From: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> To: Miklos Szeredi <mszeredi-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> Cc: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>, containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>, Alban Crequy <alban-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org>, Sargun Dhillon <sargun-GaZTRHToo+CzQB+pC5nmwQ@public.gmane.org>, linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Linus Torvalds <torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org> Subject: [PATCH v8 2/6] fuse: Simplfiy the posix acl handling logic. Date: Fri, 2 Mar 2018 15:59:15 -0600 [thread overview] Message-ID: <20180302215919.27207-2-ebiederm@xmission.com> (raw) In-Reply-To: <87r2p287i8.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> Rename the fuse connection flag posix_acl to cached_posix_acl as that is what it actually means. That fuse will cache and operate on the cached value of the posix acl. Always use posix_acl_access_xattr_handler so the fuse code benefits from the generic posix acl handlers as much as possible. This will become important as the code works on translation of uid and gid in the posix acls when fuse is not mounted in the initial user namespace. Update fuse_get_acl so that it does not cache the acl if the code is not caching the acl. This is all that is needed to ensure the fuse_getxattr calls down into the fuse server when posix_acl_xattr_get is called. The updated code goes through fuse_getacl, and as such has posix acl specific sanity checks and attribute handling but no real difference from the previous code that skipped it. It can safely be assumed that fuse filesystems where acls are not cached in the kernel do not set fc->default_permissions as default_permissions only checked posix acls if .get_acl was defined and before the cached acl flag was introduced fuse did not implement a get_acl method. Signed-off-by: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> --- fs/fuse/acl.c | 6 ++++-- fs/fuse/dir.c | 2 +- fs/fuse/fuse_i.h | 3 +-- fs/fuse/inode.c | 3 +-- fs/fuse/xattr.c | 5 ----- 5 files changed, 7 insertions(+), 12 deletions(-) diff --git a/fs/fuse/acl.c b/fs/fuse/acl.c index ec85765502f1..cfa58ee0c10b 100644 --- a/fs/fuse/acl.c +++ b/fs/fuse/acl.c @@ -19,7 +19,7 @@ struct posix_acl *fuse_get_acl(struct inode *inode, int type) void *value = NULL; struct posix_acl *acl; - if (!fc->posix_acl || fc->no_getxattr) + if (fc->no_getxattr) return NULL; if (type == ACL_TYPE_ACCESS) @@ -44,6 +44,8 @@ struct posix_acl *fuse_get_acl(struct inode *inode, int type) acl = ERR_PTR(size); kfree(value); + if (!IS_ERR(acl) && !fc->cached_posix_acl) + acl = to_uncacheable_acl(acl); return acl; } @@ -53,7 +55,7 @@ int fuse_set_acl(struct inode *inode, struct posix_acl *acl, int type) const char *name; int ret; - if (!fc->posix_acl || fc->no_setxattr) + if (fc->no_setxattr) return -EOPNOTSUPP; if (type == ACL_TYPE_ACCESS) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 24967382a7b1..43a45e83d313 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1764,7 +1764,7 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr) * If filesystem supports acls it may have updated acl xattrs in * the filesystem, so forget cached acls for the inode. */ - if (fc->posix_acl) + if (fc->cached_posix_acl) forget_all_cached_acls(inode); /* Directory mode changed, may need to revalidate access */ diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index c4c093bbf456..74ce02fb16d6 