Commit aad49181 authored by Seth Forshee's avatar Seth Forshee Committed by Luis Henriques

(namespace) Revert "UBUNTU: SAUCE: fs: Update posix_acl support to handle user namespace mounts"

BugLink: http://bugs.launchpad.net/bugs/1634964

This reverts commit 7efdc167 in
order to apply the corresponding upstream patch.
Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
Acked-by: default avatarTim Gardner <tim.gardner@canonical.com>
Signed-off-by: default avatarLuis Henriques <luis.henriques@canonical.com>
parent dc0d66cb
...@@ -626,77 +626,59 @@ EXPORT_SYMBOL(posix_acl_update_mode); ...@@ -626,77 +626,59 @@ EXPORT_SYMBOL(posix_acl_update_mode);
/* /*
* Fix up the uids and gids in posix acl extended attributes in place. * Fix up the uids and gids in posix acl extended attributes in place.
*/ */
static int posix_acl_fix_xattr_userns( static void posix_acl_fix_xattr_userns(
struct user_namespace *to, struct user_namespace *from, struct user_namespace *to, struct user_namespace *from,
void *value, size_t size) void *value, size_t size)
{ {
posix_acl_xattr_header *header = (posix_acl_xattr_header *)value; posix_acl_xattr_header *header = (posix_acl_xattr_header *)value;
posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end; posix_acl_xattr_entry *entry = (posix_acl_xattr_entry *)(header+1), *end;
int count; int count;
kuid_t kuid; kuid_t uid;
uid_t uid; kgid_t gid;
kgid_t kgid;
gid_t gid;
if (!value) if (!value)
return 0; return;
if (size < sizeof(posix_acl_xattr_header)) if (size < sizeof(posix_acl_xattr_header))
return 0; return;
if (header->a_version != cpu_to_le32(POSIX_ACL_XATTR_VERSION)) if (header->a_version != cpu_to_le32(POSIX_ACL_XATTR_VERSION))
return 0; return;
count = posix_acl_xattr_count(size); count = posix_acl_xattr_count(size);
if (count < 0) if (count < 0)
return 0; return;
if (count == 0) if (count == 0)
return 0; return;
for (end = entry + count; entry != end; entry++) { for (end = entry + count; entry != end; entry++) {
switch(le16_to_cpu(entry->e_tag)) { switch(le16_to_cpu(entry->e_tag)) {
case ACL_USER: case ACL_USER:
kuid = make_kuid(from, le32_to_cpu(entry->e_id)); uid = make_kuid(from, le32_to_cpu(entry->e_id));
if (!uid_valid(kuid)) entry->e_id = cpu_to_le32(from_kuid(to, uid));
return -EOVERFLOW;
uid = from_kuid(to, kuid);
if (uid == (uid_t)-1)
return -EOVERFLOW;
entry->e_id = cpu_to_le32(uid);
break; break;
case ACL_GROUP: case ACL_GROUP:
kgid = make_kgid(from, le32_to_cpu(entry->e_id)); gid = make_kgid(from, le32_to_cpu(entry->e_id));
if (!gid_valid(kgid)) entry->e_id = cpu_to_le32(from_kgid(to, gid));
return -EOVERFLOW;
gid = from_kgid(to, kgid);
if (gid == (gid_t)-1)
return -EOVERFLOW;
entry->e_id = cpu_to_le32(gid);
break; break;
default: default:
break; break;
} }
} }
return 0;
} }
int void posix_acl_fix_xattr_from_user(void *value, size_t size)
posix_acl_fix_xattr_from_user(struct user_namespace *target_ns, void *value,
size_t size)
{ {
struct user_namespace *source_ns = current_user_ns(); struct user_namespace *user_ns = current_user_ns();
if (source_ns == target_ns) if (user_ns == &init_user_ns)
return 0; return;
return posix_acl_fix_xattr_userns(target_ns, source_ns, value, size); posix_acl_fix_xattr_userns(&init_user_ns, user_ns, value, size);
} }
int void posix_acl_fix_xattr_to_user(void *value, size_t size)
posix_acl_fix_xattr_to_user(struct user_namespace *source_ns, void *value,
size_t size)
{ {
struct user_namespace *target_ns = current_user_ns(); struct user_namespace *user_ns = current_user_ns();
if (target_ns == source_ns) if (user_ns == &init_user_ns)
return 0; return;
