summaryrefslogtreecommitdiff
path: root/fs/remap_range.c
diff options
context:
space:
mode:
authorChristian Brauner <christian.brauner@ubuntu.com>2021-01-21 14:19:40 +0100
committerChristian Brauner <christian.brauner@ubuntu.com>2021-01-24 14:27:19 +0100
commit0f5d220b42fba0ab17a7353787be3c29bea92e30 (patch)
treed9a3f294309f610012306ff8d240f75a639bba5a /fs/remap_range.c
parentb816dd5ddeae3252bb4255105b4c641e4c841501 (diff)
downloadlinux-rpi-0f5d220b42fba0ab17a7353787be3c29bea92e30.tar.gz
linux-rpi-0f5d220b42fba0ab17a7353787be3c29bea92e30.tar.bz2
linux-rpi-0f5d220b42fba0ab17a7353787be3c29bea92e30.zip
ioctl: handle idmapped mounts
Enable generic ioctls to handle idmapped mounts by passing down the mount's user namespace. If the initial user namespace is passed nothing changes so non-idmapped mounts will see identical behavior as before. Link: https://lore.kernel.org/r/20210121131959.646623-22-christian.brauner@ubuntu.com Cc: Christoph Hellwig <hch@lst.de> Cc: David Howells <dhowells@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: linux-fsdevel@vger.kernel.org Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: James Morris <jamorris@linux.microsoft.com> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Diffstat (limited to 'fs/remap_range.c')
-rw-r--r--fs/remap_range.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/fs/remap_range.c b/fs/remap_range.c
index 29a4a4dbfe12..e4a5fdd7ad7b 100644
--- a/fs/remap_range.c
+++ b/fs/remap_range.c
@@ -432,13 +432,16 @@ EXPORT_SYMBOL(vfs_clone_file_range);
/* Check whether we are allowed to dedupe the destination file */
static bool allow_file_dedupe(struct file *file)
{
+ struct user_namespace *mnt_userns = file_mnt_user_ns(file);
+ struct inode *inode = file_inode(file);
+
if (capable(CAP_SYS_ADMIN))
return true;
if (file->f_mode & FMODE_WRITE)
return true;
- if (uid_eq(current_fsuid(), file_inode(file)->i_uid))
+ if (uid_eq(current_fsuid(), i_uid_into_mnt(mnt_userns, inode)))
return true;
- if (!inode_permission(&init_user_ns, file_inode(file), MAY_WRITE))
+ if (!inode_permission(mnt_userns, inode, MAY_WRITE))
return true;
return false;
}