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -619,7 +619,7 @@ struct fuse_conn { unsigned no_lseek:1; /** Does the filesystem support posix acls? */ - unsigned posix_acl:1; + unsigned cached_posix_acl:1; /** Check permissions based on the file mode or not? */ unsigned default_permissions:1; @@ -974,7 +974,6 @@ ssize_t fuse_getxattr(struct inode *inode, const char *name, void *value, ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size); int fuse_removexattr(struct inode *inode, const char *name); extern const struct xattr_handler *fuse_xattr_handlers[]; -extern const struct xattr_handler *fuse_acl_xattr_handlers[]; struct posix_acl; struct posix_acl *fuse_get_acl(struct inode *inode, int type); diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 624f18bbfd2b..507f780046c5 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -915,8 +915,7 @@ static void process_init_reply(struct fuse_conn *fc, struct fuse_req *req) fc->sb->s_time_gran = arg->time_gran; if ((arg->flags & FUSE_POSIX_ACL)) { fc->default_permissions = 1; - fc->posix_acl = 1; - fc->sb->s_xattr = fuse_acl_xattr_handlers; + fc->cached_posix_acl = 1; } } else { ra_pages = fc->max_read / PAGE_SIZE; diff --git a/fs/fuse/xattr.c b/fs/fuse/xattr.c index 3caac46b08b0..ed64c508585a 100644 --- a/fs/fuse/xattr.c +++ b/fs/fuse/xattr.c @@ -199,11 +199,6 @@ static const struct xattr_handler fuse_xattr_handler = { }; const struct xattr_handler *fuse_xattr_handlers[] = { - &fuse_xattr_handler, - NULL -}; - -const struct xattr_handler *fuse_acl_xattr_handlers[] = { &posix_acl_access_xattr_handler, &posix_acl_default_xattr_handler, &fuse_xattr_handler, -- 2.14.1
WARNING: multiple messages have this Message-ID (diff)
From: "Eric W. Biederman" <ebiederm@xmission.com> To: Miklos Szeredi <mszeredi@redhat.com> Cc: linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org, linux-fsdevel@vger.kernel.org, Alban Crequy <alban@kinvolk.io>, Seth Forshee <seth.forshee@canonical.com>, Sargun Dhillon <sargun@sargun.me>, Dongsu Park <dongsu@kinvolk.io>, "Serge E. Hallyn" <serge@hallyn.com>, Linus Torvalds <torvalds@linux-foundation.org>, "Eric W. Biederman" <ebiederm@xmission.com> Subject: [PATCH v8 2/6] fuse: Simplfiy the posix acl handling logic. Date: Fri, 2 Mar 2018 15:59:15 -0600 [thread overview] Message-ID: <20180302215919.27207-2-ebiederm@xmission.com> (raw) In-Reply-To: <87r2p287i8.fsf_-_@xmission.com> Rename the fuse connection flag posix_acl to cached_posix_acl as that is what it actually means. That fuse will cache and operate on the cached value of the posix acl. Always use posix_acl_access_xattr_handler so the fuse code benefits from the generic posix acl handlers as much as possible. This will become important as the code works on translation of uid and gid in the posix acls when fuse is not mounted in the initial user namespace. Update fuse_get_acl so that it does not cache the acl if the code is not caching the acl. This is all that is needed to ensure the fuse_getxattr calls down into the fuse server when posix_acl_xattr_get is called. The updated code goes through fuse_getacl, and as such has posix acl specific sanity checks and attribute handling but no real difference from the previous code that skipped it. It can safely be assumed that fuse filesystems where acls are not cached in the kernel do not set fc->default_permissions as default_permissions only checked posix acls if .get_acl was defined and before the cached acl flag was introduced fuse did not implement a get_acl method. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> --- fs/fuse/acl.c | 6 ++++-- fs/fuse/dir.c | 2 +- fs/fuse/fuse_i.h | 3 +-- fs/fuse/inode.c | 3 +-- fs/fuse/xattr.c | 5 ----- 5 files changed, 7 insertions(+), 12 deletions(-) diff --git a/fs/fuse/acl.c b/fs/fuse/acl.c index ec85765502f1..cfa58ee0c10b 100644 --- a/fs/fuse/acl.c +++ b/fs/fuse/acl.c @@ -19,7 +19,7 @@ struct posix_acl *fuse_get_acl(struct inode *inode, int type) void *value = NULL; struct posix_acl *acl; - if (!fc->posix_acl || fc->no_getxattr) + if (fc->no_getxattr) return NULL; if (type == ACL_TYPE_ACCESS) @@ -44,6 +44,8 @@ struct posix_acl *fuse_get_acl(struct inode *inode, int type) acl = ERR_PTR(size); kfree(value); + if (!IS_ERR(acl) && !fc->cached_posix_acl) + acl = to_uncacheable_acl(acl); return acl; } @@ -53,7 +55,7 @@ int fuse_set_acl(struct inode *inode, struct posix_acl *acl, int type) const char *name; int ret; - if (!fc->posix_acl || fc->no_setxattr) + if (fc->no_setxattr) return -EOPNOTSUPP; if (type == ACL_TYPE_ACCESS) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 24967382a7b1..43a45e83d313 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1764,7 +1764,7 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr) * If filesystem supports acls it may have updated acl xattrs in * the filesystem, so forget cached acls for the inode. */ - if (fc->posix_acl) + if (fc->cached_posix_acl) forget_all_cached_acls(inode); /* Directory mode changed, may need to revalidate access */ diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index c4c093bbf456..74ce02fb16d6 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -619,7 +619,7 @@ struct fuse_conn { unsigned no_lseek:1; /** Does the filesystem support posix acls? */ - unsigned posix_acl:1; + unsigned cached_posix_acl:1; /** Check permissions based on the file mode or not? */ unsigned default_permissions:1; @@ -974,7 +974,6 @@ ssize_t fuse_getxattr(struct inode *inode, const char *name, void *value, ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size); int fuse_removexattr(struct inode *inode, const char *name); extern const struct xattr_handler *fuse_xattr_handlers[]; -extern const struct xattr_handler *fuse_acl_xattr_handlers[]; struct posix_acl; struct posix_acl *fuse_get_acl(struct inode *inode, int type); diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 624f18bbfd2b..507f780046c5 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -915,8 +915,7 @@ static void process_init_reply(struct fuse_conn *fc, struct fuse_req *req) fc->sb->s_time_gran = arg->time_gran; if ((arg->flags & FUSE_POSIX_ACL)) { fc->default_permissions = 1; - fc->posix_acl = 1; - fc->sb->s_xattr = fuse_acl_xattr_handlers; + fc->cached_posix_acl = 1; } } else { ra_pages = fc->max_read / PAGE_SIZE; diff --git a/fs/fuse/xattr.c b/fs/fuse/xattr.c index 3caac46b08b0..ed64c508585a 100644 --- a/fs/fuse/xattr.c +++ b/fs/fuse/xattr.c @@ -199,11 +199,6 @@ static const struct xattr_handler fuse_xattr_handler = { }; const struct xattr_handler *fuse_xattr_handlers[] = { - &fuse_xattr_handler, - NULL -}; - -const struct xattr_handler *fuse_acl_xattr_handlers[] = { &posix_acl_access_xattr_handler, &posix_acl_default_xattr_handler, &fuse_xattr_handler, -- 2.14.1