return posix_acl_fix_xattr_userns(target_ns, source_ns, value, size); posix_acl_fix_xattr_userns(user_ns, &init_user_ns, value, size);
} }
/* /*
...@@ -831,7 +813,7 @@ posix_acl_xattr_get(const struct xattr_handler *handler, ...@@ -831,7 +813,7 @@ posix_acl_xattr_get(const struct xattr_handler *handler,
if (acl == NULL) if (acl == NULL)
return -ENODATA; return -ENODATA;
error = posix_acl_to_xattr(dentry->d_sb->s_user_ns, acl, value, size); error = posix_acl_to_xattr(&init_user_ns, acl, value, size);
posix_acl_release(acl); posix_acl_release(acl);
return error; return error;
...@@ -872,8 +854,7 @@ posix_acl_xattr_set(const struct xattr_handler *handler, ...@@ -872,8 +854,7 @@ posix_acl_xattr_set(const struct xattr_handler *handler,
return -EINVAL; return -EINVAL;
if (value) { if (value) {
acl = posix_acl_from_xattr(dentry->d_sb->s_user_ns, value, acl = posix_acl_from_xattr(&init_user_ns, value, size);
size);
if (IS_ERR(acl)) if (IS_ERR(acl))
return PTR_ERR(acl); return PTR_ERR(acl);
} }
......
...@@ -352,12 +352,8 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value, ...@@ -352,12 +352,8 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value,
goto out; goto out;
} }
if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) || if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
(strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)) { (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
error = posix_acl_fix_xattr_from_user(d->d_sb->s_user_ns, posix_acl_fix_xattr_from_user(kvalue, size);
kvalue, size);
if (error)
goto out;
}
} }
error = vfs_setxattr(d, kname, kvalue, size, flags); error = vfs_setxattr(d, kname, kvalue, size, flags);
...@@ -457,14 +453,9 @@ getxattr(struct dentry *d, const char __user *name, void __user *value, ...@@ -457,14 +453,9 @@ getxattr(struct dentry *d, const char __user *name, void __user *value,
error = vfs_getxattr(d, kname, kvalue, size); error = vfs_getxattr(d, kname, kvalue, size);
if (error > 0) { if (error > 0) {
if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) || if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
(strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0)) { (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
int ret; posix_acl_fix_xattr_to_user(kvalue, size);
ret = posix_acl_fix_xattr_to_user(d->d_sb->s_user_ns, if (size && copy_to_user(value, kvalue, error))
kvalue, size);
if (ret)
error = ret;
}
if (error > 0 && size && copy_to_user(value, kvalue, error))
error = -EFAULT; error = -EFAULT;
} else if (error == -ERANGE && size >= XATTR_SIZE_MAX) { } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
/* The file system tried to returned a value bigger /* The file system tried to returned a value bigger
......
...@@ -53,23 +53,14 @@ posix_acl_xattr_count(size_t size) ...@@ -53,23 +53,14 @@ posix_acl_xattr_count(size_t size)
} }
#ifdef CONFIG_FS_POSIX_ACL #ifdef CONFIG_FS_POSIX_ACL
int posix_acl_fix_xattr_from_user(struct user_namespace *target_ns, void posix_acl_fix_xattr_from_user(void *value, size_t size);
void *value, size_t size); void posix_acl_fix_xattr_to_user(void *value, size_t size);
int posix_acl_fix_xattr_to_user(struct user_namespace *source_ns, void *value,
size_t size);
#else #else
static inline int static inline void posix_acl_fix_xattr_from_user(void *value, size_t size)
posix_acl_fix_xattr_from_user(struct user_namespace *target_ns, void *value,
size_t size)
{ {
return 0;
} }
static inline void posix_acl_fix_xattr_to_user(void *value, size_t size)
static inline int
posix_acl_fix_xattr_to_user(struct user_namespace *source_ns, void *value,
size_t size)
{ {
return 0;
} }
#endif #endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment