8n/tgUOapjdZf1Mw/zbosPi9PfN2OOp1oRgA= X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_getattr() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/inode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index e3322fcb2e8d..f648aecc5827 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -2364,7 +2364,7 @@ int ceph_getattr(struct user_namespace *mnt_userns, const struct path *path, return err; } - generic_fillattr(&init_user_ns, inode, stat); + generic_fillattr(mnt_userns, inode, stat); stat->ino = ceph_present_inode(inode); /* From patchwork Tue Jan 4 14:04:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703507 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52AFAC433EF for ; Tue, 4 Jan 2022 14:04:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234031AbiADOEu (ORCPT ); Tue, 4 Jan 2022 09:04:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48432 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233999AbiADOEt (ORCPT ); Tue, 4 Jan 2022 09:04:49 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7EF08C061761 for ; Tue, 4 Jan 2022 06:04:49 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1E1FD6145F for ; Tue, 4 Jan 2022 14:04:49 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1A106C36AED; Tue, 4 Jan 2022 14:04:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305088; bh=lkRedyQpPjGRo7G2CA0++lgrDx9Eme/DSgAOV4dla7o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=H7VxteTdGjgNNlh8K0sNHzBDlfY1XZFFsaYP8zXO6f6f6fmyqODbVJtetOWhy+QWE 0q/4v8WcgB4TbhappgM5G0hATUeXFbm2DqJcPAmEcJhBmNbGhUdW6IBPKrMvFmyboX CCaBz1w+OvQHsN5mae0GkYjbd1/VHlSA+z640RxmZFaK0kDiJnhj6nBhkAFoQRwFMT u/gToa7blVBNzMD7UhETIpHjfv8vQ0LJuEj9wPILhQAwKvvHepzMwTGe5yYFWvFOH3 tAmpkfHh/IdRolOIu5dLCKCVGOXyAitUEMzwPmFYpw0VKojSiMItum2tI+7veTsFP6 nR9nMcAF7DhVg== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 08/12] ceph: allow idmapped permission inode op Date: Tue, 4 Jan 2022 15:04:10 +0100 Message-Id: <20220104140414.155198-9-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=831; h=from:subject; bh=e//HmyVQbC20ht0ysyOxU2Zp9Z2u26WTn1+u2bxBHV0=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd6UezP4lplCbkDgubV36mb92MoS//TksvTjt54u7fGZ 8O1aXUcpC4MYF4OsmCKLQ7tJuNxynorNRpkaMHNYmUCGMHBxCsBElu1l+J+3LKv+0fKTmju7vkl7rW qWt3/lItXGWurwOC+d4afj6ZWMDC39bix7NhtLBpatTZni18z37FF+jNi6JxyzdCxDGzUSGAE= X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_permission() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/inode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index f648aecc5827..d5cecc3519fa 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -2307,7 +2307,7 @@ int ceph_permission(struct user_namespace *mnt_userns, struct inode *inode, err = ceph_do_getattr(inode, CEPH_CAP_AUTH_SHARED, false); if (!err) - err = generic_permission(&init_user_ns, inode, mask); + err = generic_permission(mnt_userns, inode, mask); return err; } From patchwork Tue Jan 4 14:04:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703508 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE40FC433F5 for ; Tue, 4 Jan 2022 14:04:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233984AbiADOEy (ORCPT ); Tue, 4 Jan 2022 09:04:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233985AbiADOEx (ORCPT ); Tue, 4 Jan 2022 09:04:53 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 942A1C061761 for ; Tue, 4 Jan 2022 06:04:53 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4EF52B81617 for ; Tue, 4 Jan 2022 14:04:52 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 40B33C36AE9; Tue, 4 Jan 2022 14:04:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305091; bh=PkL7itq8IKrlXxkxDwbpH1sqm7ijEaREyjdj2CLwggo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CYsNUQDpaR2QfPpdzQuFhGJvecnARlukzVxu3SxNZ6RSuPeFr3kwL3VgLH3P58SBs