next prev parent reply other threads:[~2018-03-02 21:59 UTC|newest] Thread overview: 218+ messages / expand[flat|nested] mbox.gz Atom feed top 2017-12-22 14:32 [PATCH v5 00/11] FUSE mounts from non-init user namespaces Dongsu Park 2017-12-22 14:32 ` [PATCH 01/11] block_dev: Support checking inode permissions in lookup_bdev() Dongsu Park 2017-12-22 18:59 ` Coly Li 2017-12-23 12:00 ` Dongsu Park [not found] ` <17fbec10-68b1-2d2b-d417-2cdfee22b0fa-53JG2FQvpdo@public.gmane.org> 2017-12-23 12:00 ` Dongsu Park [not found] ` <ef5e609602df6d7e2b4aa07b92600f04b6851902.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-22 18:59 ` Coly Li 2017-12-23 3:03 ` Serge E. Hallyn 2017-12-23 3:03 ` Serge E. Hallyn 2017-12-22 14:32 ` [PATCH 03/11] fs: Allow superblock owner to change ownership of inodes Dongsu Park [not found] ` <ac3d34002d7690f6ca5928b57b7fc4d707104b04.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:17 ` Serge E. Hallyn 2017-12-23 3:17 ` Serge E. Hallyn 2018-01-05 19:24 ` Luis R. Rodriguez 2018-02-13 13:18 ` Miklos Szeredi 2018-01-05 19:24 ` Luis R. Rodriguez 2018-01-09 15:10 ` Dongsu Park 2018-01-09 17:23 ` Luis R. Rodriguez [not found] ` <CANxcAMvDQFH0g5PPnVZ3p2Tei04N+8fNf0pk02DrfTkBHjjrPQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-01-09 17:23 ` Luis R. Rodriguez [not found] ` <20180105192407.GF22430-B4tOwbsTzaBolqkO4TVVkw@public.gmane.org> 2018-01-09 15:10 ` Dongsu Park 2018-02-13 13:18 ` Miklos Szeredi 2018-02-16 22:00 ` Eric W. Biederman [not found] ` <CAOssrKcZeAHsRz7P_dxh==QAKnp7HeSTh4vWY2tgbWa1ZD918g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-16 22:00 ` Eric W. Biederman 2017-12-22 14:32 ` [PATCH 04/11] fs: Don't remove suid for CAP_FSETID for userns root Dongsu Park [not found] ` <ddf1fb9b5001e633e0022dee7fecb0ef431e851f.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:26 ` Serge E. Hallyn 2017-12-23 3:26 ` Serge E. Hallyn 2017-12-23 12:38 ` Dongsu Park [not found] ` <CANxcAMtpE05xpOPt3Ua+4DkiTzkW5hOo4BBpiNZh_5+RTCfThA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-13 13:37 ` Miklos Szeredi 2018-02-13 13:37 ` Miklos Szeredi [not found] ` <20171223032606.GD6837-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org> 2017-12-23 12:38 ` Dongsu Park 2017-12-22 14:32 ` [PATCH 05/11] fs: Allow superblock owner to access do_remount_sb() Dongsu Park [not found] ` <8dd484dceb9e96e5b67f21b8a0cf333753985e89.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:30 ` Serge E. Hallyn 2017-12-23 3:30 ` Serge E. Hallyn 2017-12-22 14:32 ` [PATCH 08/11] fuse: Support fuse filesystems outside of init_user_ns Dongsu Park 2018-01-17 10:59 ` Alban Crequy 2018-01-17 14:29 ` Seth Forshee 2018-01-17 18:56 ` Alban Crequy 2018-01-17 18:56 ` Alban Crequy 2018-01-17 19:31 ` Seth Forshee 2018-01-18 10:29 ` Alban Crequy 2018-01-18 10:29 ` Alban Crequy [not found] ` <CADZs7q6ZHGHbrdL96Bmy148Zc6TxruiJrEeDjaDYEX8U-5QV1A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-01-17 19:31 ` Seth Forshee [not found] ` <CADZs7q5NA7Kox62vnCOkL=TGgzTxX+oNYz6=oNXKWkQkQwSMrA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-01-17 14:29 ` Seth Forshee [not found] ` <c85c293e19a478353aba8e6e3ee39e5914f798d5.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:46 ` Serge E. Hallyn 2017-12-23 3:46 ` Serge E. Hallyn 2018-01-17 10:59 ` Alban Crequy 2018-02-12 15:57 ` Miklos Szeredi 2018-02-12 15:57 ` Miklos Szeredi 2018-02-12 16:35 ` Eric W. Biederman [not found] ` <87lgfy5fpd.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-13 10:20 ` Miklos Szeredi 2018-02-13 10:20 ` Miklos Szeredi [not found] ` <CAOssrKcKz8p9YQJLf2W_NCBo+12auxir5jFwXGbANdWdgavpsw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-16 21:52 ` Eric W. Biederman 2018-02-16 21:52 ` Eric W. Biederman [not found] ` <CAOssrKd6vkMDwRT=QQofKCufzQczzQ7dXoVbVfVax-0HqD986w-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-12 16:35 ` Eric W. Biederman 2018-02-20 2:12 ` Eric W. Biederman 2018-02-20 2:12 ` Eric W. Biederman [not found] ` <cover.1512741134.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-22 14:32 ` [PATCH 01/11] block_dev: Support checking inode permissions in lookup_bdev() Dongsu Park 2017-12-22 14:32 ` [PATCH 02/11] mtd: Check permissions towards mtd block device inode when mounting Dongsu Park 2017-12-22 14:32 ` Dongsu Park [not found] ` <945d325a2239efcd55273abb2bac41cfc7264fea.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-22 21:06 ` Richard Weinberger 2017-12-23 3:05 ` Serge E. Hallyn 2017-12-22 21:06 ` Richard Weinberger [not found] ` <CAFLxGvwzRBGJf0-jCAwGts1HwV_nT072+yhHLP079sxQezoTFQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2017-12-23 12:18 ` Dongsu Park 2017-12-23 12:18 ` Dongsu Park [not found] ` <CANxcAMtVqgLmQaTtfJocGGgsn5dSX2CDwzh6bwv6OnjUUwsTrg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2017-12-23 12:56 ` Richard Weinberger 2017-12-23 12:56 ` Richard Weinberger 2017-12-23 3:05 ` Serge E. Hallyn 2017-12-22 14:32 ` [PATCH 03/11] fs: Allow superblock owner to change ownership of inodes Dongsu Park 2017-12-22 14:32 ` [PATCH 04/11] fs: Don't remove suid for CAP_FSETID for userns root Dongsu Park 2017-12-22 14:32 ` [PATCH 05/11] fs: Allow superblock owner to access do_remount_sb() Dongsu Park 2017-12-22 14:32 ` [PATCH 06/11] capabilities: Allow privileged user in s_user_ns to set security.* xattrs Dongsu Park 2017-12-22 14:32 ` Dongsu Park 2017-12-22 14:32 ` Dongsu Park 2017-12-23 3:33 ` Serge E. Hallyn 2017-12-23 3:33 ` Serge E. Hallyn [not found] ` <5adc5e31c25beb987798ecc219df79671547a9ac.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:33 ` Serge E. Hallyn 2017-12-22 14:32 ` [PATCH 07/11] fs: Allow CAP_SYS_ADMIN in s_user_ns to freeze and thaw filesystems Dongsu Park 2017-12-22 14:32 ` Dongsu Park 2017-12-23 3:39 ` Serge E. Hallyn 2018-02-14 12:28 ` Miklos Szeredi [not found] ` <CAOssrKeSTY1pAhpmegFWdGh7irNbT4veG5JaYFj8Q1JjMynadw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-19 22:56 ` Eric W. Biederman 2018-02-19 22:56 ` Eric W. Biederman [not found] ` <61a37f0b159dd56825696d8d3beb8eaffdf1f72f.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:39 ` Serge E. Hallyn 2018-02-14 12:28 ` Miklos Szeredi 2017-12-22 14:32 ` [PATCH 08/11] fuse: Support fuse filesystems outside of init_user_ns Dongsu Park 2017-12-22 14:32 ` [PATCH 09/11] fuse: Restrict allow_other to the superblock's namespace or a descendant Dongsu Park 2017-12-22 14:32 ` [PATCH 10/11] fuse: Allow user namespace mounts Dongsu Park 2017-12-22 14:32 ` [PATCH 11/11] evm: Don't update hmacs in user ns mounts Dongsu Park 2017-12-25 7:05 ` [PATCH v5 00/11] FUSE mounts from non-init user namespaces Eric W. Biederman 2018-02-13 11:32 ` Miklos Szeredi 2018-02-13 11:32 ` Miklos Szeredi 2018-02-16 21:53 ` Eric W. Biederman [not found] ` <CAOssrKey+oxahrXHO5d6Lu1ZD=r1t-b0i4iZM_Ke9ToqTckjkQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-16 21:53 ` Eric W. Biederman 2018-02-21 20:24 ` [PATCH v6 0/6] fuse: " Eric W. Biederman 2018-02-21 20:24 ` Eric W. Biederman [not found] ` <878tbmf5vl.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-21 20:29 ` [PATCH v6 1/5] fuse: Remove the buggy retranslation of pids in fuse_dev_do_read Eric W. Biederman 2018-02-21 20:29 ` Eric W. Biederman 2018-02-22 10:13 ` Miklos Szeredi [not found] ` <CAOssrKch20vj8phkjfjMe=07-8uQiuXfOuCTDjrMzPbkg6DoxA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-22 19:04 ` Eric W. Biederman 2018-02-22 19:04 ` Eric W. Biederman 2018-02-21 20:29 ` [PATCH v6 2/5] fuse: Fail all requests with invalid uids or gids Eric W. Biederman 2018-02-21 20:29 ` Eric W. Biederman 2018-02-22 10:26 ` Miklos Szeredi [not found] ` <CAOssrKeYuVj6ZWUrXp7R_d+wdoArnJ=mhRp22qE9JBW3x-7tfw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-22 18:15 ` Eric W. Biederman 2018-02-22 18:15 ` Eric W. Biederman 2018-02-21 20:29 ` [PATCH v6 3/5] fuse: Support fuse filesystems outside of init_user_ns Eric W. Biederman 2018-02-21 20:29 ` Eric W. Biederman 2018-02-21 20:29 ` [PATCH v6 4/5] fuse: Ensure posix acls are translated " Eric W. Biederman 2018-02-21 20:29 ` Eric W. Biederman 2018-02-22 11:40 ` Miklos Szeredi [not found] ` <CAOssrKeNLBeMkMrrCeRBO9Z80zFxCCEygKL3DErnQ9xBoLkH0g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-22 19:18 ` Eric W. Biederman 2018-02-22 19:18 ` Eric W. Biederman [not found] ` <87inao6dfa.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-22 22:50 ` Eric W. Biederman 2018-02-22 22:50 ` Eric W. Biederman 2018-02-26 7:47 ` Miklos Szeredi [not found] ` <CAOssrKd+c0Mx+=S-+zr1QS8a37Pm=VGki=FVR+LXQZBsk3byqA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-26 16:35 ` Eric W. Biederman 2018-02-26 16:35 ` Eric W. Biederman [not found] ` <87zi3v1zga.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-26 21:51 ` Eric W. Biederman 2018-02-26 21:51 ` Eric W. Biederman [not found] ` <87mv004p0t.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-26 7:47 ` Miklos Szeredi 2018-02-21 20:29 ` [PATCH v6 5/5] fuse: Restrict allow_other to the superblock's namespace or a descendant Eric W. Biederman 2018-02-21 20:29 ` Eric W. Biederman 2018-02-26 23:52 ` [PATCH v7 0/7] fuse: mounts from non-init user namespaces Eric W. Biederman 2018-02-26 23:52 ` Eric W. Biederman 2018-02-26 23:52 ` [PATCH v7 1/7] fuse: Remove the buggy retranslation of pids in fuse_dev_do_read Eric W. Biederman [not found] ` <87po4rz4ui.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-26 23:52 ` Eric W. Biederman 2018-02-26 23:52 ` [PATCH v7 2/7] fuse: Fail all requests with invalid uids or gids Eric W. Biederman 2018-02-26 23:52 ` Eric W. Biederman 2018-02-26 23:52 ` [PATCH v7 3/7] fs/posix_acl: Document that get_acl respects ACL_DONT_CACHE Eric W. Biederman 2018-02-26 23:52 ` [PATCH v7 4/7] fuse: Cache a NULL acl when FUSE_GETXATTR returns -ENOSYS Eric W. Biederman 2018-02-26 23:53 ` [PATCH v7 5/7] fuse: Simplfiy the posix acl handling logic Eric W. Biederman 2018-02-26 23:53 ` Eric W. Biederman [not found] ` <20180226235302.12708-5-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-27 9:00 ` Miklos Szeredi 2018-02-27 9:00 ` Miklos Szeredi [not found] ` <CAOssrKeWvYpgj4_cgsRBL_kTOHyRS-9_mfO9JHP-JahgqFnfHQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-03-02 21:49 ` Eric W. Biederman 2018-03-02 21:49 ` Eric W. Biederman 2018-02-26 23:53 ` [PATCH v7 6/7] fuse: Support fuse filesystems outside of init_user_ns Eric W. Biederman 2018-02-26 23:53 ` Eric W. Biederman 2018-02-26 23:53 ` [PATCH v7 7/7] fuse: Restrict allow_other to the superblock's namespace or a descendant Eric W. Biederman 2018-03-02 21:58 ` [PATCH v8 0/6] fuse: mounts from non-init user namespaces Eric W. Biederman 2018-02-26 23:52 ` [PATCH v7 3/7] fs/posix_acl: Document that get_acl respects ACL_DONT_CACHE Eric W. Biederman [not found] ` <20180226235302.12708-3-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-27 1:13 ` Linus Torvalds 2018-02-27 1:13 ` Linus Torvalds [not found] ` <CA+55aFySgJyR6JLcS9HLC9wEpWU1isdyTkchHxZHbJWsh7HFpg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-27 2:53 ` Eric W. Biederman 2018-02-27 2:53 ` Eric W. Biederman [not found] ` <87r2p7rvn5.