1. 25 May, 2019 30 commits
    • David Howells's avatar
      vfs: Convert cxl to use the new mount API · 52418c8f
      David Howells authored
      Convert the cxl filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarAndrew Donnellan <andrew.donnellan@au1.ibm.com>
      Acked-by: default avatarFrederic Barrat <fbarrat@linux.ibm.com>
      cc: linuxppc-dev@lists.ozlabs.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      52418c8f
    • David Howells's avatar
      vfs: Convert ia64 perfmon to use the new mount API · b06f973f
      David Howells authored
      Convert the ia64 perfmon filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Tony Luck <tony.luck@intel.com>
      cc: Fenghua Yu <fenghua.yu@intel.com>
      cc: linux-ia64@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      b06f973f
    • David Howells's avatar
      vfs: Convert drm to use the new mount API · 4a457910
      David Howells authored
      Convert the drm filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarDaniel Vetter <daniel.vetter@ffwll.ch>
      cc: David Airlie <airlied@linux.ie>
      cc: dri-devel@lists.freedesktop.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      4a457910
    • David Howells's avatar
      vfs: Convert dax to use the new mount API · 75d4e06f
      David Howells authored
      Convert the dax filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Dan Williams <dan.j.williams@intel.com>
      cc: Vishal Verma <vishal.l.verma@intel.com>
      cc: Keith Busch <keith.busch@intel.com>
      cc: Dave Jiang <dave.jiang@intel.com>
      cc: linux-nvdimm@lists.01.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      75d4e06f
    • David Howells's avatar
      vfs: Convert sockfs to use the new mount API · fba9be49
      David Howells authored
      Convert the sockfs filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: netdev@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      fba9be49
    • David Howells's avatar
      zsfold: Convert zsfold to use the new mount API · ea8157ab
      David Howells authored
      Convert the zsfold filesystem to the new internal mount API as the old one
      will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      ea8157ab
    • David Howells's avatar
      vfs: Convert zsmalloc to use the new mount API · 8e9231f8
      David Howells authored
      Convert the zsmalloc filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Minchan Kim <minchan@kernel.org>
      cc: Nitin Gupta <ngupta@vflare.org>
      cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
      cc: linux-mm@kvack.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      8e9231f8
    • David Howells's avatar
      vfs: Convert pipe to use the new mount API · 4fa7ec5d
      David Howells authored
      Convert the pipe filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: linux-fsdevel@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      4fa7ec5d
    • David Howells's avatar
      vfs: Convert nsfs to use the new mount API · 059b20d9
      David Howells authored
      Convert the nsfs filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Eric W. Biederman <ebiederm@xmission.com>
      cc: linux-fsdevel@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      059b20d9
    • David Howells's avatar
      vfs: Convert bdev to use the new mount API · 9030d16e
      David Howells authored
      Convert the bdev filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Jens Axboe <axboe@kernel.dk>
      cc: linux-fsdevel@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      9030d16e
    • David Howells's avatar
      vfs: Convert anon_inodes to use the new mount API · 33cada40
      David Howells authored
      Convert the anon_inodes filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: linux-fsdevel@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      33cada40
    • David Howells's avatar
      vfs: Convert aio to use the new mount API · 52db59df
      David Howells authored
      Convert the aio filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Benjamin LaHaise <bcrl@kvack.org>
      cc: linux-aio@kvack.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      52db59df
    • David Howells's avatar
      vfs: Provide a mount_pseudo-replacement for the new mount API · 31d6d5ce
      David Howells authored
      Provide a function, init_pseudo(), that provides a common
      infrastructure for converting pseudo-filesystems that can never be
      mountable.
      
      [AV: once all users of mount_pseudo_xattr() get converted, it will be folded
      into pseudo_fs_get_tree()]
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: linux-fsdevel@vger.kernel.org
      31d6d5ce
    • David Howells's avatar
      vfs: Provide sb->s_iflags settings in fs_context struct · c80fa7c8
      David Howells authored
      Provide a field in the fs_context struct through which bits in the
      sb->s_iflags superblock field can be set.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: linux-fsdevel@vger.kernel.org
      c80fa7c8
    • David Howells's avatar
      vfs: Fix refcounting of filenames in fs_parser · 7cdfa442
      David Howells authored
      Fix an overput in which filename_lookup() unconditionally drops a ref to
      the filename it was given, but this isn't taken account of in the caller,
      fs_lookup_param().
      
