From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7726C38A2A for ; Fri, 8 May 2020 10:14:08 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BF00320A8B for ; Fri, 8 May 2020 10:14:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="j1+g9B8h" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726950AbgEHKOI (ORCPT ); Fri, 8 May 2020 06:14:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725815AbgEHKOH (ORCPT ); Fri, 8 May 2020 06:14:07 -0400 Received: from mail-il1-x143.google.com (mail-il1-x143.google.com [IPv6:2607:f8b0:4864:20::143]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E98AAC05BD43; Fri, 8 May 2020 03:14:06 -0700 (PDT) Received: by mail-il1-x143.google.com with SMTP id q10so932228ile.0; Fri, 08 May 2020 03:14:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jhA1BBa4NsPm3rIlgXZArVumo+yjVGMobhO6ZOoqYRs=; b=j1+g9B8h+aRkZjugMpLxA77lzkdbkqgnmjbB326bQLFMbMMd3h/8DNaT/QoBwKLtfh KXpX36Yy+zI/n0HpXpFGOWA0k7mrQdoDUKEq69HVNbU3UwDWJ0hS31NrGkc9wMdmB/b7 pS/6Ujeo1Mm76OIaW9za3ve0FETBb43Cx4wq1Xnh8IXlUt6gVMu80FYn2pl+QT3peryP nnWFGNLcYbPYw+43q0rG/P/d0Ui+zNYXhsHr3zjTrnw8EDDxz6DCNLAd4GYDrlDm9O4n I2Cs/jhDWfBsWy1PFXrs50xEVXbNx1KP6Kg8De55qosONq/NkdeeFwL3EUcwj4V8I+Vp nkQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jhA1BBa4NsPm3rIlgXZArVumo+yjVGMobhO6ZOoqYRs=; b=MM1R5bW35pZvWKAwgqi91nFGrU9ghgGwuOmLUQ72zKI4JuoqDwMkIKL4/j0e148fhl feezUmD20709OnHtpKsXVSP/aPNhdq2jd2DWWjwLP/JA1isNxm+wAkhbRqFoyqi5xhqu 5GmNMrjxWaOpi0Nvpuaqkr9hCpw4PszVx6IxB43bDjT/Sfe6VWLlYEQWTNMoEZTA9WTe ta9LZDvjwgf8GIe/nrCg6DtW7Ra65TvS8gFVt/eVCy7r63IdhHeZb3O31FN/9GHipfbb 1azgoamxQNfyjMmlSPnrQYzNV3TJ0Gb+Sl1dsltEs0w7KJjt1I7sjVIr5kUOhXvazQ4Z gPpQ== X-Gm-Message-State: AGi0PubgcSEeR9YqOIPRQi9xA9VeyuSi+hI0JjDEoprc7fyvUFeUyQGp Sd4olGMdTQ8dXjRaNyUmoZEh1fZufE6GvGGVkGdwt2LP X-Google-Smtp-Source: APiQypIrWPSTx9U/IY+i09/JOejnZGX4BIxq4JUPLFLlBVnEgrKehCVn3ZZpq8559VWoZAjN5PEwfwz56bqv3fQil3M= X-Received: by 2002:a92:d2c1:: with SMTP id w1mr1787919ilg.96.1588932846340; Fri, 08 May 2020 03:14:06 -0700 (PDT) MIME-Version: 1.0 References: <1585733475-5222-1-git-send-email-chakragithub@gmail.com> In-Reply-To: From: Chakra Divi Date: Fri, 8 May 2020 15:43:54 +0530 Message-ID: Subject: Re: [PATCH] fuse:rely on fuse_perm for exec when no mode bits set To: Miklos Szeredi Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 28, 2020 at 1:51 PM Miklos Szeredi wrote: > > On Mon, Apr 27, 2020 at 3:46 PM Chakra Divi wrote: > > > > On Tue, Apr 21, 2020 at 4:21 PM Chakra Divi wrote: > > > > > > On Mon, Apr 20, 2020 at 4:55 PM Miklos Szeredi wrote: > > > > > > > > On Wed, Apr 1, 2020 at 11:31 AM Chakra Divi wrote: > > > > > > > > > > In current code, for exec we are checking mode bits > > > > > for x bit set even though the fuse_perm_getattr returns > > > > > success. Changes in this patch avoids mode bit explicit > > > > > check, leaves the exec checking to fuse file system > > > > > in uspace. > > > > > > > > Why is this needed? > > > > > > Thanks for responding Miklos. We have an use case with our remote file > > > system mounted on fuse , where permissions checks will happen remotely > > > without the need of mode bits. In case of read, write it worked > > > without issues. But for executable files, we found that fuse kernel is > > > explicitly checking 'x' mode bit set on the file. We want this > > > checking also to be pushed to remote instead of kernel doing it - so > > > modified the kernel code to send getattr op to usespace in exec case > > > too. > > > > Any help on this Miklos.... > > I still don't understand what you are requesting. What your patch > does is unconditionally allow execution, even without any 'x' bits in > the mode. What does that achieve? Thanks for the help Miklos. We have a network based filesystem that supports acls. As our filesystem give granular access, we wipe out the mode bits and completely rely on ACLs. Fuse works well for all other ops (with default_permissions disabled ) as all the checks are done at the filesystems. But only executables have problems because fuse kernel rejects the execution by doing access checks on mode bit. To push this check to filesystem, in the above patch - i'm relying on return value from fuse_perm_getattr() ignoring the mode bits. When the fuse module is asked to rely on filesystem for access checks, why do we need this explicit check for executables? I found out that it is the same issue with nfs too. Is there a reason for it ? Should we not push this check to filesystem ? Thanks, Chakra > > Thanks, > Miklos