Lines Matching refs:idmap
317 static int check_acl(struct mnt_idmap *idmap, in check_acl() argument
330 return posix_acl_permission(idmap, inode, acl, mask); in check_acl()
337 int error = posix_acl_permission(idmap, inode, acl, mask); in check_acl()
381 static int acl_permission_check(struct mnt_idmap *idmap, in acl_permission_check() argument
410 vfsuid = i_uid_into_vfsuid(idmap, inode); in acl_permission_check()
419 int error = check_acl(idmap, inode, mask); in acl_permission_check()
433 vfsgid_t vfsgid = i_gid_into_vfsgid(idmap, inode); in acl_permission_check()
464 int generic_permission(struct mnt_idmap *idmap, struct inode *inode, in generic_permission() argument
472 ret = acl_permission_check(idmap, inode, mask); in generic_permission()
479 if (capable_wrt_inode_uidgid(idmap, inode, in generic_permission()
482 if (capable_wrt_inode_uidgid(idmap, inode, in generic_permission()
493 if (capable_wrt_inode_uidgid(idmap, inode, in generic_permission()
502 if (capable_wrt_inode_uidgid(idmap, inode, in generic_permission()
521 static inline int do_inode_permission(struct mnt_idmap *idmap, in do_inode_permission() argument
526 return inode->i_op->permission(idmap, inode, mask); in do_inode_permission()
533 return generic_permission(idmap, inode, mask); in do_inode_permission()
568 int inode_permission(struct mnt_idmap *idmap, in inode_permission() argument
589 if (unlikely(HAS_UNMAPPED_ID(idmap, inode))) in inode_permission()
593 retval = do_inode_permission(idmap, inode, mask); in inode_permission()
1170 struct mnt_idmap *idmap; in may_follow_link() local
1176 idmap = mnt_idmap(nd->path.mnt); in may_follow_link()
1177 vfsuid = i_uid_into_vfsuid(idmap, inode); in may_follow_link()
1211 static bool safe_hardlink_source(struct mnt_idmap *idmap, in safe_hardlink_source() argument
1229 if (inode_permission(idmap, inode, MAY_READ | MAY_WRITE)) in safe_hardlink_source()
1254 int may_linkat(struct mnt_idmap *idmap, const struct path *link) in may_linkat() argument
1259 if (!vfsuid_valid(i_uid_into_vfsuid(idmap, inode)) || in may_linkat()
1260 !vfsgid_valid(i_gid_into_vfsgid(idmap, inode))) in may_linkat()
1269 if (safe_hardlink_source(idmap, inode) || in may_linkat()
1270 inode_owner_or_capable(idmap, inode)) in may_linkat()
1304 static int may_create_in_sticky(struct mnt_idmap *idmap, struct nameidata *nd, in may_create_in_sticky() argument
1319 i_vfsuid = i_uid_into_vfsuid(idmap, inode); in may_create_in_sticky()
1830 static inline int may_lookup(struct mnt_idmap *idmap, in may_lookup() argument
1836 err = inode_permission(idmap, nd->inode, mask | MAY_EXEC); in may_lookup()
1851 return inode_permission(idmap, nd->inode, MAY_EXEC); in may_lookup()
2440 struct mnt_idmap *idmap; in link_path_walk() local
2444 idmap = mnt_idmap(nd->path.mnt); in link_path_walk()
2445 err = may_lookup(idmap, nd); in link_path_walk()
2487 nd->dir_vfsuid = i_uid_into_vfsuid(idmap, nd->inode); in link_path_walk()
2895 static int lookup_one_common(struct mnt_idmap *idmap, in lookup_one_common() argument
2902 return inode_permission(idmap, base->d_inode, MAY_EXEC); in lookup_one_common()
2968 struct dentry *lookup_one(struct mnt_idmap *idmap, struct qstr *name, in lookup_one() argument
2976 err = lookup_one_common(idmap, name, base); in lookup_one()
2996 struct dentry *lookup_one_unlocked(struct mnt_idmap *idmap, struct qstr *name, in lookup_one_unlocked() argument
3002 err = lookup_one_common(idmap, name, base); in lookup_one_unlocked()
3030 struct dentry *lookup_one_positive_unlocked(struct mnt_idmap *idmap, in lookup_one_positive_unlocked() argument
3034 struct dentry *ret = lookup_one_unlocked(idmap, name, base); in lookup_one_positive_unlocked()
3134 int __check_sticky(struct mnt_idmap *idmap, struct inode *dir, in __check_sticky() argument
3139 if (vfsuid_eq_kuid(i_uid_into_vfsuid(idmap, inode), fsuid)) in __check_sticky()
3141 if (vfsuid_eq_kuid(i_uid_into_vfsuid(idmap, dir), fsuid)) in __check_sticky()
3143 return !capable_wrt_inode_uidgid(idmap, inode, CAP_FOWNER); in __check_sticky()
3167 static int may_delete(struct mnt_idmap *idmap, struct inode *dir, in may_delete() argument
3180 if (!vfsuid_valid(i_uid_into_vfsuid(idmap, inode)) || in may_delete()
3181 !vfsgid_valid(i_gid_into_vfsgid(idmap, inode))) in may_delete()
3186 error = inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC); in may_delete()
3192 if (check_sticky(idmap, dir, inode) || IS_APPEND(inode) || in may_delete()
3194 HAS_UNMAPPED_ID(idmap, inode)) in may_delete()
3219 static inline int may_create(struct mnt_idmap *idmap, in may_create() argument
