[PATCH v2 3/3] samples/vfs: Add example leveraging NFS with new APIs and user namespaces

From: Sargun Dhillon <sargun@sargun.me>
To: "J . Bruce Fields" <bfields@fieldses.org>,
	Chuck Lever <chuck.lever@oracle.com>,
	Trond Myklebust <trond.myklebust@hammerspace.com>,
	Anna Schumaker <anna.schumaker@netapp.com>,
	David Howells <dhowells@redhat.com>
Cc: Sargun Dhillon <sargun@sargun.me>,
	linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>,
	Kyle Anderson <kylea@netflix.com>
Subject: [PATCH v2 3/3] samples/vfs: Add example leveraging NFS with new APIs and user namespaces
Date: Fri, 16 Oct 2020 05:37:45 -0700	[thread overview]
Message-ID: <20201016123745.9510-4-sargun@sargun.me> (raw)
In-Reply-To: <20201016123745.9510-1-sargun@sargun.me>

This adds an example which assumes you already have an NFS server setup,
but does the work of creating a user namespace, and an NFS mount from
that user namespace which then exposes different UIDs than that of
the init user namespace.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Cc: J. Bruce Fields <bfields@fieldses.org>
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: Trond Myklebust <trond.myklebust@hammerspace.com>
Cc: Anna Schumaker <anna.schumaker@netapp.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Kyle Anderson <kylea@netflix.com>
---
 fs/nfs/flexfilelayout/flexfilelayout.c |   1 +
 samples/vfs/.gitignore                 |   2 +
 samples/vfs/Makefile                   |   3 +-
 samples/vfs/test-nfs-userns.c          | 181 +++++++++++++++++++++++++
 4 files changed, 186 insertions(+), 1 deletion(-)
 create mode 100644 samples/vfs/test-nfs-userns.c

diff --git a/fs/nfs/flexfilelayout/flexfilelayout.c b/fs/nfs/flexfilelayout/flexfilelayout.c
index f9348ed1bcda..ee45ff7d75ac 100644
--- a/fs/nfs/flexfilelayout/flexfilelayout.c
+++ b/fs/nfs/flexfilelayout/flexfilelayout.c
@@ -361,6 +361,7 @@ ff_layout_alloc_lseg(struct pnfs_layout_hdr *lh,
 		     struct nfs4_layoutget_res *lgr,
 		     gfp_t gfp_flags)
 {
+	struct user_namespace *user_ns = lh->plh_lc_cred->user_ns;
 	struct pnfs_layout_segment *ret;
 	struct nfs4_ff_layout_segment *fls = NULL;
 	struct xdr_stream stream;
diff --git a/samples/vfs/.gitignore b/samples/vfs/.gitignore
index 8fdabf7e5373..1d09826b31a6 100644
--- a/samples/vfs/.gitignore
+++ b/samples/vfs/.gitignore
@@ -1,3 +1,5 @@
 # SPDX-License-Identifier: GPL-2.0-only
 test-fsmount
 test-statx
+test-nfs-userns
+
diff --git a/samples/vfs/Makefile b/samples/vfs/Makefile
index 7f76875eaa70..6a2926080c08 100644
--- a/samples/vfs/Makefile
+++ b/samples/vfs/Makefile
@@ -1,6 +1,7 @@
 # SPDX-License-Identifier: GPL-2.0-only
 test-fsmount-objs := test-fsmount.o vfs-helper.o
-userprogs := test-fsmount test-statx
+test-nfs-userns-objs := test-nfs-userns.o vfs-helper.o
+userprogs := test-fsmount test-statx test-nfs-userns
 
 always-y := $(userprogs)
 
