linux-cifs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Christian Brauner <brauner@kernel.org>
To: Steve French <stfrench@microsoft.com>,
	Christoph Hellwig <hch@infradead.org>,
	Namjae Jeon <namjae.jeon@samsung.com>,
	linux-cifs@vger.kernel.org
Cc: Hyunchul Lee <hyc.lee@gmail.com>,
	Sergey Senozhatsky <senozhatsky@chromium.org>,
	Christian Brauner <christian.brauner@ubuntu.com>
Subject: [PATCH 04/11] smb2pdu: fix translation in ksmbd_acls_fattr()
Date: Mon, 23 Aug 2021 17:13:50 +0200	[thread overview]
Message-ID: <20210823151357.471691-5-brauner@kernel.org> (raw)
In-Reply-To: <20210823151357.471691-1-brauner@kernel.org>

From: Christian Brauner <christian.brauner@ubuntu.com>

When creating new filesystem objects ksmbd translates between k*ids and
s*ids. For this it often uses struct smb_fattr and stashes the k*ids in
cf_uid and cf_gid. Let cf_uid and cf_gid always contain the final
information taking any potential idmapped mounts into account. When
finally translation cf_*id into s*ids translate them into the user
namespace of ksmbd since that is the relevant user namespace here.

Cc: Steve French <stfrench@microsoft.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Namjae Jeon <namjae.jeon@samsung.com>
Cc: Hyunchul Lee <hyc.lee@gmail.com>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 fs/ksmbd/smb2pdu.c | 12 +++++++-----
 fs/ksmbd/smbacl.c  |  8 ++++----
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 559bfa2623f2..1b0a9242be88 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -2381,10 +2381,12 @@ static int smb2_create_sd_buffer(struct ksmbd_work *work,
 			    le32_to_cpu(sd_buf->ccontext.DataLength), true);
 }
 
-static void ksmbd_acls_fattr(struct smb_fattr *fattr, struct inode *inode)
+static void ksmbd_acls_fattr(struct smb_fattr *fattr,
+			     struct user_namespace *mnt_userns,
+			     struct inode *inode)
 {
-	fattr->cf_uid = inode->i_uid;
-	fattr->cf_gid = inode->i_gid;
+	fattr->cf_uid = i_uid_into_mnt(mnt_userns, inode);
+	fattr->cf_gid = i_gid_into_mnt(mnt_userns, inode);
 	fattr->cf_mode = inode->i_mode;
 	fattr->cf_acls = NULL;
 	fattr->cf_dacls = NULL;
@@ -2893,7 +2895,7 @@ int smb2_open(struct ksmbd_work *work)
 					struct smb_ntsd *pntsd;
 					int pntsd_size, ace_num = 0;
 
-					ksmbd_acls_fattr(&fattr, inode);
+					ksmbd_acls_fattr(&fattr, user_ns, inode);
 					if (fattr.cf_acls)
 						ace_num = fattr.cf_acls->a_count;
 					if (fattr.cf_dacls)
@@ -5006,7 +5008,7 @@ static int smb2_get_info_sec(struct ksmbd_work *work,
 
 	user_ns = file_mnt_user_ns(fp->filp);
 	inode = file_inode(fp->filp);
-	ksmbd_acls_fattr(&fattr, inode);
+	ksmbd_acls_fattr(&fattr, user_ns, inode);
 
 	if (test_share_config_flag(work->tcon->share_conf,
 				   KSMBD_SHARE_FLAG_ACL_XATTR))
diff --git a/fs/ksmbd/smbacl.c b/fs/ksmbd/smbacl.c
index 5456e3ad943e..a7025b31d2f2 100644
--- a/fs/ksmbd/smbacl.c
+++ b/fs/ksmbd/smbacl.c
@@ -723,7 +723,7 @@ static void set_mode_dacl(struct user_namespace *user_ns,
 	}
 
 	/* owner RID */
-	uid = from_kuid(user_ns, fattr->cf_uid);
+	uid = from_kuid(&init_user_ns, fattr->cf_uid);
 	if (uid)
 		sid = &server_conf.domain_sid;
 	else
@@ -739,7 +739,7 @@ static void set_mode_dacl(struct user_namespace *user_ns,
 	ace_size = fill_ace_for_sid(pace, &sid_unix_groups,
 				    ACCESS_ALLOWED, 0, fattr->cf_mode, 0070);
 	pace->sid.sub_auth[pace->sid.num_subauth++] =
-		cpu_to_le32(from_kgid(user_ns, fattr->cf_gid));
+		cpu_to_le32(from_kgid(&init_user_ns, fattr->cf_gid));
 	pace->size = cpu_to_le16(ace_size + 4);
 	size += le16_to_cpu(pace->size);
 	pace = (struct smb_ace *)((char *)pndace + size);
@@ -880,7 +880,7 @@ int build_sec_desc(struct user_namespace *user_ns,
 	if (!nowner_sid_ptr)
 		return -ENOMEM;
 
-	uid = from_kuid(user_ns, fattr->cf_uid);
+	uid = from_kuid(&init_user_ns, fattr->cf_uid);
 	if (!uid)
 		sid_type = SIDUNIX_USER;
 	id_to_sid(uid, sid_type, nowner_sid_ptr);
@@ -891,7 +891,7 @@ int build_sec_desc(struct user_namespace *user_ns,
 		return -ENOMEM;
 	}
 
