Linus Torvalds 5dfbfe71e3 fs.idmapped.v5.17 ... -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCYdRCkgAKCRCRxhvAZXjc olrvAQCdp8LWkT8TauJSl8wmUm3mZhNy+5+fXuCUSwe3PyUtTQEAq4fxm41JpG8u WCZTrrxVhaXwgUY3aWzzeQnLCZjtEQw= =woqV -----END PGP SIGNATURE----- Merge tag 'fs.idmapped.v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux Pull fs idmapping updates from Christian Brauner: "This contains the work to enable the idmapping infrastructure to support idmapped mounts of filesystems mounted with an idmapping. In addition this contains various cleanups that avoid repeated open-coding of the same functionality and simplify the code in quite a few places. We also finish the renaming of the mapping helpers we started a few kernel releases back and move them to a dedicated header to not continue polluting the fs header needlessly with low-level idmapping helpers. With this series the fs header only contains idmapping helpers that interact with fs objects. Currently we only support idmapped mounts for filesystems mounted without an idmapping themselves. This was a conscious decision mentioned in multiple places (cf. [1]). As explained at length in [3] it is perfectly fine to extend support for idmapped mounts to filesystem's mounted with an idmapping should the need arise. The need has been there for some time now (cf. [2]). Before we can port any filesystem that is mountable with an idmapping to support idmapped mounts in the coming cycles, we need to first extend the mapping helpers to account for the filesystem's idmapping. This again, is explained at length in our documentation at [3] and also in the individual commit messages so here's an overview. Currently, the low-level mapping helpers implement the remapping algorithms described in [3] in a simplified manner as we could rely on the fact that all filesystems supporting idmapped mounts are mounted without an idmapping. In contrast, filesystems mounted with an idmapping are very likely to not use an identity mapping and will instead use a non-identity mapping. So the translation step from or into the filesystem's idmapping in the remapping algorithm cannot be skipped for such filesystems. Non-idmapped filesystems and filesystems not supporting idmapped mounts are unaffected by this change as the remapping algorithms can take the same shortcut as before. If the low-level helpers detect that they are dealing with an idmapped mount but the underlying filesystem is mounted without an idmapping we can rely on the previous shortcut and can continue to skip the translation step from or into the filesystem's idmapping. And of course, if the low-level helpers detect that they are not dealing with an idmapped mount they can simply return the relevant id unchanged; no remapping needs to be performed at all. These checks guarantee that only the minimal amount of work is performed. As before, if idmapped mounts aren't used the low-level helpers are idempotent and no work is performed at all" Link: 2ca4dcc490 ("fs/mount_setattr: tighten permission checks") [1] Link: https://github.com/containers/podman/issues/10374 [2] Link: Documentations/filesystems/idmappings.rst [3] Link: a65e58e791 ("fs: document and rename fsid helpers") [4] * tag 'fs.idmapped.v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux: fs: support mapped mounts of mapped filesystems fs: add i_user_ns() helper fs: port higher-level mapping helpers fs: remove unused low-level mapping helpers fs: use low-level mapping helpers docs: update mapping documentation fs: account for filesystem mappings fs: tweak fsuidgid_has_mapping() fs: move mapping helpers fs: add is_idmapped_mnt() helper		2022-01-11 14:26:55 -08:00
..