wptvBPiN0mThXvvi1oSv4OGvs4TeoWhaFb+WdzTVLEoB463Mz2be1BaLH8qq+mO0BV Z1mNzbHWIs/f348fbQ+WbJOwPW+mmvB5qJYmShIiNOYUtNiGJbrwKanHx3RG0G18h3 LHpi+bNpEhJvz4a2CwBn4eULRYtq+qGIHsiJqtMthAF3RGpu+rDFGNOEhGgsKpbnE3 236+EjuI5oEYYlPmwpMKgctnC9rEuIWttvPRlgyhv+CjSyv4TRUMwXRZSUXU8cyYxZ MULImZHADLV+g== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 09/12] ceph: allow idmapped setattr inode op Date: Tue, 4 Jan 2022 15:04:11 +0100 Message-Id: <20220104140414.155198-10-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1717; h=from:subject; bh=BuD1MJMUOh7v5cDpM3Y1/1bmbAQmKMSk00dcBJnaxBI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd6Uzx1dyq7IdXdGUo2lXbjWbxfuLyt+p5R2F82tdFh4 8N/DjlIWBjEuBlkxRRaHdpNwueU8FZuNMjVg5rAygQxh4OIUgInM2M3IsL+kzD+Zz8o2u7As4rCtcV kNi9quGVqPGA9OYwiODe3qYvgrksfzRG/D1eKH3kV2b5+Gvrq4TmLy9IvW+Rb2D3bnfL/IAQA= X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable __ceph_setattr() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/inode.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index d5cecc3519fa..658b620efd50 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -2032,6 +2032,13 @@ int __ceph_setattr(struct inode *inode, struct iattr *attr) dout("setattr %p issued %s\n", inode, ceph_cap_string(issued)); + /* + * The attr->ia_{g,u}id members contain the target {g,u}id we're + * sending over the wire. The mount idmapping only matters when we + * create new filesystem objects based on the caller's mapped + * fs{g,u}id. + */ + req->mnt_userns = &init_user_ns; if (ia_valid & ATTR_UID) { dout("setattr %p uid %d -> %d\n", inode, from_kuid(&init_user_ns, inode->i_uid), @@ -2222,7 +2229,7 @@ int ceph_setattr(struct user_namespace *mnt_userns, struct dentry *dentry, if (ceph_inode_is_shutdown(inode)) return -ESTALE; - err = setattr_prepare(&init_user_ns, dentry, attr); + err = setattr_prepare(mnt_userns, dentry, attr); if (err != 0) return err; @@ -2237,7 +2244,7 @@ int ceph_setattr(struct user_namespace *mnt_userns, struct dentry *dentry, err = __ceph_setattr(inode, attr); if (err >= 0 && (attr->ia_valid & ATTR_MODE)) - err = posix_acl_chmod(&init_user_ns, inode, attr->ia_mode); + err = posix_acl_chmod(mnt_userns, inode, attr->ia_mode); return err; } From patchwork Tue Jan 4 14:04:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703509 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A5FECC433EF for ; Tue, 4 Jan 2022 14:04:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234026AbiADOEz (ORCPT ); Tue, 4 Jan 2022 09:04:55 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:49760 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233999AbiADOEy (ORCPT ); Tue, 4 Jan 2022 09:04:54 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E89FB6144A for ; Tue, 4 Jan 2022 14:04:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 90D57C36AED; Tue, 4 Jan 2022 14:04:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305093; bh=b5/QRRHZ1RLWN0Qqgr/u0tltLjdxnA4v9Er0MFRU8w0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=EPBD1e0gkd8X1HNVYKFBL0Ksvbzw4xbfGGBQ+P+rtAvI3LcUfI0Zeh8gTaazZiBmP FDvYxO95Xilq9N9Tdj4VkvNxYiW9hy99ow+S7ki7lK5b+UatcPWEP6DxXYX8/eU+VX OPbe8E5wcnCREhr9/pqKUQmkOiSTJ3KJymb+puTzcuIY1xSNmTFoiiDMHUyQWMQdKJ CwjgalUEdv2lU0S+MuHy9PaG+ZuaITH6KPcwMWASIRAavS5swF4VvhwNC0nOvlx0WY WfHC7mGOFhAkvJlX1DlTyCoSJOUs11nz1I/b5msQ1attkgNkoLvEwvjC7prgD7GInm 3Tf0djMbVk5Uw== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 10/12] ceph/acl: allow idmapped set_acl inode op Date: Tue, 4 Jan 2022 15:04:12 +0100 Message-Id: <20220104140414.155198-11-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=847; h=from:subject; bh=52mlsmJPfUdAvKrVsONCSZHmOUFLsm3gBjPvELkE9FE=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd58wtvnJX9OyCxPnY/SyUtXLP8ufPnsl4TXbq/03hf+ lEzf1VHKwiDGxSArpsji0G4SLrecp2KzUaYGzBxWJpAhDFycAjCRvWKMDEf4T5veeZ+/SuHZm+P79w teWuCSGfTwobrTlPNHz5zbt8WU4Z+B2ptLx154Wcb7O708uZ6htNDmzm3OuFiD5q/JTYuz2HkB X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_set_acl() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/acl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ceph/acl.c b/fs/ceph/acl.c index f4fc8e0b847c..7957d44bb27c 100644 --- a/fs/ceph/acl.c +++ b/fs/ceph/acl.c @@ -104,7 +104,7 @@ int ceph_set_acl(struct user_namespace *mnt_userns, struct inode *inode, case ACL_TYPE_ACCESS: name = XATTR_NAME_POSIX_ACL_ACCESS; if (acl) { - ret = posix_acl_update_mode(&init_user_ns, inode, + ret = posix_acl_update_mode(mnt_userns, inode, &new_mode, &acl); if (ret) goto out; From patchwork Tue Jan 4 14:04:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703510 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8734C433F5 for ; Tue, 4 Jan 2022 14:04:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234009AbiADOE7 (ORCPT ); Tue, 4 Jan 2022 09:04:59 -0500 Received: from ams.source.kernel.org ([145.40.68.75]:60464 "EHLO ams.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234021AbiADOE5 (ORCPT ); Tue, 4 Jan 2022 09:04:57 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 8B5ACB81616 for ; Tue, 4 Jan 2022 14:04:56 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E9EFEC36AEF; Tue, 4 Jan 2022 14:04:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305095; bh=8e4epHakb3Xtslr0Q2NnZCutAr62cneMBxY2UNssPZ8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=cqw5CU1LnoJip9BKN35RpkPwumG3GCjwclE2LC5p9iMWNQyV3KcuPy4fWXihwQcWg sT4lm56ieUnXkDJtbU0jwJOAOSo4qXF+TarA0ss1Ss0IolBvL8DaDSF0UqQShmoWpO 02GnllNa4HF22/TdlAucFu8QcObQPE4YL4RtA0DN1etjqFFGfrUj0dL00tetQyl8rF g20IqR/eSEicKeDFXFEmHG7NjfYYtMzKwa5re6VG66lF4tujQ/4Gj2T57pXikIbE5F 7ETiYgyDeJ5Mmgo2fZ+i9dGSMK+FPYY4FDiG6NUjFKlit/pNBbpZP8cL309q/deLzS 2C4uOyzd9rL9g== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 11/12] ceph/file: allow idmapped atomic_open inode op Date: Tue, 4 Jan 2022 15:04:13 +0100 Message-Id: <20220104140414.155198-12-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2448; h=from:subject; bh=3buUJvV9QWGh6sToQAqdVcg0nOBmUpDfSZr6VVRzOtI=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd6c+m79jvnh/44Gz7iR7rP/hvPE0kUdUY3J5++E3Pru 4jLHp6OUhUGMi0FWTJHFod0kXG45T8Vmo0wNmDmsTCBDGLg4BWAiB+QY/vs3P7/ps7E+JMOWl1luka Rc/0mZmDcHmos/1dmZsnNsAKpIaU3dv6bmnqe0efSdq82P161xXHhknr/tIeYbJhpfjM1YAA== X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Enable ceph_atomic_open() to handle idmapped mounts. This is just a matter of passing down the mount's idmapping. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/file.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/fs/ceph/file.c b/fs/ceph/file.c index c138e8126286..7fecb41796c7 100644 --- a/fs/ceph/file.c +++ b/fs/ceph/file.c @@ -608,7 +608,10 @@ static int ceph_finish_async_create(struct inode *dir, struct dentry *dentry, in.truncate_seq = cpu_to_le32(1); in.truncate_size = cpu_to_le64(-1ULL); in.xattr_version = cpu_to_le64(1); - in.uid = cpu_to_le32(from_kuid(&init_user_ns, current_fsuid())); + in.uid = cpu_to_le32(from_kuid(&init_user_ns, + mapped_kuid_user(req->mnt_userns, + &init_user_ns, + current_fsuid()))); if (dir->i_mode & S_ISGID) { in.gid = cpu_to_le32(from_kgid(&init_user_ns, dir->i_gid)); @@ -616,11 +619,14 @@ static int ceph_finish_async_create(struct inode *dir, struct dentry *dentry, if (S_ISDIR(mode)) mode |= S_ISGID; else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) && - !in_group_p(dir->i_gid) && - !capable_wrt_inode_uidgid(&init_user_ns, dir, CAP_FSETID)) + !in_group_p(i_gid_into_mnt(req->mnt_userns, dir)) && + !capable_wrt_inode_uidgid(req->mnt_userns, dir, CAP_FSETID)) mode &= ~S_ISGID; } else { - in.gid = cpu_to_le32(from_kgid(&init_user_ns, current_fsgid())); + in.gid = cpu_to_le32(from_kgid(&init_user_ns, + mapped_kgid_user(req->mnt_userns, + &init_user_ns, + current_fsgid()))); } in.mode = cpu_to_le32((u32)mode); @@ -677,6 +683,7 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, struct file *file, unsigned flags, umode_t mode) { struct ceph_fs_client *fsc = ceph_sb_to_client(dir->i_sb); + struct user_namespace *mnt_userns = file_mnt_user_ns(file); struct ceph_mds_client *mdsc = fsc->mdsc; struct ceph_mds_request *req; struct dentry *dn; @@ -719,6 +726,7 @@ int ceph_atomic_open(struct inode *dir, struct dentry *dentry, mask |= CEPH_CAP_XATTR_SHARED; req->r_args.open.mask = cpu_to_le32(mask); req->r_parent = dir; + req->mnt_userns = mnt_userns; ihold(dir); if (flags & O_CREAT) { From patchwork Tue Jan 4 14:04:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 12703511 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 792B2C433F5 for ; Tue, 4 Jan 2022 14:05:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232721AbiADOFB (ORCPT ); Tue, 4 Jan 2022 09:05:01 -0500 Received: from dfw.source.kernel.org ([139.178.84.217]:49796 "EHLO dfw.source.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234016AbiADOE6 (ORCPT ); Tue, 4 Jan 2022 09:04:58 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EB5D661462 for ; Tue, 4 Jan 2022 14:04:57 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D8B97C36AE9; Tue, 4 Jan 2022 14:04:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1641305097; bh=qNglKwXd6EyPWHSqBbs3+BiKQnPKuqE/UETgHh2mvF4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=krEQYDnHbmKZ0wb62vGlfZ9JO/cnAe7O8UVVxRZdxnv9Z+LmxuPUjbwWzvxZdQclJ d08caaWW9VlnVpY11AxOtzow1JV0zlgWK7Krh8hsMLZsds5Kg5XcRuML6U04KXX+e/ drqLY8LsqDhqShZoMW0AWqHHThM+tm49HWcB2GN0WPncvzjmQhz18i8T+eUSvA1mnw WzLyX7LbwmthoabvXC2mltx/O9muElCqoy2f9/GivnQrqMSrB10l5Dkpj7dpPolFQ/ ZkbZPlfKdzst7uUWqqABQB/tHNRyL62wLpsXy4LpC2kq7r/qmZWc8eptkpzg734zK9 TI9EsCGAYKBjQ== From: Christian Brauner To: Jeff Layton , ceph-devel@vger.kernel.org Cc: Ilya Dryomov , Christoph Hellwig , Christian Brauner Subject: [PATCH 12/12] ceph: allow idmapped mounts Date: Tue, 4 Jan 2022 15:04:14 +0100 Message-Id: <20220104140414.155198-13-brauner@kernel.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220104140414.155198-1-brauner@kernel.org> References: <20220104140414.155198-1-brauner@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=846; h=from:subject; bh=QoWBNhUA5hkB9uz6Fpuu0zEJNpP1SgEB8WEFGaB2D4c=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMSReCd6c/eSEnamx5H6uqeYvpbgF3sSudznO/rSpcn30nbh/ fznfdZSyMIhxMciKKbI4tJuEyy3nqdhslKkBM4eVCWQIAxenAEyk5xMjw9zSFz5r6+9cnai4We94dv 7NA0FHPbPPyHlydQktfbkqI5Thr5xL6uW8a7VtotahWS/rw7Z9f7T/9KljVUINj26s3cttxAwA X-Developer-Key: i=christian.brauner@ubuntu.com; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: Christian Brauner Now that we converted cephfs internally to account for idmapped mounts allow the creation of idmapped mounts on by setting the FS_ALLOW_IDMAP flag. Cc: Jeff Layton Cc: Ilya Dryomov Cc: ceph-devel@vger.kernel.org Signed-off-by: Christian Brauner --- fs/ceph/super.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ceph/super.c b/fs/ceph/super.c index bab61232dc5a..eda4a26fcb0c 100644 --- a/fs/ceph/super.c +++ b/fs/ceph/super.c @@ -1242,7 +1242,7 @@ static struct file_system_type ceph_fs_type = { .name = "ceph", .init_fs_context = ceph_init_fs_context, .kill_sb = ceph_kill_sb, - .fs_flags = FS_RENAME_DOES_D_MOVE, + .fs_flags = FS_RENAME_DOES_D_MOVE | FS_ALLOW_IDMAP, }; MODULE_ALIAS_FS("ceph");