From 29e486e411947dd4c212d760ac5eee35ad6ba4fb Mon Sep 17 00:00:00 2001 From: Auke Kok Date: Tue, 22 Apr 2025 23:11:31 -0400 Subject: [PATCH 1/2] All vfs methods now take a mnt_idmap instead of user_namespace arg. Similar to before when namespaces were added, they are now translated to a mnt_idmap, since v6.2-rc1-2-gabf08576afe3. Signed-off-by: Auke Kok --- kmod/src/Makefile.kernelcompat | 8 ++++++++ kmod/src/kernelcompat.h | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/kmod/src/Makefile.kernelcompat b/kmod/src/Makefile.kernelcompat index 47aaf813..678295ba 100644 --- a/kmod/src/Makefile.kernelcompat +++ b/kmod/src/Makefile.kernelcompat @@ -278,6 +278,14 @@ ifneq (,$(shell grep 'int ..mknod. .struct user_namespace' include/linux/fs.h)) ccflags-y += -DKC_VFS_METHOD_USER_NAMESPACE_ARG endif +# +# v6.2-rc1-2-gabf08576afe3 +# +# fs: vfs methods use struct mnt_idmap instead of struct user_namespace +ifneq (,$(shell grep 'int vfs_mknod.struct mnt_idmap' include/linux/fs.h)) +ccflags-y += -DKC_VFS_METHOD_MNT_IDMAP_ARG +endif + # # v5.17-rc2-21-g07888c665b40 # diff --git a/kmod/src/kernelcompat.h b/kmod/src/kernelcompat.h index 43e8c91c..5564a12a 100644 --- a/kmod/src/kernelcompat.h +++ b/kmod/src/kernelcompat.h @@ -263,6 +263,11 @@ typedef unsigned int blk_opf_t; #define kc__vmalloc __vmalloc #endif +#ifdef KC_VFS_METHOD_MNT_IDMAP_ARG +#define KC_VFS_NS_DEF struct mnt_idmap *mnt_idmap, +#define KC_VFS_NS mnt_idmap, +#define KC_VFS_INIT_NS &nop_mnt_idmap, +#else #ifdef KC_VFS_METHOD_USER_NAMESPACE_ARG #define KC_VFS_NS_DEF struct user_namespace *mnt_user_ns, #define KC_VFS_NS mnt_user_ns, @@ -272,6 +277,7 @@ typedef unsigned int blk_opf_t; #define KC_VFS_NS #define KC_VFS_INIT_NS #endif +#endif /* KC_VFS_METHOD_MNT_IDMAP_ARG */ #ifdef KC_BIO_ALLOC_DEV_OPF_ARGS #define kc_bio_alloc bio_alloc From afb6ba00adc480c87cbcd8e980f418116bbd76cc Mon Sep 17 00:00:00 2001 From: Auke Kok Date: Thu, 24 Apr 2025 15:01:01 -0400 Subject: [PATCH 2/2] POSIX ACL changes. The .get_acl() method now gets passed a mnt_idmap arg, and we can now choose to implement either .get_acl() or .get_inode_acl(). Technically .get_acl() is a new implementation, and .get_inode_acl() is the old. That second method now also gets an rcu flag passed, but we should be fine either way. Deeper under the covers however we do need to hook up the .set_acl() method for inodes, otherwise setfacl will just fail with -ENOTSUPP. To make this not super messy (it already is) we tack on the get_acl() changes here. This is all roughly ca. v6.1-rc1-4-g7420332a6ff4. Signed-off-by: Auke Kok --- kmod/src/Makefile.kernelcompat | 8 ++++++++ kmod/src/acl.c | 23 +++++++++++++++++++++++ kmod/src/acl.h | 7 ++++++- kmod/src/dir.c | 3 +++ kmod/src/inode.c | 6 ++++++ 5 files changed, 46 insertions(+), 1 deletion(-) diff --git a/kmod/src/Makefile.kernelcompat b/kmod/src/Makefile.kernelcompat index 678295ba..25a6dd5c 100644 --- a/kmod/src/Makefile.kernelcompat +++ b/kmod/src/Makefile.kernelcompat @@ -478,3 +478,11 @@ endif ifneq (,$(shell grep '^unsigned int stack_trace_save' include/linux/stacktrace.h)) ccflags-y += -DKC_STACK_TRACE_SAVE endif + +# v6.1-rc1-4-g7420332a6ff4 +# +# .get_acl() method now has dentry arg (and mnt_idmap). The old get_acl has been renamed +# to get_inode_acl() and is still available as well, but has an extra rcu param. +ifneq (,$(shell grep 'struct posix_acl ...get_acl..struct mnt_idmap ., struct dentry' include/linux/fs.h)) +ccflags-y += -DKC_GET_ACL_DENTRY +endif diff --git