-	gid = from_kgid(user_ns, fattr->cf_gid);
+	gid = from_kgid(&init_user_ns, fattr->cf_gid);
 	id_to_sid(gid, SIDUNIX_GROUP, ngroup_sid_ptr);
 
 	offset = sizeof(struct smb_ntsd);
-- 
2.30.2


  parent reply	other threads:[~2021-08-23 15:15 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CGME20210823030840epcas1p24b226d445a683012925efd81a72ecb6d@epcas1p2.samsung.com>
2021-08-23  2:58 ` [PATCH v8 00/13] ksmbd: introduce new SMB3 kernel server Namjae Jeon
     [not found]   ` <CGME20210823030841epcas1p1a811d4a6aec75c09581a9b0fb575d23e@epcas1p1.samsung.com>
2021-08-23  2:58     ` [PATCH v8 01/13] ksmbd: add document Namjae Jeon
     [not found]   ` <CGME20210823030842epcas1p27cdeb782776f6659826110cd9a3524d4@epcas1p2.samsung.com>
2021-08-23  2:58     ` [PATCH v8 02/13] ksmbd: add server handler Namjae Jeon
     [not found]   ` <CGME20210823030843epcas1p4502dad130066a74f08745c849b981112@epcas1p4.samsung.com>
2021-08-23  2:58     ` [PATCH v8 03/13] ksmbd: add tcp transport layer Namjae Jeon
     [not found]   ` <CGME20210823030844epcas1p2a9dc2c02d32df86e9eb3c2af975c7d81@epcas1p2.samsung.com>
2021-08-23  2:58     ` [PATCH v8 04/13] ksmbd: add ipc " Namjae Jeon
     [not found]   ` <CGME20210823030845epcas1p3ff50078868ed215c43898356c9248d24@epcas1p3.samsung.com>
2021-08-23  2:58     ` [PATCH v8 05/13] ksmbd: add rdma " Namjae Jeon
     [not found]   ` <CGME20210823030845epcas1p2c72588cd470ca46463fd46b42b7b9603@epcas1p2.samsung.com>
2021-08-23  2:58     ` [PATCH v8 06/13] ksmbd: add a utility code that tracks (and caches) sessions data Namjae Jeon
     [not found]   ` <CGME20210823030846epcas1p35bd3c665d8afd6205c617840e709afc7@epcas1p3.samsung.com>
2021-08-23  2:58     ` [PATCH v8 07/13] ksmbd: add authentication Namjae Jeon
     [not found]   ` <CGME20210823030849epcas1p39035b8f9ec5cdc87dc7beca86590932c@epcas1p3.samsung.com>
2021-08-23  2:58     ` [PATCH v8 10/13] ksmbd: add oplock/lease cache mechanism Namjae Jeon
     [not found]   ` <CGME20210823030850epcas1p1eea7803d1ca2e854a0199f4c83cd8190@epcas1p1.samsung.com>
2021-08-23  2:58     ` [PATCH v8 11/13] ksmbd: add file operations Namjae Jeon
     [not found]   ` <CGME20210823030851epcas1p2d141386b64cd9039121a9f6a5074a362@epcas1p2.samsung.com>
2021-08-23  2:58     ` [PATCH v8 12/13] ksmbd: add Kconfig and Makefile Namjae Jeon
     [not found]   ` <CGME20210823030851epcas1p3df6319948e331e2e0225adba4e81e660@epcas1p3.samsung.com>
2021-08-23  2:58     ` [PATCH v8 13/13] MAINTAINERS: add ksmbd kernel server Namjae Jeon
2021-08-23 15:13   ` [PATCH 00/11] ksmbd: various fixes Christian Brauner
2021-08-23 15:13     ` [PATCH 01/11] ksmbd: fix lookup on idmapped mounts Christian Brauner
2021-08-23 15:13     ` [PATCH 02/11] ksmbd: fix translation in smb2_populate_readdir_entry() Christian Brauner
2021-08-23 15:13     ` [PATCH 03/11] ksmbd: fix translation in create_posix_rsp_buf() Christian Brauner
2021-08-23 15:13     ` Christian Brauner [this message]
2021-08-23 15:13     ` [PATCH 05/11] ksmbd: fix translation in acl entries Christian Brauner
2021-08-23 15:13     ` [PATCH 06/11] ksmbd: fix subauth 0 handling in sid_to_id() Christian Brauner
2021-08-24  8:13       ` Namjae Jeon
2021-08-24 11:37         ` Christian Brauner
2021-08-23 15:13     ` [PATCH 07/11] ksmbd: fix translation " Christian Brauner
2021-08-23 15:13     ` [PATCH 08/11] ndr: fix translation in ndr_encode_posix_acl() Christian Brauner
2021-08-23 15:13     ` [PATCH 09/11] ksmbd: ensure error is surfaced in set_file_basic_info() Christian Brauner
2021-08-23 15:13     ` [PATCH 10/11] ksmbd: remove setattr preparations " Christian Brauner
2021-09-01 12:47       ` Namjae Jeon
2021-09-02 13:43         ` Christian Brauner
2021-10-01 18:51       ` Marios Makassikis
2021-10-02  0:41         ` Namjae Jeon
2021-10-02 19:29           ` Marios Makassikis
2021-10-03  0:12             ` Namjae Jeon
2021-08-23 15:13     ` [PATCH 11/11] ksmbd: defer notify_change() call Christian Brauner
2021-08-24  8:20       ` Namjae Jeon
2021-08-24 11:36         ` Christian Brauner
2021-09-01 12:53       ` Namjae Jeon
2021-09-02 13:42         ` Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210823151357.471691-5-brauner@kernel.org \
    --to=brauner@kernel.org \
    --cc=christian.brauner@ubuntu.com \
    --cc=hch@infradead.org \
    --cc=hyc.lee@gmail.com \
    --cc=linux-cifs@vger.kernel.org \
    --cc=namjae.jeon@samsung.com \
    --cc=senozhatsky@chromium.org \
    --cc=stfrench@microsoft.com \
    --subject='Re: [PATCH 04/11] smb2pdu: fix translation in ksmbd_acls_fattr()' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).