diff --git a/samples/vfs/test-nfs-userns.c b/samples/vfs/test-nfs-userns.c
new file mode 100644
index 000000000000..108af924cbdd
--- /dev/null
+++ b/samples/vfs/test-nfs-userns.c
@@ -0,0 +1,181 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <linux/unistd.h>
+#include <assert.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <string.h>
+#include <fcntl.h>
+#include <sched.h>
+#include <sys/prctl.h>
+#include <sys/wait.h>
+#include "vfs-helper.h"
+
+
+#define WELL_KNOWN_FD	100
+
+static inline int pidfd_open(pid_t pid, unsigned int flags)
+{
+	return syscall(__NR_pidfd_open, pid, flags);
+}
+
+static inline int pidfd_getfd(int pidfd, int fd, int flags)
+{
+	return syscall(__NR_pidfd_getfd, pidfd, fd, flags);
+}
+
+static void write_to_path(const char *path, const char *str)
+{
+	int fd, len = strlen(str);
+
+	fd = open(path, O_WRONLY);
+	if (fd < 0) {
+		fprintf(stderr, "Can't open %s: %s\n", path, strerror(errno));
+		exit(1);
+	}
+
+	if (write(fd, str, len) != len) {
+		fprintf(stderr, "Can't write string: %s\n", strerror(errno));
+		exit(1);
+	}
+
+	E(close(fd));
+}
+
+static int do_work(int sk)
+{
+	int fsfd;
+
+	E(unshare(CLONE_NEWNS|CLONE_NEWUSER));
+
+	fsfd = fsopen("nfs4", 0);
+	E(fsfd);
+
+	E(send(sk, &fsfd, sizeof(fsfd), 0));
+	// Wait for the other side to close / finish / wrap up
+	recv(sk, &fsfd, sizeof(fsfd), 0);
+	E(close(sk));
+
+	return 0;
+}
+
+int main(int argc, char *argv[])
+{
+	int pidfd, mntfd, fsfd, fsfdnum, status, sk_pair[2];
+	struct statx statxbuf;
+	char buf[1024];
+	pid_t pid;
+
+	if (mkdir("/mnt/share", 0777) && errno != EEXIST) {
+		perror("mkdir");
+		return 1;
+	}
+
+	E(chmod("/mnt/share", 0777));
+
+	if (mkdir("/mnt/nfs", 0755) && errno != EEXIST) {
+		perror("mkdir");
+		return 1;
+	}
+
+	if (unlink("/mnt/share/newfile") && errno != ENOENT) {
+		perror("unlink");
+		return 1;
+	}
+
+	E(creat("/mnt/share/testfile", 0644));
+	E(chown("/mnt/share/testfile", 1001, 1001));
+
+	/* exportfs is idempotent, but expects nfs-server to be running */
+	if (system("exportfs -o no_root_squash,no_subtree_check,rw 127.0.0.0/8:/mnt/share")) {
+		fprintf(stderr,
+			"Could not export /mnt/share. Is NFS the server running?\n");
+		return 1;
+	}
+
+	E(socketpair(PF_LOCAL, SOCK_SEQPACKET, 0, sk_pair));
+
+	pid = fork();
+	E(pid);
+	if (pid == 0) {
+		E(close(sk_pair[0]));
+		return do_work(sk_pair[1]);
+	}
+
+	E(close(sk_pair[1]));
+
+	pidfd = pidfd_open(pid, 0);
+	E(pidfd);
+
+	E(recv(sk_pair[0], &fsfdnum, sizeof(fsfdnum), 0));
+
+	fsfd = pidfd_getfd(pidfd, fsfdnum, 0);
+	if (fsfd == -1) {
+		perror("pidfd_getfd");
+		return 1;
+	}
+
+
+	snprintf(buf, sizeof(buf) - 1, "/proc/%d/uid_map", pid);
+	write_to_path(buf, "0 1000 2");
+	snprintf(buf, sizeof(buf) - 1, "/proc/%d/setgroups", pid);
+	write_to_path(buf, "deny");
+	snprintf(buf, sizeof(buf) - 1, "/proc/%d/gid_map", pid);
+	write_to_path(buf, "0 1000 2");
+
+	/* Now we can proceed to mount */
+	E_fsconfig(fsfd, FSCONFIG_SET_STRING, "vers", "4.1", 0);
+	E_fsconfig(fsfd, FSCONFIG_SET_STRING, "clientaddr", "127.0.0.1", 0);
+	E_fsconfig(fsfd, FSCONFIG_SET_STRING, "addr", "127.0.0.1", 0);
+	E_fsconfig(fsfd, FSCONFIG_SET_STRING, "source", "127.0.0.1:/mnt/share",
+		   0);
+	E_fsconfig(fsfd, FSCONFIG_CMD_CREATE, NULL, NULL, 0);
+
+	/* Move into the namespace's of the worker */
+	E(setns(pidfd, CLONE_NEWNS|CLONE_NEWUSER));
+	E(close(pidfd));
+
+	/* Close our socket pair indicating the child should exit */
+	E(close(sk_pair[0]));
+	assert(waitpid(pid, &status, 0) == pid);
+	if (!WIFEXITED(status) || WEXITSTATUS(status)) {
+		fprintf(stderr, "worker exited nonzero\n");
+		return 1;
+	}
+
+	E(setuid(0));
+	E(setgid(0));
+
+	/* Now do all the work of moving doing the mount in the child ns */
+	E(syscall(__NR_mount, NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL));
+
+	mntfd = fsmount(fsfd, 0, MS_NODEV);
+	if (mntfd < 0) {
+		E(close(fsfd));
+		mount_error(fsfd, "fsmount");
+	}
+
+	E(move_mount(mntfd, "", AT_FDCWD, "/mnt/nfs", MOVE_MOUNT_F_EMPTY_PATH));
+	E(close(mntfd));
+
+	/* Create the file through NFS */
+	E(creat("/mnt/nfs/newfile", 0644));
+	/* Check what the file's status is on the disk, accessed directly */
+	E(statx(AT_FDCWD, "/mnt/share/newfile", 0, STATX_UID|STATX_GID,
+		&statxbuf));
+	assert(statxbuf.stx_uid == 0);
+	assert(statxbuf.stx_gid == 0);
+
+	E(statx(AT_FDCWD, "/mnt/nfs/testfile", 0, STATX_UID|STATX_GID,
+		&statxbuf));
+	assert(statxbuf.stx_uid == 1);
+	assert(statxbuf.stx_gid == 1);
+
+
+	return 0;
+}
-- 
2.25.1