3227 if (!fsuidgid_has_mapping(dir->i_sb, idmap)) in may_create()
3230 return inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC); in may_create()
3356 static inline umode_t vfs_prepare_mode(struct mnt_idmap *idmap, in vfs_prepare_mode() argument
3360 mode = mode_strip_sgid(idmap, dir, mode); in vfs_prepare_mode()
3389 int vfs_create(struct mnt_idmap *idmap, struct inode *dir, in vfs_create() argument
3394 error = may_create(idmap, dir, dentry); in vfs_create()
3401 mode = vfs_prepare_mode(idmap, dir, mode, S_IALLUGO, S_IFREG); in vfs_create()
3405 error = dir->i_op->create(idmap, dir, dentry, mode, want_excl); in vfs_create()
3439 static int may_open(struct mnt_idmap *idmap, const struct path *path, in may_open() argument
3477 error = inode_permission(idmap, inode, MAY_OPEN | acc_mode); in may_open()
3492 if (flag & O_NOATIME && !inode_owner_or_capable(idmap, inode)) in may_open()
3498 static int handle_truncate(struct mnt_idmap *idmap, struct file *filp) in handle_truncate() argument
3508 error = do_truncate(idmap, path->dentry, 0, in handle_truncate()
3523 static int may_o_create(struct mnt_idmap *idmap, in may_o_create() argument
3531 if (!fsuidgid_has_mapping(dir->dentry->d_sb, idmap)) in may_o_create()
3534 error = inode_permission(idmap, dir->dentry->d_inode, in may_o_create()
3614 struct mnt_idmap *idmap; in lookup_open() local
3665 idmap = mnt_idmap(nd->path.mnt); in lookup_open()
3669 mode = vfs_prepare_mode(idmap, dir->d_inode, mode, mode, mode); in lookup_open()
3671 create_error = may_o_create(idmap, &nd->path, in lookup_open()
3708 error = dir_inode->i_op->create(idmap, dir_inode, dentry, in lookup_open()
3846 struct mnt_idmap *idmap; in do_open() local
3859 idmap = mnt_idmap(nd->path.mnt); in do_open()
3865 error = may_create_in_sticky(idmap, nd, in do_open()
3885 error = may_open(idmap, &nd->path, acc_mode, open_flag); in do_open()
3891 error = handle_truncate(idmap, file); in do_open()
3916 int vfs_tmpfile(struct mnt_idmap *idmap, in vfs_tmpfile() argument
3927 error = inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC); in vfs_tmpfile()
3937 mode = vfs_prepare_mode(idmap, dir, mode, mode, mode); in vfs_tmpfile()
3938 error = dir->i_op->tmpfile(idmap, dir, file, mode); in vfs_tmpfile()
3945 error = may_open(idmap, &file->f_path, 0, file->f_flags); in vfs_tmpfile()
3954 security_inode_post_create_tmpfile(idmap, inode); in vfs_tmpfile()
3970 struct file *kernel_tmpfile_open(struct mnt_idmap *idmap, in kernel_tmpfile_open() argument
3982 error = vfs_tmpfile(idmap, parentpath, file, mode); in kernel_tmpfile_open()
4210 int vfs_mknod(struct mnt_idmap *idmap, struct inode *dir, in vfs_mknod() argument
4214 int error = may_create(idmap, dir, dentry); in vfs_mknod()
4226 mode = vfs_prepare_mode(idmap, dir, mode, mode, mode); in vfs_mknod()
4235 error = dir->i_op->mknod(idmap, dir, dentry, mode, dev); in vfs_mknod()
4262 struct mnt_idmap *idmap; in do_mknodat() local
4282 idmap = mnt_idmap(path.mnt); in do_mknodat()
4285 error = vfs_create(idmap, path.dentry->d_inode, in do_mknodat()
4288 security_path_post_mknod(idmap, dentry); in do_mknodat()
4291 error = vfs_mknod(idmap, path.dentry->d_inode, in do_mknodat()
4295 error = vfs_mknod(idmap, path.dentry->d_inode, in do_mknodat()
4342 struct dentry *vfs_mkdir(struct mnt_idmap *idmap, struct inode *dir, in vfs_mkdir() argument
4349 error = may_create(idmap, dir, dentry); in vfs_mkdir()
4357 mode = vfs_prepare_mode(idmap, dir, mode, S_IRWXUGO | S_ISVTX, 0); in vfs_mkdir()
4366 de = dir->i_op->mkdir(idmap, dir, dentry, mode); in vfs_mkdir()
4438 int vfs_rmdir(struct mnt_idmap *idmap, struct inode *dir, in vfs_rmdir() argument
4441 int error = may_delete(idmap, dir, dentry, 1); in vfs_rmdir()
4563 int vfs_unlink(struct mnt_idmap *idmap, struct inode *dir, in vfs_unlink() argument
4567 int error = may_delete(idmap, dir, dentry, 0); in vfs_unlink()
4714 int vfs_symlink(struct mnt_idmap *idmap, struct inode *dir, in vfs_symlink() argument
4719 error = may_create(idmap, dir, dentry); in vfs_symlink()
4730 error = dir->i_op->symlink(idmap, dir, dentry, oldname); in vfs_symlink()
4806 int vfs_link(struct dentry *old_dentry, struct mnt_idmap *idmap, in vfs_link() argument
4817 error = may_create(idmap, dir, new_dentry); in vfs_link()
4834 if (HAS_UNMAPPED_ID(idmap, inode)) in vfs_link()
4881 struct mnt_idmap *idmap; in do_linkat() local
4917 idmap = mnt_idmap(new_path.mnt); in do_linkat()
4918 error = may_linkat(idmap, &old_path); in do_linkat()
4924 error = vfs_link(old_path.dentry, idmap, new_path.dentry->d_inode, in do_linkat()