Re: [PATCH] filelocks: use mount idmapping for setlease permission check
From: Christian Brauner
Date: Thu Mar 09 2023 - 16:17:00 EST
On Thu, Mar 09, 2023 at 02:39:09PM -0600, Seth Forshee (DigitalOcean) wrote:
> A user should be allowed to take out a lease via an idmapped mount if
> the fsuid matches the mapped uid of the inode. generic_setlease() is
> checking the unmapped inode uid, causing these operations to be denied.
>
> Fix this by comparing against the mapped inode uid instead of the
> unmapped uid.
>
> Fixes: 9caccd41541a ("fs: introduce MOUNT_ATTR_IDMAP")
> Signed-off-by: Seth Forshee (DigitalOcean) <sforshee@xxxxxxxxxx>
> ---
Thanks for catching this! This is pretty straightforward so I'll pick
this up in a bit,
Reviewed-by: Christian Brauner <brauner@xxxxxxxxxx>