      Addresses-Coverity-ID: 1443811 ("Use after free")
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      7cdfa442
    • Al Viro's avatar
      move mount_capable() further out · c3aabf07
      Al Viro authored
      Call graph of vfs_get_tree():
      	vfs_fsconfig_locked()	# neither kernmount, nor submount
      	do_new_mount()		# neither kernmount, nor submount
      	fc_mount()
      		afs_mntpt_do_automount()	# submount
      		mount_one_hugetlbfs()		# kernmount
      		pid_ns_prepare_proc()		# kernmount
      		mq_create_mount()		# kernmount
      		vfs_kern_mount()
      			simple_pin_fs()		# kernmount
      			vfs_submount()		# submount
      			kern_mount()		# kernmount
      			init_mount_tree()
      			btrfs_mount()
      			nfs_do_root_mount()
      
      	The first two need the check (unconditionally).
      init_mount_tree() is setting rootfs up; any capability
      checks make zero sense for that one.  And btrfs_mount()/
      nfs_do_root_mount() have the checks already done in their
      callers.
      
      	IOW, we can shift mount_capable() handling into
      the two callers - one in the normal case of mount(2),
      another - in fsconfig(2) handling of FSCONFIG_CMD_CREATE.
      I.e. the syscalls that set a new filesystem up.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      c3aabf07
    • Al Viro's avatar
      move mount_capable() calls to vfs_get_tree() · 059338aa
      Al Viro authored
      sget_fc() is called only from ->get_tree() instances and
      the only instance not calling it is legacy_get_tree(),
      which calls mount_capable() directly.
      
      In all sget_fc() callers the checks could be moved to the
      very beginning of ->get_tree() - ->user_ns is not changed
      in between.  So lifting the checks to the only caller of
      ->get_tree() is OK.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      059338aa
    • Al Viro's avatar
      cpuset: move mount -t cpuset logics into cgroup.c · d5f68d33
      Al Viro authored
      ... and get rid of the weird dances in ->get_tree() - that logics
      can be easily handled in ->init_fs_context().
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      d5f68d33
    • Al Viro's avatar
      procfs: set ->user_ns before calling ->get_tree() · 46cf047a
      Al Viro authored
      here it's even simpler than in mqueue - pid_ns_prepare_proc()
      does everything needed anyway.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      46cf047a
    • Al Viro's avatar
      mqueue: set ->user_ns before ->get_tree() · 709a643d
      Al Viro authored
      ... so that we could lift the capability checks into ->get_tree()
      caller
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      709a643d
    • Al Viro's avatar
      switch mount_capable() to fs_context · 20284ab7
      Al Viro authored
      	now both callers of mount_capable() have access to fs_context;
      the only difference is that for sget_fc() we have the possibility
      of fc->global being true, while for legacy_get_tree() it's guaranteed
      to be impossible.  Unify to more generic variant...
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      20284ab7
    • Al Viro's avatar
      legacy_get_tree(): pass fc->user_ns to mount_capable() · fd912087
      Al Viro authored
      guaranteed to be equal to current_user_ns() here - it has not
      been changed since alloc_fs_context() (nothing in legacy
      methods changes it) and since we don't have SB_SUBMOUNT,
      that must've been FS_CONTEXT_FOR_MOUNT.  And in that case
      we have fc->user_ns set to fc->cred->user_ns, i.e.
      current_cred()->user_ns, i.e. current_user_ns()
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      fd912087
    • Al Viro's avatar
      move the capability checks from sget_userns() to legacy_get_tree() · 2527b284
      Al Viro authored
      1) all call chains leading to sget_userns() pass through ->mount()
      instances.
      2) none of ->mount() instances is ever called directly - the only
      call site is legacy_get_tree()
      3) all remaining ->mount() instances end up calling sget_userns()
      
      IOW, we might as well do the capability checks just before calling
      ->mount().  As for the arguments passed to mount_capable(),
      in case of call chains to sget_userns() going through sget(),
      we either don't call mount_capable() at all, or pass current_user_ns()
      to it.  The call chains going through mount_pseudo_xattr() don't
      call mount_capable() at all (SB_KERNMOUNT in flags on those).
      