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-27 3:14 ` Eric W. Biederman 2018-02-27 3:14 ` Eric W. Biederman [not found] ` <87tvu3qg2b.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-02-27 3:41 ` Linus Torvalds 2018-02-27 3:41 ` Linus Torvalds [not found] ` <CA+55aFwPo7Pbq+3Oup-oo8MUFHeEpFXp7qr6z2PrzKp7S0ON+A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-03-02 19:53 ` [RFC][PATCH] fs/posix_acl: Update the comments and support lightweight cache skipping Eric W. Biederman 2018-03-02 19:53 ` Eric W. Biederman 2018-02-27 3:36 ` [PATCH v7 3/7] fs/posix_acl: Document that get_acl respects ACL_DONT_CACHE Linus Torvalds 2018-02-27 3:36 ` Linus Torvalds 2018-02-26 23:52 ` [PATCH v7 4/7] fuse: Cache a NULL acl when FUSE_GETXATTR returns -ENOSYS Eric W. Biederman 2018-02-26 23:53 ` [PATCH v7 7/7] fuse: Restrict allow_other to the superblock's namespace or a descendant Eric W. Biederman 2018-03-02 21:58 ` [PATCH v8 0/6] fuse: mounts from non-init user namespaces Eric W. Biederman [not found] ` <87r2p287i8.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-03-02 21:59 ` [PATCH v8 1/6] fs/posix_acl: Update the comments and support lightweight cache skipping Eric W. Biederman 2018-03-02 21:59 ` Eric W. Biederman [not found] ` <20180302215919.27207-1-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-03-05 9:53 ` Miklos Szeredi 2018-03-05 9:53 ` Miklos Szeredi [not found] ` <CAOssrKf0cuxx1YLiwFJHSnzMOOoejjWWibs98Mb5KSXVSSXfOg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-03-05 13:53 ` Eric W. Biederman 2018-03-05 13:53 ` Eric W. Biederman 2018-03-02 21:59 ` Eric W. Biederman [this message] 2018-03-02 21:59 ` [PATCH v8 2/6] fuse: Simplfiy the posix acl handling logic Eric W. Biederman 2018-03-02 21:59 ` [PATCH v8 3/6] fuse: Remove the buggy retranslation of pids in fuse_dev_do_read Eric W. Biederman 2018-03-02 21:59 ` Eric W. Biederman 2018-03-02 21:59 ` [PATCH v8 4/6] fuse: Fail all requests with invalid uids or gids Eric W. Biederman 2018-03-02 21:59 ` [PATCH v8 5/6] fuse: Support fuse filesystems outside of init_user_ns Eric W. Biederman 2018-03-02 21:59 ` [PATCH v8 6/6] fuse: Restrict allow_other to the superblock's namespace or a descendant Eric W. Biederman 2018-03-02 21:59 ` Eric W. Biederman 2018-03-08 21:23 ` [PATCH v9 0/4] fuse: mounts from non-init user namespaces Eric W. Biederman 2018-03-08 21:23 ` Eric W. Biederman 2018-03-08 21:24 ` [PATCH v9 1/4] fuse: Remove the buggy retranslation of pids in fuse_dev_do_read Eric W. Biederman [not found] ` <87ina6ntx0.fsf_-_-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-03-08 21:24 ` Eric W. Biederman 2018-03-08 21:24 ` [PATCH v9 2/4] fuse: Fail all requests with invalid uids or gids Eric W. Biederman 2018-03-08 21:24 ` Eric W. Biederman 2018-03-08 21:24 ` [PATCH v9 3/4] fuse: Support fuse filesystems outside of init_user_ns Eric W. Biederman 2018-03-08 21:24 ` [PATCH v9 4/4] fuse: Restrict allow_other to the superblock's namespace or a descendant Eric W. Biederman 2018-03-20 16:25 ` [PATCH v9 0/4] fuse: mounts from non-init user namespaces Miklos Szeredi 2018-03-08 21:24 ` [PATCH v9 3/4] fuse: Support fuse filesystems outside of init_user_ns Eric W. Biederman 2018-03-08 21:24 ` [PATCH v9 4/4] fuse: Restrict allow_other to the superblock's namespace or a descendant Eric W. Biederman 2018-03-20 16:25 ` [PATCH v9 0/4] fuse: mounts from non-init user namespaces Miklos Szeredi [not found] ` <CAOssrKebhX-nm06RAwep8HUUV4QpsAa=ZOgxdRyP=WF9p-=4Tw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-03-20 18:27 ` Eric W. Biederman 2018-03-20 18:27 ` Eric W. Biederman 2018-03-21 8:38 ` Miklos Szeredi [not found] ` <87tvta38lu.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-03-21 8:38 ` Miklos Szeredi 2018-03-02 21:59 ` [PATCH v8 4/6] fuse: Fail all requests with invalid uids or gids Eric W. Biederman 2018-03-02 21:59 ` [PATCH v8 5/6] fuse: Support fuse filesystems outside of init_user_ns Eric W. Biederman 2017-12-22 14:32 ` [PATCH 09/11] fuse: Restrict allow_other to the superblock's namespace or a descendant Dongsu Park 2017-12-23 3:50 ` Serge E. Hallyn [not found] ` <d055925e5d5c0099e9e9c871004fb45fab67e4bc.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:50 ` Serge E. Hallyn 2018-02-19 23:16 ` Eric W. Biederman 2018-02-19 23:16 ` Eric W. Biederman 2017-12-22 14:32 ` [PATCH 10/11] fuse: Allow user namespace mounts Dongsu Park [not found] ` <a26103156b3f6ba73b1e46c6f577f1bee74872d9.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 3:51 ` Serge E. Hallyn 2017-12-23 3:51 ` Serge E. Hallyn 2018-02-14 13:44 ` Miklos Szeredi 2018-02-14 13:44 ` Miklos Szeredi [not found] ` <CAOssrKcHOp9OaCWRALsxe5MTk+tv7Gi5rPsHz2VLguzK-P+LMw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-15 8:46 ` Miklos Szeredi 2018-02-15 8:46 ` Miklos Szeredi 2017-12-22 14:32 ` [PATCH 11/11] evm: Don't update hmacs in user ns mounts Dongsu Park 2017-12-22 14:32 ` Dongsu Park [not found] ` <1f2233a1a028f1eb1e9bea7d06efa6d34e69e752.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> 2017-12-23 4:03 ` Serge E. Hallyn 2017-12-23 4:03 ` Serge E. Hallyn 2017-12-23 4:03 ` Serge E. Hallyn [not found] ` <20171223040348.GK6837-7LNsyQBKDXoIagZqoN9o3w@public.gmane.org> 2017-12-24 5:12 ` Mimi Zohar 2017-12-24 5:12 ` Mimi Zohar 2017-12-24 5:12 ` Mimi Zohar 2017-12-24 5:12 ` Mimi Zohar [not found] ` <1514092328.5221.116.camel-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> 2017-12-24 5:56 ` Mimi Zohar 2017-12-24 5:56 ` Mimi Zohar 2017-12-24 5:56 ` Mimi Zohar 2017-12-24 5:56 ` Mimi Zohar 2017-12-25 7:05 ` [PATCH v5 00/11] FUSE mounts from non-init user namespaces Eric W. Biederman [not found] ` <877etbcmnd.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 2018-01-09 15:05 ` Dongsu Park 2018-01-09 15:05 ` Dongsu Park 2018-01-18 14:58 ` Alban Crequy [not found] ` <CADZs7q438szfwd-kaaRDnpDFrmno3zy7Zq+6EsnotW8bS0vrTA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-02-19 23:09 ` Eric W. Biederman 2018-02-19 23:09 ` Eric W. Biederman [not found] ` <CANxcAMvwwiPXBTKmTM9sEo8Y1T--V7fNaFqzHfyEvwvaYQV60A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org> 2018-01-18 14:58 ` Alban Crequy
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20180302215919.27207-2-ebiederm@xmission.com \ --to=ebiederm-as9lmozglivwk0htik3j/w@public.gmane.org \ --cc=alban-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org \ --cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \ --cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \ --cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \ --cc=mszeredi-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \ --cc=sargun-GaZTRHToo+CzQB+pC5nmwQ@public.gmane.org \ --cc=seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org \ --cc=torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.