linux/fs/nfsd
Tycho Andersen c7c7a1a18a
xattr: handle idmapped mounts
When interacting with extended attributes the vfs verifies that the
caller is privileged over the inode with which the extended attribute is
associated. For posix access and posix default extended attributes a uid
or gid can be stored on-disk. Let the functions handle posix extended
attributes on idmapped mounts. If the inode is accessed through an
idmapped mount we need to map it according to the mount's user
namespace. Afterwards the checks are identical to non-idmapped mounts.
This has no effect for e.g. security xattrs since they don't store uids
or gids and don't perform permission checks on them like posix acls do.

Link: https://lore.kernel.org/r/20210121131959.646623-10-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Tycho Andersen <tycho@tycho.pizza>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:17 +01:00
..
acl.h nfsd: eliminate an unnecessary acl size limit 2019-08-28 21:13:45 -04:00
auth.c nfsd: auth: Fix gid sorting when rootsquash enabled 2018-01-22 20:13:07 -08:00
auth.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blocklayout.c block: add a bdev_is_partition helper 2020-09-25 08:18:57 -06:00
blocklayoutxdr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
blocklayoutxdr.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cache.h nfsd4: make drc_slab global, not per-net 2020-06-01 17:44:45 -04:00
current_stateid.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
export.c nfsd: allow filesystems to opt out of subtree checking 2020-12-09 09:39:38 -05:00
export.h knfsd: Allow lockless lookups of the exports 2018-10-29 16:58:04 -04:00
fault_inject.c nfsd: no need to check return value of debugfs_create functions 2019-07-03 16:57:17 +02:00
filecache.c \n 2020-12-17 10:56:27 -08:00
filecache.h nfsd: convert file cache to use over/underflow safe refcount 2020-02-06 11:22:55 -05:00
flexfilelayout.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
flexfilelayoutxdr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
flexfilelayoutxdr.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
idmap.h
Kconfig NFSv4.2: Fix NFS4ERR_STALE error when doing inter server copy 2020-10-21 10:31:20 -04:00
lockd.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Makefile nfsd: remove fault injection code 2020-09-25 18:01:26 -04:00
netns.h nfsd: netns.h: delete a duplicated word 2020-07-24 17:25:13 -04:00
nfs2acl.c acl: handle idmapped mounts 2021-01-24 14:27:17 +01:00
nfs3acl.c acl: handle idmapped mounts 2021-01-24 14:27:17 +01:00
nfs3proc.c NFSD: Add common helpers to decode void args and encode void results 2020-11-30 14:46:35 -05:00
nfs3xdr.c nfsd: add a new EXPORT_OP_NOWCC flag to struct export_operations 2020-12-09 09:39:38 -05:00
nfs4acl.c acl: handle idmapped mounts 2021-01-24 14:27:17 +01:00
nfs4callback.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
nfs4idmap.c nfsd: Use seq_putc() in two functions 2020-07-13 17:28:46 -04:00
nfs4layouts.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
nfs4proc.c NFSD: Fix sparse warning in nfssvc.c 2020-12-18 12:28:23 -05:00
nfs4recover.c nfsd: avoid a NULL dereference in __cld_pipe_upcall() 2020-07-13 17:28:46 -04:00
nfs4state.c NFSD: Fix 5 seconds delay when doing inter server copy 2020-12-09 09:38:34 -05:00
nfs4xdr.c NFSD: Restore NFSv4 decoding's SAVEMEM functionality 2020-12-18 12:28:58 -05:00
nfscache.c silence nfscache allocation warnings with kvzalloc 2020-09-25 18:01:28 -04:00
nfsctl.c nfsd: remove fault injection code 2020-09-25 18:01:26 -04:00
nfsd.h Revert "nfsd4: support change_attr_type attribute" 2020-12-09 09:39:38 -05:00
nfsfh.c namei: make permission helpers idmapped mount aware 2021-01-24 14:27:16 +01:00
nfsfh.h nfsd: Record NFSv4 pre/post-op attributes as non-atomic 2020-12-09 09:39:38 -05:00
nfsproc.c attr: handle idmapped mounts 2021-01-24 14:27:16 +01:00
nfssvc.c NFSD: Fix sparse warning in nfssvc.c 2020-12-18 12:28:23 -05:00
nfsxdr.c NFSD: Add common helpers to decode void args and encode void results 2020-11-30 14:46:35 -05:00
pnfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
state.h nfsd: remove fault injection code 2020-09-25 18:01:26 -04:00
stats.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
stats.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace.c NFSD: Add SPDX header for fs/nfsd/trace.c 2020-11-30 13:00:24 -05:00
trace.h NFSD: Add tracepoints in nfsd4_decode/encode_compound() 2020-11-30 14:46:35 -05:00
vfs.c xattr: handle idmapped mounts 2021-01-24 14:27:17 +01:00
vfs.h nfsd: define xattr functions to call into their vfs counterparts 2020-07-13 17:27:03 -04:00
xdr3.h NFSD: Add common helpers to decode void args and encode void results 2020-11-30 14:46:35 -05:00
xdr4.h NFSD: Fix sparse warning in nfssvc.c 2020-12-18 12:28:23 -05:00
xdr4cb.h NFSD CB_OFFLOAD xdr 2018-09-25 20:34:54 -04:00
xdr.h NFSD: Add common helpers to decode void args and encode void results 2020-11-30 14:46:35 -05:00