a/kmod/src/acl.c b/kmod/src/acl.c index 0fdb9d93..a9a25416 100644 --- a/kmod/src/acl.c +++ b/kmod/src/acl.c @@ -107,8 +107,15 @@ struct posix_acl *scoutfs_get_acl_locked(struct inode *inode, int type, struct s return acl; } +#ifdef KC_GET_ACL_DENTRY +struct posix_acl *scoutfs_get_acl(KC_VFS_NS_DEF + struct dentry *dentry, int type) +{ + struct inode *inode = dentry->d_inode; +#else struct posix_acl *scoutfs_get_acl(struct inode *inode, int type) { +#endif struct super_block *sb = inode->i_sb; struct scoutfs_lock *lock = NULL; struct posix_acl *acl; @@ -201,8 +208,15 @@ out: return ret; } +#ifdef KC_GET_ACL_DENTRY +int scoutfs_set_acl(KC_VFS_NS_DEF + struct dentry *dentry, struct posix_acl *acl, int type) +{ + struct inode *inode = dentry->d_inode; +#else int scoutfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) { +#endif struct super_block *sb = inode->i_sb; struct scoutfs_lock *lock = NULL; LIST_HEAD(ind_locks); @@ -240,7 +254,12 @@ int scoutfs_acl_get_xattr(struct dentry *dentry, const char *name, void *value, if (!IS_POSIXACL(dentry->d_inode)) return -EOPNOTSUPP; +#ifdef KC_GET_ACL_DENTRY + acl = scoutfs_get_acl(KC_VFS_INIT_NS + dentry, type); +#else acl = scoutfs_get_acl(dentry->d_inode, type); +#endif if (IS_ERR(acl)) return PTR_ERR(acl); if (acl == NULL) @@ -286,7 +305,11 @@ int scoutfs_acl_set_xattr(struct dentry *dentry, const char *name, const void *v } } +#ifdef KC_GET_ACL_DENTRY + ret = scoutfs_set_acl(KC_VFS_INIT_NS dentry, acl, type); +#else ret = scoutfs_set_acl(dentry->d_inode, acl, type); +#endif out: posix_acl_release(acl); diff --git a/kmod/src/acl.h b/kmod/src/acl.h index e7f983e6..09b7b65c 100644 --- a/kmod/src/acl.h +++ b/kmod/src/acl.h @@ -1,9 +1,14 @@ #ifndef _SCOUTFS_ACL_H_ #define _SCOUTFS_ACL_H_ +#ifdef KC_GET_ACL_DENTRY +struct posix_acl *scoutfs_get_acl(KC_VFS_NS_DEF struct dentry *dentry, int type); +int scoutfs_set_acl(KC_VFS_NS_DEF struct dentry *dentry, struct posix_acl *acl, int type); +#else struct posix_acl *scoutfs_get_acl(struct inode *inode, int type); -struct posix_acl *scoutfs_get_acl_locked(struct inode *inode, int type, struct scoutfs_lock *lock); int scoutfs_set_acl(struct inode *inode, struct posix_acl *acl, int type); +#endif +struct posix_acl *scoutfs_get_acl_locked(struct inode *inode, int type, struct scoutfs_lock *lock); int scoutfs_set_acl_locked(struct inode *inode, struct posix_acl *acl, int type, struct scoutfs_lock *lock, struct list_head *ind_locks); #ifdef KC_XATTR_STRUCT_XATTR_HANDLER diff --git a/kmod/src/dir.c b/kmod/src/dir.c index 8a95d6a4..09952bf1 100644 --- a/kmod/src/dir.c +++ b/kmod/src/dir.c @@ -2053,6 +2053,9 @@ const struct inode_operations scoutfs_dir_iops = { #endif .listxattr = scoutfs_listxattr, .get_acl = scoutfs_get_acl, +#ifdef KC_GET_ACL_DENTRY + .set_acl = scoutfs_set_acl, +#endif .symlink = scoutfs_symlink, .permission = scoutfs_permission, #ifdef KC_LINUX_HAVE_RHEL_IOPS_WRAPPER diff --git a/kmod/src/inode.c b/kmod/src/inode.c index cd6f37bc..3553c520 100644 --- a/kmod/src/inode.c +++ b/kmod/src/inode.c @@ -150,6 +150,9 @@ static const struct inode_operations scoutfs_file_iops = { #endif .listxattr = scoutfs_listxattr, .get_acl = scoutfs_get_acl, +#ifdef KC_GET_ACL_DENTRY + .set_acl = scoutfs_set_acl, +#endif .fiemap = scoutfs_data_fiemap, }; @@ -163,6 +166,9 @@ static const struct inode_operations scoutfs_special_iops = { #endif .listxattr = scoutfs_listxattr, .get_acl = scoutfs_get_acl, +#ifdef KC_GET_ACL_DENTRY + .set_acl = scoutfs_set_acl, +#endif }; /*