Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp2384837pxb;
        Sun, 15 Nov 2020 02:48:25 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxqBWCj3RithxkxjX81YBCyENxuum/gQXVjQ8E4xFuHx5ECj+3JjgU6z+J/B52QP9r9NO2W
X-Received: by 2002:a17:906:4059:: with SMTP id y25mr10059329ejj.498.1605437304857;
        Sun, 15 Nov 2020 02:48:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1605437304; cv=none;
        d=google.com; s=arc-20160816;
        b=FtMcSyWZg0oyD9oMqigb01T4EYWspmESbwLCZni4SL8BSdlfJuOYJYJqqNJYsQWdJ2
         /wcOAvhjqlXGf3Px+roVA0WkV5lWUG2lMax4Yf5g9LgVtq2IUuzBcBextdHrRsRC9OA9
         P8ZUcaCnwffagyLGiUG9SGQ62bs5lJEkSyMUlGvp6XJhakObQGjfVL3cTrQKC4J1MAie
         n15Rhr4zgH8+57SYiDIaqjL3W6KgxkS423p6UArhBt3JhhnVfT8QexmezdK+EERCK/Qi
         SS6x3dlzqs3EVwzW+RzvHWGapBd4B6/qPXeN2hP3DvzHV1u57dg9Y6/nTPxzYBn2SvpU
         wZCQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=TzI55Bw3fJq87TLUgPIWcy7D828Q5rB79IkJ68MDFVg=;
        b=x59LRYq4lUnd5iNrxsTddg1UXIvOehjn09GgYT/NRdMz/eFI/VcaiiwIv+r6e1mOX4
         ElUPEbn4AXIkZqqTKwZ/JskJ1jLLoiT2IugbLPpXhZMYUPF7EsjlFMTn3y/QHLsiia3m
         UPavGDS666E392P8cN2AKlYiP9rJPO5BbFYG3FuX+gT4FSW/+j2L2FbkwvUtzE0F0DNa
         d6pnu6GcGc2HWg0595gk6hdG7EFi6r2dNv0elFJCxBfxncitMnyVP086gb0Lw52ktqHB
         KFvoyx8DlCXthwvzdC2CWcwYaB80/m1hgNzR0A8vQHmM+/D/3/syTNFXXeZ88/4/krAb
         PBLA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org
Return-Path: <linux-ext4-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id lf14si9333764ejb.359.2020.11.15.02.48.01;
        Sun, 15 Nov 2020 02:48:24 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726932AbgKOKr6 (ORCPT <rfc822;mingkaidong@gmail.com>
        + 99 others); Sun, 15 Nov 2020 05:47:58 -0500
Received: from youngberry.canonical.com ([91.189.89.112]:59797 "EHLO
        youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726510AbgKOKrj (ORCPT
        <rfc822;linux-ext4@vger.kernel.org>); Sun, 15 Nov 2020 05:47:39 -0500
Received: from ip5f5af0a0.dynamic.kabel-deutschland.de ([95.90.240.160] helo=wittgenstein.fritz.box)
        by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
        (Exim 4.86_2)
        (envelope-from <christian.brauner@ubuntu.com>)
        id 1keFRS-0000Kt-Ok; Sun, 15 Nov 2020 10:39:31 +0000
From:   Christian Brauner <christian.brauner@ubuntu.com>
To:     Alexander Viro <viro@zeniv.linux.org.uk>,
        Christoph Hellwig <hch@infradead.org>,
        linux-fsdevel@vger.kernel.org
Cc:     John Johansen <john.johansen@canonical.com>,
        James Morris <jmorris@namei.org>,
        Mimi Zohar <zohar@linux.ibm.com>,
        Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
        Stephen Smalley <stephen.smalley.work@gmail.com>,
        Casey Schaufler <casey@schaufler-ca.com>,
        Arnd Bergmann <arnd@arndb.de>,
        Andreas Dilger <adilger.kernel@dilger.ca>,
        OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>,
        Geoffrey Thomas <geofft@ldpreload.com>,
        Mrunal Patel <mpatel@redhat.com>,
        Josh Triplett <josh@joshtriplett.org>,
        Andy Lutomirski <luto@kernel.org>,
        Theodore Tso <tytso@mit.edu>, Alban Crequy <alban@kinvolk.io>,
        Tycho Andersen <tycho@tycho.ws>,
        David Howells <dhowells@redhat.com>,
        James Bottomley <James.Bottomley@hansenpartnership.com>,
        Jann Horn <jannh@google.com>,
        Seth Forshee <seth.forshee@canonical.com>,
        =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@ubuntu.com>,
        Aleksa Sarai <cyphar@cyphar.com>,
        Lennart Poettering <lennart@poettering.net>,
        "Eric W. Biederman" <ebiederm@xmission.com>, smbarber@chromium.org,
        Phil Estes <estesp@gmail.com>, Serge Hallyn <serge@hallyn.com>,
        Kees Cook <keescook@chromium.org>,
        Todd Kjos <tkjos@google.com>, Jonathan Corbet <corbet@lwn.net>,
        containers@lists.linux-foundation.org,
        linux-security-module@vger.kernel.org, linux-api@vger.kernel.org,
        linux-ext4@vger.kernel.org, linux-audit@redhat.com,
        linux-integrity@vger.kernel.org, selinux@vger.kernel.org,
        Christian Brauner <christian.brauner@ubuntu.com>,
        Christoph Hellwig <hch@lst.de>
Subject: [PATCH v2 25/39] init: handle idmapped mounts
Date:   Sun, 15 Nov 2020 11:37:04 +0100
Message-Id: <20201115103718.298186-26-christian.brauner@ubuntu.com>
X-Mailer: git-send-email 2.29.2
In-Reply-To: <20201115103718.298186-1-christian.brauner@ubuntu.com>
References: <20201115103718.298186-1-christian.brauner@ubuntu.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-ext4.vger.kernel.org>
X-Mailing-List: linux-ext4@vger.kernel.org

Enable the init helpers to handle idmapped mounts by passing down the mount's
user namespace.

Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
patch introduced
---
 fs/init.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/fs/init.c b/fs/init.c
index 76f493600030..334e4c9c07eb 100644
--- a/fs/init.c
+++ b/fs/init.c
@@ -49,7 +49,7 @@ int __init init_chdir(const char *filename)
 	error = kern_path(filename, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &path);
 	if (error)
 		return error;
-	error = inode_permission(&init_user_ns, path.dentry->d_inode,
+	error = inode_permission(mnt_user_ns(path.mnt), path.dentry->d_inode,
 				 MAY_EXEC | MAY_CHDIR);
 	if (!error)
 		set_fs_pwd(current->fs, &path);
@@ -65,7 +65,7 @@ int __init init_chroot(const char *filename)
 	error = kern_path(filename, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &path);
 	if (error)
 		return error;
-	error = inode_permission(&init_user_ns, path.dentry->d_inode,
+	error = inode_permission(mnt_user_ns(path.mnt), path.dentry->d_inode,
 				 MAY_EXEC | MAY_CHDIR);
 	if (error)
 		goto dput_and_out;
@@ -120,7 +120,7 @@ int __init init_eaccess(const char *filename)
 	error = kern_path(filename, LOOKUP_FOLLOW, &path);
 	if (error)
 		return error;
-	error = inode_permission(&init_user_ns, d_inode(path.dentry),
+	error = inode_permission(mnt_user_ns(path.mnt), d_inode(path.dentry),
 				 MAY_ACCESS);
 	path_put(&path);
 	return error;
@@ -190,7 +190,7 @@ int __init init_link(const char *oldname, const char *newname)
 	error = security_path_link(old_path.dentry, &new_path, new_dentry);
 	if (error)
 		goto out_dput;
-	error = vfs_link(old_path.dentry, &init_user_ns, 
+	error = vfs_link(old_path.dentry, &init_user_ns,
 			 new_path.dentry->d_inode, new_dentry, NULL);
 out_dput:
 	done_path_create(&new_path, new_dentry);
-- 
2.29.2