bianbu-repo-mirror/bianbu-linux-6.6
1
0
Fork 0
mirror of https://gitee.com/bianbu-linux/linux-6.6 synced 2025-04-24 14:07:52 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bianbu-linux-6.6/Documentation/filesystems
History
Christian Brauner e65ce2a50c
acl: handle idmapped mounts 
The posix acl permission checking helpers determine whether a caller is
privileged over an inode according to the acls associated with the
inode. Add helpers that make it possible to handle acls on idmapped
mounts.

The vfs and the filesystems targeted by this first iteration make use of
posix_acl_fix_xattr_from_user() and posix_acl_fix_xattr_to_user() to
translate basic posix access and default permissions such as the
ACL_USER and ACL_GROUP type according to the initial user namespace (or
the superblock's user namespace) to and from the caller's current user
namespace. Adapt these two helpers to handle idmapped mounts whereby we
either map from or into the mount's user namespace depending on in which
direction we're translating.
Similarly, cap_convert_nscap() is used by the vfs to translate user
namespace and non-user namespace aware filesystem capabilities from the
superblock's user namespace to the caller's user namespace. Enable it to
handle idmapped mounts by accounting for the mount's user namespace.

In addition the fileystems targeted in the first iteration of this patch
series make use of the posix_acl_chmod() and, posix_acl_update_mode()
helpers. Both helpers perform permission checks on the target inode. Let
them handle idmapped mounts. These two helpers are called when posix
acls are set by the respective filesystems to handle this case we extend
the ->set() method to take an additional user namespace argument to pass
the mount's user namespace down.

