Received: by 10.223.185.116 with SMTP id b49csp3626133wrg; Tue, 13 Feb 2018 05:20:27 -0800 (PST) X-Google-Smtp-Source: AH8x225k/E87Pi25Ctnb4hii8OG6vnLGY3/36JRFL42AhOEknhbGk466RHjhiiVzh1P59/D1H8Oc X-Received: by 10.101.86.198 with SMTP id w6mr982155pgs.434.1518528027522; Tue, 13 Feb 2018 05:20:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518528027; cv=none; d=google.com; s=arc-20160816; b=E215o2cJ+iwi0ZupBhPftzFoTNJ/N0Ab1BYn7U9fg3qfKuE96MWgj7pe5hgIadlxeW SNPcyBhbGMEDzLEWSpdjHltPT9afb8fvL/rDnrswvw09uZFepHdI1gh7XxZWhmFSRYs7 opbhkeitjmnquY/ygtu5IkcOO69aOOLQ1Ll9bV7qWy0IlIwVbvL0L2ROAsE5yjLlXW/r VdsHBse4vRjEHIp8wLWyYGyA0ab0b3xZU4njoP0l5lj6jFaCmNdpdHk1XOBCpiS4LyyD 51MPpxoH12bc9y5mqS0PwnZ4YQBZrQnCCZoScfJFN8J5BVSgKenTf2M+bIeHefEurj37 7elg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:arc-authentication-results; bh=OAU4DLSB2j4tEzrMZBD23guXi4Jxpxn8MnEy+NerIdI=; b=xo2evClwqxpjHADXAGodNh5/9IWlFC5N4DRhKqeIT61wWYxhcaH/7GUrX5y6G1rtD4 chx/9xHg/yUXnGWUBYoGbZF/4Q856rP9wXLAN3u4JEHawvZtxR91cMHQ3t+hffVHRCRD Mu8C/Y2yHaHmZpxcb+AVRTNlx/Zdh+7qKSg1LZzy42YukbUij2RGooEgKXZ+ew5QME6l tGw21k+YnBkuPkJVrO5mjAPVvfhH62d5RfKF5MRScGTPvlAI6PwbZ2AIvOjq50qv5FqK zlojpWzz1l7evGdmMEPQpbPQNvOGugJU02cxhjQFyEKc1GW27LyL2gW3CkjJJ+xL7ovX 3+gQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 31-v6si1301985plz.201.2018.02.13.05.20.12; Tue, 13 Feb 2018 05:20:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S964871AbeBMNSY (ORCPT + 99 others); Tue, 13 Feb 2018 08:18:24 -0500 Received: from mail-qk0-f195.google.com ([209.85.220.195]:43101 "EHLO mail-qk0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S935196AbeBMNSW (ORCPT ); Tue, 13 Feb 2018 08:18:22 -0500 Received: by mail-qk0-f195.google.com with SMTP id i184so11313532qkf.10 for ; Tue, 13 Feb 2018 05:18:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=OAU4DLSB2j4tEzrMZBD23guXi4Jxpxn8MnEy+NerIdI=; b=T1niO9DDhhDXFH5p9IWqBqotHNFHiIM5QMv8cnhJOYZbd/x92B9m5xYwTFkkDSDgQK QdAGuBmmSYYTFiGbHmFQraZeAdkCCphS0LdG60i6YWzXvaEx7F/gfYvCQ6LHEhxKRFv7 dLO5qds/PRbTEDVBeY/3PGjzVoWl6SD7zH9BE6m4VT9BJoR38g1rraUQvjLG0UMickSr U5IuMMBUZk1f9ORRPNCSEH1uQylKQWKNizvtSMOT2Ff6v37SGcgF+2Z/tAW9044aiiMj 0yjNOsBUU8D1TF+yqPKMC3svMKrZILvwGniKRGskzWIIdfXJW2g+aN3HN5qW1VTge1fL Bjbw== X-Gm-Message-State: APf1xPA+l+Xdy7WeegAqqgb2XM9GfWreG0Lh8rb3iPg49oJEaLY2uXl6 YQlBwzR17IkJzMHE2GDd5x/sZvpiPfuj+Te69g4OWA== X-Received: by 10.55.148.69 with SMTP id w66mr1720843qkd.179.1518527901829; Tue, 13 Feb 2018 05:18:21 -0800 (PST) MIME-Version: 1.0 Received: by 10.140.95.17 with HTTP; Tue, 13 Feb 2018 05:18:21 -0800 (PST) In-Reply-To: References: From: Miklos Szeredi Date: Tue, 13 Feb 2018 14:18:21 +0100 Message-ID: Subject: Re: [PATCH 03/11] fs: Allow superblock owner to change ownership of inodes To: Dongsu Park Cc: lkml , containers@lists.linux-foundation.org, Alban Crequy , "Eric W . Biederman" , Seth Forshee , Sargun Dhillon , linux-fsdevel , Alexander Viro , "Luis R. Rodriguez" , Kees Cook Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 22, 2017 at 3:32 PM, Dongsu Park wrote: > From: Eric W. Biederman > > Allow users with CAP_SYS_CHOWN over the superblock of a filesystem to > chown files. Ordinarily the capable_wrt_inode_uidgid check is > sufficient to allow access to files but when the underlying filesystem > has uids or gids that don't map to the current user namespace it is > not enough, so the chown permission checks need to be extended to > allow this case. > > Calling chown on filesystem nodes whose uid or gid don't map is > necessary if those nodes are going to be modified as writing back > inodes which contain uids or gids that don't map is likely to cause > filesystem corruption of the uid or gid fields. How can the filesystem be corrupted if chown is denied? It is not clear to me what the purpose of this patch is or what the exact usecase this is fixing. Thanks, Miklos