caching	docs: filesystems: Replace HTTP links with HTTPS ones	2020-07-13 09:33:22 -06:00
cifs	docs: filesystem: cifs: ksmbd: Fix small layout issues	2021-11-25 00:09:26 -06:00
ext4	ext4: docs: Take out unneeded escaping	2021-10-07 08:46:02 -06:00
nfs	nfs: reexport documentation	2021-09-21 17:51:47 -04:00
spufs
9p.rst	Replace HTTP links with HTTPS ones: 9P FILE SYSTEM	2020-07-13 11:28:12 -06:00
adfs.rst
affs.rst	affs: fix basic permission bits to actually work	2020-08-31 12:20:31 +02:00
afs.rst	AFS: Documentation: fix a few typos in afs.rst	2021-01-21 14:06:00 -07:00
api-summary.rst	block: move fs/block_dev.c to block/bdev.c	2021-09-07 08:39:40 -06:00
autofs-mount-control.rst
autofs.rst	docs: filesystems: Fix grammatical error "with" to "which"	2021-11-15 02:54:37 -07:00
automount-support.rst
befs.rst
bfs.rst
btrfs.rst
ceph.rst	libceph, rbd, ceph: "blacklist" -> "blocklist"	2020-10-12 15:29:26 +02:00
coda.rst	Documentation: coda: annotate duplicated words	2020-07-13 10:02:32 -06:00
configfs.rst
cramfs.rst
dax.rst	docs: convert dax.txt to rst	2021-06-04 11:31:02 -06:00
debugfs.rst	debugfs: remove return value of debugfs_create_bool()	2021-05-21 20:59:03 +02:00
devpts.rst
directory-locking.rst
dlmfs.rst	ocfs2: replace HTTP links with HTTPS ones	2020-08-07 11:33:22 -07:00
dnotify.rst
ecryptfs.rst
efivarfs.rst
erofs.rst	erofs: add multiple device support	2021-10-18 00:13:30 +08:00
ext2.rst	docs: fix a cross-ref	2021-06-13 17:02:46 -06:00
ext3.rst
f2fs.rst	f2fs-for-5.16-rc1	2021-11-13 11:20:22 -08:00
fiemap.rst
files.rst	file: Rename fcheck lookup_fd_rcu	2020-12-10 12:40:07 -06:00
fscrypt.rst	fscrypt: allow 256-bit master keys with AES-256-XTS	2021-09-22 11:29:38 -07:00
fsverity.rst	fs-verity: support reading signature with ioctl	2021-02-07 14:51:19 -08:00
fuse-io.rst
fuse.rst	fuse: update project homepage	2020-09-04 11:32:10 +02:00
gfs2-glocks.rst
gfs2-uevents.rst
gfs2.rst	Documentation: Update filesystems/gfs2.rst	2020-12-01 00:25:20 +01:00
hfs.rst
hfsplus.rst
hpfs.rst
idmappings.rst	docs: update mapping documentation	2021-12-03 18:58:11 +01:00
index.rst	Documentation: remove reference to now removed mandatory-locking doc	2021-10-05 06:02:53 -04:00
inotify.rst
isofs.rst
journalling.rst	jbd2: drop jbd2_fc_init documentation	2020-11-06 23:01:03 -05:00
locking.rst	doc: fs: remove bdev_try_to_free_page related doc	2021-12-23 12:40:53 -07:00
locks.rst	docs: fs: locks.rst: update comment about mandatory file locking	2021-10-19 06:48:21 -04:00
mount_api.rst	Documentation: mount_api: change kernel log wording	2020-12-03 15:53:13 -07:00
netfs_library.rst	netfs: Adjust docs after foliation	2021-11-29 10:10:26 -08:00
nilfs2.rst
ntfs.rst
ntfs3.rst	Doc/fs/ntfs3: Fix rst format and make it cleaner	2021-09-20 18:53:12 +03:00
ocfs2-online-filecheck.rst
ocfs2.rst	ocfs2: replace HTTP links with HTTPS ones	2020-08-07 11:33:22 -07:00
omfs.rst	Replace HTTP links with HTTPS ones: OMFS	2020-07-13 11:24:43 -06:00
orangefs.rst
overlayfs.rst	ovl: skip checking lower file's i_writecount on truncate	2021-08-17 11:47:44 +02:00
path-lookup.rst	Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2021-07-03 11:41:14 -07:00
path-lookup.txt
porting.rst	Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2021-07-03 11:41:14 -07:00
proc.rst	docs: proc.rst: mountinfo: align columns	2021-10-12 13:52:22 -06:00
qnx6.rst
quota.rst	quota: Fixup http links in quota doc	2020-07-09 08:14:01 +02:00
ramfs-rootfs-initramfs.rst	Documentation: Fix intiramfs script name	2021-07-18 23:48:14 +09:00
relay.rst
romfs.rst
seq_file.rst	seq_file: document how per-entry resources are managed.	2021-02-26 09:41:05 -08:00
sharedsubtree.rst
splice.rst
squashfs.rst
sysfs.rst	Driver Core patches for 5.10-rc1	2020-10-14 16:09:32 -07:00
sysv-fs.rst
tmpfs.rst	tmpfs: fix Documentation nits	2020-12-15 12:13:39 -08:00
ubifs-authentication.rst	docs: ubifs-authentication: Add a top-level heading	2020-09-09 11:53:33 -06:00
ubifs.rst
udf.rst	udf: Replace HTTP links with HTTPS ones	2020-07-14 14:37:39 +02:00
vfat.rst	docs: filesystems: Fix a mundane typo	2021-03-25 11:51:23 -06:00
vfs.rst	vfs: add rcu argument to ->get_acl() callback	2021-08-18 22:08:24 +02:00
virtiofs.rst
xfs-delayed-logging-design.rst
xfs-self-describing-metadata.rst
zonefs.rst	zonefs: document the explicit-open mount option	2020-09-15 18:32:58 +09:00