From: Christian Brauner <christian.brauner@ubuntu.com>
To: "David S. Miller" <davem@davemloft.net>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Cc: "Rafael J. Wysocki" <rafael@kernel.org>,
Pavel Machek <pavel@ucw.cz>, Jakub Kicinski <kuba@kernel.org>,
Eric Dumazet <edumazet@google.com>,
Stephen Hemminger <stephen@networkplumber.org>,
linux-pm@vger.kernel.org,
Christian Brauner <christian.brauner@ubuntu.com>
Subject: [PATCH net-next v2 03/10] sysfs: add sysfs_group_change_owner()
Date: Mon, 17 Feb 2020 17:14:29 +0100 [thread overview]
Message-ID: <20200217161436.1748598-4-christian.brauner@ubuntu.com> (raw)
In-Reply-To: <20200217161436.1748598-1-christian.brauner@ubuntu.com>
Add a helper to change the owner of a sysfs group.
The ownership of a sysfs object is determined based on the ownership of
the corresponding kobject, i.e. only if the ownership of a kobject is
changed will this function change the ownership of the corresponding
sysfs entry.
This function will be used to correctly account for kobject ownership
changes, e.g. when moving network devices between network namespaces.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
/* v2 */
- Greg Kroah-Hartman <gregkh@linuxfoundation.org>:
- Add comment how ownership of sysfs object is changed.
---
fs/sysfs/group.c | 93 +++++++++++++++++++++++++++++++++++++++++++
include/linux/sysfs.h | 8 ++++
2 files changed, 101 insertions(+)
diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
index c4ab045926b7..7d158d59d097 100644
--- a/fs/sysfs/group.c
+++ b/fs/sysfs/group.c
@@ -13,6 +13,7 @@
#include <linux/dcache.h>
#include <linux/namei.h>
#include <linux/err.h>
+#include <linux/fs.h>
#include "sysfs.h"
@@ -457,3 +458,95 @@ int __compat_only_sysfs_link_entry_to_kobj(struct kobject *kobj,
return PTR_ERR_OR_ZERO(link);
}
EXPORT_SYMBOL_GPL(__compat_only_sysfs_link_entry_to_kobj);
+
+static int sysfs_group_attrs_change_owner(struct kernfs_node *grp_kn,
+ const struct attribute_group *grp,
+ struct iattr *newattrs)
+{
+ struct kernfs_node *kn;
+ int error;
+
+ if (grp->attrs) {
+ struct attribute *const *attr;
+
+ for (attr = grp->attrs; *attr; attr++) {
+ kn = kernfs_find_and_get(grp_kn, (*attr)->name);
+ if (!kn)
+ return -ENOENT;
+
+ error = kernfs_setattr(kn, newattrs);
+ kernfs_put(kn);
+ if (error)
+ return error;
+ }
+ }
+
+ if (grp->bin_attrs) {
+ struct bin_attribute *const *bin_attr;
+
+ for (bin_attr = grp->bin_attrs; *bin_attr; bin_attr++) {
+ kn = kernfs_find_and_get(grp_kn, (*bin_attr)->attr.name);
+ if (!kn)
+ return -ENOENT;
+
+ error = kernfs_setattr(kn, newattrs);
+ kernfs_put(kn);
+ if (error)
+ return error;
+ }
+ }
+
+ return 0;
+}
+
+/**
+ * sysfs_group_change_owner - change owner of an attribute group.
+ * @kobj: The kobject containing the group.
+ * @grp: The attribute group.
+ *
+ * To change the ownership of a sysfs object, the caller must first change the
+ * uid/gid of the kobject and then call this function. Usually this will be
+ * taken care of by the relevant subsystem, e.g. moving a network device
+ * between network namespaces owned by different user namespaces will change
+ * the uid/gid of the kobject to the uid/gid of the root user in the user
+ * namespace. Calling this function afterwards will cause the sysfs object to
+ * reflect the new uid/gid.
+ *
+ * Returns 0 on success or error code on failure.
