Re: [PATCH] filelocks: use mount idmapping for setlease permission check

From: Christian Brauner
Date: Thu Mar 09 2023 - 16:17:00 EST

Next message: Wei Liu: "Re: [PATCH v2 1/2] x86/init: Make get/set_rtc_noop() public"
Previous message: Wei Liu: "Re: [PATCH v7 5/5] Driver: VMBus: Add Devicetree support"
In reply to: Seth Forshee (DigitalOcean): "[PATCH] filelocks: use mount idmapping for setlease permission check"
Next in thread: Christian Brauner: "Re: [PATCH] filelocks: use mount idmapping for setlease permission check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Mar 09, 2023 at 02:39:09PM -0600, Seth Forshee (DigitalOcean) wrote:
> A user should be allowed to take out a lease via an idmapped mount if
> the fsuid matches the mapped uid of the inode. generic_setlease() is
> checking the unmapped inode uid, causing these operations to be denied.
>
> Fix this by comparing against the mapped inode uid instead of the
> unmapped uid.
>
> Fixes: 9caccd41541a ("fs: introduce MOUNT_ATTR_IDMAP")
> Signed-off-by: Seth Forshee (DigitalOcean) <sforshee@xxxxxxxxxx>
> ---

Thanks for catching this! This is pretty straightforward so I'll pick
this up in a bit,
Reviewed-by: Christian Brauner <brauner@xxxxxxxxxx>

Next message: Wei Liu: "Re: [PATCH v2 1/2] x86/init: Make get/set_rtc_noop() public"
Previous message: Wei Liu: "Re: [PATCH v7 5/5] Driver: VMBus: Add Devicetree support"
In reply to: Seth Forshee (DigitalOcean): "[PATCH] filelocks: use mount idmapping for setlease permission check"
Next in thread: Christian Brauner: "Re: [PATCH] filelocks: use mount idmapping for setlease permission check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]