Link: https://lore.kernel.org/r/20210121131959.646623-9-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:17 +01:00
..
caching docs: filesystems: Replace HTTP links with HTTPS ones 2020-07-13 09:33:22 -06:00
cifs docs: filesystems: convert cifs/cifsroot.txt to ReST 2020-05-05 09:22:21 -06:00
ext4 ext4: add docs about fast commit idempotence 2020-12-17 13:30:44 -05:00
nfs nfsd: close cached files prior to a REMOVE or RENAME that would replace target 2020-12-09 09:39:38 -05:00
spufs docs: filesystems: convert spufs/spu_run.txt to ReST 2020-05-05 09:22:24 -06:00
9p.rst Replace HTTP links with HTTPS ones: 9P FILE SYSTEM 2020-07-13 11:28:12 -06:00
adfs.rst docs: filesystems: convert adfs.txt to ReST 2020-03-02 13:58:44 -07:00
affs.rst affs: fix basic permission bits to actually work 2020-08-31 12:20:31 +02:00
afs.rst Replace HTTP links with HTTPS ones: AFS FILESYSTEM 2020-07-13 11:25:29 -06:00
api-summary.rst docs: fs: api-summary.rst: get rid of kernel-doc include 2020-10-28 11:41:15 -06:00
autofs-mount-control.rst Documentation: filesystems: autofs-mount-control: drop doubled words 2020-07-05 14:44:29 -06:00
autofs.rst docs: filesystems: Add mount map description in Content 2019-11-18 12:19:59 -07:00
automount-support.rst docs: filesystems: convert automount-support.txt to ReST 2020-05-05 09:22:21 -06:00
befs.rst docs: filesystems: convert befs.txt to ReST 2020-03-02 14:01:25 -07:00
bfs.rst docs: filesystems: convert bfs.txt to ReST 2020-03-02 14:01:26 -07:00
btrfs.rst docs: filesystems: convert btrfs.txt to ReST 2020-03-02 14:01:28 -07:00
ceph.rst libceph, rbd, ceph: "blacklist" -> "blocklist" 2020-10-12 15:29:26 +02:00
coda.rst Documentation: coda: annotate duplicated words 2020-07-13 10:02:32 -06:00
configfs.rst Documentation: filesystems: configfs: drop doubled word 2020-07-05 14:44:29 -06:00
cramfs.rst docs: filesystems: convert cramfs.txt to ReST 2020-03-02 14:02:07 -07:00
dax.txt This is the second round of ext4 commits for 5.8 merge window. It 2020-06-15 09:32:10 -07:00
debugfs.rst debugfs: remove return value of debugfs_create_devm_seqfile() 2020-10-30 08:37:39 +01:00
devpts.rst docs: filesystems: convert devpts.txt to ReST 2020-05-05 09:22:21 -06:00
directory-locking.rst Documentation: filesystems: directory-locking: drop doubled word 2020-07-05 14:44:29 -06:00
dlmfs.rst ocfs2: replace HTTP links with HTTPS ones 2020-08-07 11:33:22 -07:00
dnotify.rst docs: filesystems: convert dnotify.txt to ReST 2020-05-05 09:22:22 -06:00
ecryptfs.rst docs: prevent warnings due to autosectionlabel 2020-03-20 17:01:29 -06:00
efivarfs.rst docs: filesystems: add info about efivars content 2020-05-25 18:59:59 -06:00
erofs.rst docs: filesystems: convert erofs.txt to ReST 2020-03-02 14:02:57 -07:00
ext2.rst docs: filesystems: Reduce ext2.rst to one top-level heading 2020-11-09 15:33:54 +01:00
ext3.rst docs: filesystems: convert ext3.txt to ReST 2020-03-02 14:03:16 -07:00
f2fs.rst f2fs: add compress_mode mount option 2020-12-03 00:11:57 -08:00
fiemap.rst A lot of bug fixes and cleanups for ext4, including: 2020-06-05 16:19:28 -07:00
files.rst file: Rename fcheck lookup_fd_rcu 2020-12-10 12:40:07 -06:00
fscrypt.rst docs: fs: fscrypt.rst: get rid of :c:type: tags 2020-10-15 07:49:42 +02:00
fsverity.rst fs-verity: move structs needed for file signing to UAPI header 2020-11-23 19:30:14 -08:00
fuse-io.rst docs: filesystems: convert fuse-io.txt to ReST 2020-05-05 09:22:22 -06:00
fuse.rst fuse: update project homepage 2020-09-04 11:32:10 +02:00
gfs2-glocks.rst docs: filesystems: convert gfs2-glocks.txt to ReST 2020-06-02 19:45:05 +02:00
gfs2-uevents.rst docs: filesystems: convert gfs2-uevents.txt to ReST 2020-03-02 14:03:35 -07:00
gfs2.rst Documentation: Update filesystems/gfs2.rst 2020-12-01 00:25:20 +01:00
hfs.rst Replace HTTP links with HTTPS ones: Documentation/filesystems 2020-06-26 11:14:12 -06:00
hfsplus.rst docs: filesystems: convert hfsplus.txt to ReST 2020-03-02 14:03:47 -07:00
hpfs.rst Replace HTTP links with HTTPS ones: Documentation/filesystems 2020-06-26 11:14:12 -06:00
index.rst docs: filesystems: link ubifs-authentication.rst without .rst extension 2020-11-13 15:07:47 -07:00
inotify.rst docs: filesystems: convert inotify.txt to ReST 2020-03-02 14:03:55 -07:00
isofs.rst docs: filesystems: convert isofs.txt to ReST 2020-03-02 14:04:06 -07:00
journalling.rst jbd2: drop jbd2_fc_init documentation 2020-11-06 23:01:03 -05:00
locking.rst acl: handle idmapped mounts 2021-01-24 14:27:17 +01:00
locks.rst docs: filesystems: convert mandatory-locking.txt to ReST 2020-05-05 09:22:22 -06:00
mandatory-locking.rst docs: filesystems: convert mandatory-locking.txt to ReST 2020-05-05 09:22:22 -06:00
mount_api.rst Documentation: mount_api: change kernel log wording 2020-12-03 15:53:13 -07:00
nilfs2.rst docs: filesystems: convert nilfs2.txt to ReST 2020-03-02 14:04:06 -07:00
ntfs.rst docs: filesystems: convert ntfs.txt to ReST 2020-03-02 14:04:06 -07:00
ocfs2-online-filecheck.rst docs: filesystems: convert ocfs2-online-filecheck.txt to ReST 2020-03-02 14:04:06 -07:00
ocfs2.rst ocfs2: replace HTTP links with HTTPS ones 2020-08-07 11:33:22 -07:00
omfs.rst Replace HTTP links with HTTPS ones: OMFS 2020-07-13 11:24:43 -06:00
orangefs.rst docs: orangefs: fix pvfs2tab literal block 2020-04-28 12:35:47 -06:00
overlayfs.rst ovl: user xattr 2020-12-14 15:26:14 +01:00
path-lookup.rst docs: path-lookup: markup fixes for emphasis 2020-07-27 16:14:13 -06:00
path-lookup.txt Replace HTTP links with HTTPS ones: documentation 2020-06-08 09:30:19 -06:00
porting.rst acl: handle idmapped mounts 2021-01-24 14:27:17 +01:00
proc.rst proc: provide details on indirect branch speculation 2020-12-15 22:46:15 -08:00
qnx6.rst docs: filesystems: fix typo in qnx6.rst 2020-04-07 13:20:56 -06:00
quota.rst quota: Fixup http links in quota doc 2020-07-09 08:14:01 +02:00
ramfs-rootfs-initramfs.rst Replace HTTP links with HTTPS ones: Documentation/filesystems 2020-06-26 11:14:12 -06:00
relay.rst docs: filesystems: convert relay.txt to ReST 2020-03-02 14:04:41 -07:00
romfs.rst docs: filesystems: convert romfs.txt to ReST 2020-03-02 14:04:41 -07:00
seq_file.rst doc: seq_file: clarify role of *pos in ->next() 2020-09-28 15:19:44 -06:00
sharedsubtree.rst docs: filesystems: convert sharedsubtree.txt to ReST 2020-05-05 09:22:23 -06:00
splice.rst docs: Bring some order to filesystem documentation 2019-03-06 09:46:10 -07:00
squashfs.rst docs: filesystems: convert squashfs.txt to ReST 2020-03-02 14:04:41 -07:00
sysfs.rst Driver Core patches for 5.10-rc1 2020-10-14 16:09:32 -07:00
sysv-fs.rst docs: filesystems: convert sysv-fs.txt to ReST 2020-03-02 14:04:41 -07:00
tmpfs.rst tmpfs: fix Documentation nits 2020-12-15 12:13:39 -08:00
ubifs-authentication.rst docs: ubifs-authentication: Add a top-level heading 2020-09-09 11:53:33 -06:00
ubifs.rst docs: filesystems: convert ubifs.txt to ReST 2020-03-02 14:04:41 -07:00
udf.rst udf: Replace HTTP links with HTTPS ones 2020-07-14 14:37:39 +02:00
vfat.rst Documentation: filesystems: convert vfat.txt to RST 2020-01-10 10:58:45 -07:00
vfs.rst docs: filesystems: vfs: correct flag name 2020-07-27 16:19:51 -06:00
virtiofs.rst virtiofs: Add mount option and atime behavior to the doc 2020-04-20 17:01:34 +02:00
xfs-delayed-logging-design.rst docs: filesystems: convert xfs-delayed-logging-design.txt to ReST 2020-05-05 09:22:24 -06:00
xfs-self-describing-metadata.rst New code for 5.8: 2020-06-02 19:21:40 -07:00
zonefs.rst zonefs: document the explicit-open mount option 2020-09-15 18:32:58 +09:00