      That could've been split into smaller steps (lifting the checks
      into sget(), then callers of sget(), then all the way to the
      entries of every ->mount() out there, then to the sole caller),
      but that would be too much churn for little benefit...
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      2527b284
    • David Howells's avatar
      vfs: Kill mount_ns() · bb7b6b2b
      David Howells authored
      Kill mount_ns() as it has been replaced by vfs_get_super() in the new mount
      API.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: linux-fsdevel@vger.kernel.org
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      bb7b6b2b
    • David Howells's avatar
      vfs: Convert nfsctl to use the new mount API · 96a374a3
      David Howells authored
      Convert the nfsctl filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: "J. Bruce Fields" <bfields@fieldses.org>
      cc: Jeff Layton <jlayton@kernel.org>
      cc: linux-nfs@vger.kernel.org
      96a374a3
    • David Howells's avatar
      vfs: Convert rpc_pipefs to use the new mount API · b9662f31
      David Howells authored
      Convert the rpc_pipefs filesystem to the new internal mount API as the old
      one will be obsoleted and removed.  This allows greater flexibility in
      communication of mount parameters between userspace, the VFS and the
      filesystem.
      
      See Documentation/filesystems/mount_api.txt for more information.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Trond Myklebust <trond.myklebust@hammerspace.com>
      cc: Anna Schumaker <anna.schumaker@netapp.com>
      cc: "J. Bruce Fields" <bfields@fieldses.org>
      cc: Jeff Layton <jlayton@kernel.org>
      cc: linux-nfs@vger.kernel.org
      b9662f31
    • Al Viro's avatar
      consolidate the capability checks in sget_{fc,userns}() · 0ce0cf12
      Al Viro authored
      ... into a common helper - mount_capable(type, userns)
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      0ce0cf12
    • Al Viro's avatar
      start massaging the checks in sget_...(): move to sget_userns() · feb8ae43
      Al Viro authored
      there are 3 remaining callers of sget_userns() - sget(), mount_ns()
      and mount_pseudo_xattr().  Extra check in sget() is conditional
      upon mount being neither KERNMOUNT nor SUBMOUNT, the identical one
      in mount_ns() - upon being not KERNMOUNT; mount_pseudo_xattr()
      has no such checks at all.
      
      However, mount_ns() is never used with SUBMOUNT and mount_pseudo_xattr()
      is used only for KERNMOUNT, so both would be fine with the same logics
      as currently done in sget(), allowing to consolidate the entire thing
      in sget_userns() itself.
      
      That's not where these checks will end up in the long run, though -
      the whole reason why they'd been done so deep in the bowels of
      mount(2) was that there had been no way for a filesystem to specify
      which userns to look at until it has entered ->mount().
      
      Now there is a place where filesystem could override the defaults -
      ->init_fs_context().  Which allows to pull the checks out into
      the callers of vfs_get_tree().  That'll take quite a bit of
      massage, but that mess is possible to tease apart.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      feb8ae43
    • Al Viro's avatar
      no need to protect against put_user_ns(NULL) · f7a99451
      Al Viro authored
      it's a no-op
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      f7a99451
    • Al Viro's avatar
      mount_pseudo(): drop 'name' argument, switch to d_make_root() · 1f58bb18
      Al Viro authored
      Once upon a time we used to set ->d_name of e.g. pipefs root
      so that d_path() on pipes would work.  These days it's
      completely pointless - dentries of pipes are not even connected
      to pipefs root.  However, mount_pseudo() had set the root
      dentry name (passed as the second argument) and callers
      kept inventing names to pass to it.  Including those that
      didn't *have* any non-root dentries to start with...
      
      All of that had been pointless for about 8 years now; it's
      time to get rid of that cargo-culting...
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      1f58bb18
  2. 21 May, 2019 3 commits
  3. 20 May, 2019 5 commits
  4. 19 May, 2019 2 commits