+ */
+int sysfs_group_change_owner(struct kobject *kobj,
+ const struct attribute_group *grp)
+{
+ struct kernfs_node *grp_kn;
+ kuid_t uid;
+ kgid_t gid;
+ int error;
+ struct iattr newattrs = {
+ .ia_valid = ATTR_UID | ATTR_GID,
+ };
+
+ if (!kobj->state_in_sysfs)
+ return -EINVAL;
+
+ if (grp->name) {
+ grp_kn = kernfs_find_and_get(kobj->sd, grp->name);
+ } else {
+ kernfs_get(kobj->sd);
+ grp_kn = kobj->sd;
+ }
+ if (!grp_kn)
+ return -ENOENT;
+
+ kobject_get_ownership(kobj, &uid, &gid);
+ newattrs.ia_uid = uid;
+ newattrs.ia_gid = gid;
+
+ error = kernfs_setattr(grp_kn, &newattrs);
+ if (!error)
+ error = sysfs_group_attrs_change_owner(grp_kn, grp, &newattrs);
+
+ kernfs_put(grp_kn);
+
+ return error;
+}
+EXPORT_SYMBOL_GPL(sysfs_group_change_owner);
diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h
index 238f3d7b1fa0..dd211f0a654b 100644
--- a/include/linux/sysfs.h
+++ b/include/linux/sysfs.h
@@ -314,6 +314,8 @@ int sysfs_file_change_owner(struct kobject *kobj);
int sysfs_file_change_owner_by_name(struct kobject *kobj, const char *name);
int sysfs_link_change_owner(struct kobject *kobj, struct kobject *targ,
const char *name);
+int sysfs_group_change_owner(struct kobject *kobj,
+ const struct attribute_group *groups);
#else /* CONFIG_SYSFS */
@@ -545,6 +547,12 @@ static inline int sysfs_link_change_owner(struct kobject *kobj,
return 0;
}
+static inline int sysfs_group_change_owner(struct kobject *kobj,
+ const struct attribute_group **groups)
+{
+ return 0;
+}
+
#endif /* CONFIG_SYSFS */
static inline int __must_check sysfs_create_file(struct kobject *kobj,
--
2.25.0
next prev parent reply other threads:[~2020-02-17 16:14 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-17 16:14 [PATCH net-next v2 00/10] net: fix sysfs permssions when device changes network Christian Brauner
2020-02-17 16:14 ` [PATCH net-next v2 01/10] sysfs: add sysfs_file_change_owner{_by_name}() Christian Brauner
2020-02-17 16:29 ` Greg Kroah-Hartman
2020-02-17 16:14 ` [PATCH net-next v2 02/10] sysfs: add sysfs_link_change_owner() Christian Brauner
2020-02-17 16:14 ` Christian Brauner [this message]
2020-02-17 16:14 ` [PATCH net-next v2 04/10] sysfs: add sysfs_groups_change_owner() Christian Brauner
2020-02-17 16:14 ` [PATCH net-next v2 05/10] sysfs: add sysfs_change_owner() Christian Brauner
2020-02-17 16:14 ` [PATCH net-next v2 06/10] device: add device_change_owner() Christian Brauner
2020-02-17 16:14 ` [PATCH net-next v2 07/10] drivers/base/power: add dpm_sysfs_change_owner() Christian Brauner
2020-02-17 16:14 ` [PATCH net-next v2 08/10] net-sysfs: add netdev_change_owner() Christian Brauner
2020-02-17 16:28 ` Greg Kroah-Hartman
2020-02-17 16:58 ` Christian Brauner
2020-02-17 19:02 ` Greg Kroah-Hartman
2020-02-17 16:14 ` [PATCH net-next v2 09/10] net-sysfs: add queue_change_owner() Christian Brauner
2020-02-17 16:14 ` [PATCH net-next v2 10/10] net: fix sysfs permssions when device changes network namespace Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200217161436.1748598-4-christian.brauner@ubuntu.com \
--to=christian.brauner@ubuntu.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pavel@ucw.cz \
--cc=rafael@kernel.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).