[PATCH openEuler-1.0-LTS 3/4] xfs: remove the kuid/kgid conversion wrappers

14 Dec 2021

From: Christoph Hellwig hch@lst.de
mainline inclusion
from mainline-v5.6-rc4
commit ba8adad5d036733d240fa8a8f4d055f3d4490562
category: bugfix
bugzilla: 185881
CVE: CVE-2021-4037
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
-------------------------------------------------
Remove the XFS wrappers for converting from and to the kuid/kgid types.
Mostly this means switching to VFS i_{u,g}id_{read,write} helpers, but
in a few spots the calls to the conversion functions is open coded.
To match the use of sb->s_user_ns in the helpers and other file systems,
sb->s_user_ns is also used in the quota code.  The ACL code already does
the conversion in a grotty layering violation in the VFS xattr code,
so it keeps using init_user_ns for the identity mapping.
Signed-off-by: Christoph Hellwig hch@lst.de
Reviewed-by: Darrick J. Wong darrick.wong@oracle.com
Signed-off-by: Darrick J. Wong darrick.wong@oracle.com
conflicts:
fs/xfs/libxfs/xfs_inode_buf.c
fs/xfs/xfs_inode_item.c
Signed-off-by: Guo Xuenan guoxuenan@huawei.com
Reviewed-by: Zhang Yi yi.zhang@huawei.com
Reviewed-by: Xiu Jianfeng xiujianfeng@huawei.com
Signed-off-by: Yang Yingliang yangyingliang@huawei.com
---
 fs/xfs/libxfs/xfs_inode_buf.c |  8 ++++----
 fs/xfs/xfs_acl.c              | 12 ++++++++----
 fs/xfs/xfs_dquot.c            |  4 ++--
 fs/xfs/xfs_inode_item.c       |  4 ++--
 fs/xfs/xfs_itable.c           |  4 ++--
 fs/xfs/xfs_linux.h            | 26 --------------------------
 fs/xfs/xfs_qm.c               | 23 +++++++++--------------
 7 files changed, 27 insertions(+), 54 deletions(-)

diff --git a/fs/xfs/libxfs/xfs_inode_buf.c b/fs/xfs/libxfs/xfs_inode_buf.c
index 90a52358a0d23..e178a3bb2034d 100644
--- a/fs/xfs/libxfs/xfs_inode_buf.c
+++ b/fs/xfs/libxfs/xfs_inode_buf.c
@@ -224,8 +224,8 @@ xfs_inode_from_disk(
    }
to->di_format = from->di_format;
-	inode->i_uid = xfs_uid_to_kuid(be32_to_cpu(from->di_uid));
-	inode->i_gid = xfs_gid_to_kgid(be32_to_cpu(from->di_gid));
+	i_uid_write(inode, be32_to_cpu(from->di_uid));
+	i_gid_write(inode, be32_to_cpu(from->di_gid));
    to->di_flushiter = be16_to_cpu(from->di_flushiter);
/*
@@ -278,8 +278,8 @@ xfs_inode_to_disk(
to->di_version = from->di_version;
    to->di_format = from->di_format;
-	to->di_uid = cpu_to_be32(xfs_kuid_to_uid(inode->i_uid));
-	to->di_gid = cpu_to_be32(xfs_kgid_to_gid(inode->i_gid));
+	to->di_uid = cpu_to_be32(i_uid_read(inode));
+	to->di_gid = cpu_to_be32(i_gid_read(inode));
    to->di_projid_lo = cpu_to_be16(from->di_projid_lo);
    to->di_projid_hi = cpu_to_be16(from->di_projid_hi);
diff --git a/fs/xfs/xfs_acl.c b/fs/xfs/xfs_acl.c
index 8039e35147ddd..07972e9a76e0d 100644
--- a/fs/xfs/xfs_acl.c
+++ b/fs/xfs/xfs_acl.c
@@ -59,10 +59,12 @@ xfs_acl_from_disk(
switch (acl_e->e_tag) {
    	case ACL_USER:
-			acl_e->e_uid = xfs_uid_to_kuid(be32_to_cpu(ace->ae_id));
+			acl_e->e_uid = make_kuid(&init_user_ns,
+						 be32_to_cpu(ace->ae_id));
    		break;
    	case ACL_GROUP:
-			acl_e->e_gid = xfs_gid_to_kgid(be32_to_cpu(ace->ae_id));
+			acl_e->e_gid = make_kgid(&init_user_ns,
+						 be32_to_cpu(ace->ae_id));
    		break;
    	case ACL_USER_OBJ:
    	case ACL_GROUP_OBJ:
@@ -95,10 +97,12 @@ xfs_acl_to_disk(struct xfs_acl *aclp, const struct posix_acl *acl)
    	ace->ae_tag = cpu_to_be32(acl_e->e_tag);
    	switch (acl_e->e_tag) {
    	case ACL_USER:
-			ace->ae_id = cpu_to_be32(xfs_kuid_to_uid(acl_e->e_uid));
+			ace->ae_id = cpu_to_be32(
+					from_kuid(&init_user_ns, acl_e->e_uid));
    		break;
    	case ACL_GROUP:
-			ace->ae_id = cpu_to_be32(xfs_kgid_to_gid(acl_e->e_gid));
+			ace->ae_id = cpu_to_be32(
+					from_kgid(&init_user_ns, acl_e->e_gid));
    		break;
    	default:
    		ace->ae_id = cpu_to_be32(ACL_UNDEFINED_ID);
diff --git a/fs/xfs/xfs_dquot.c b/fs/xfs/xfs_dquot.c
index 8998b7e796328..704f1e2262e2e 100644
--- a/fs/xfs/xfs_dquot.c
+++ b/fs/xfs/xfs_dquot.c
@@ -833,9 +833,9 @@ xfs_qm_id_for_quotatype(
 {
    switch (type) {
    case XFS_DQ_USER:
-		return xfs_kuid_to_uid(VFS_I(ip)->i_uid);
+		return i_uid_read(VFS_I(ip));
    case XFS_DQ_GROUP:
-		return xfs_kgid_to_gid(VFS_I(ip)->i_gid);
+		return i_gid_read(VFS_I(ip));
    case XFS_DQ_PROJ:
    	return xfs_get_projid(ip);
    }
diff --git a/fs/xfs/xfs_inode_item.c b/fs/xfs/xfs_inode_item.c
index c871c3c060fa9..a743b9e5345f7 100644
--- a/fs/xfs/xfs_inode_item.c
+++ b/fs/xfs/xfs_inode_item.c
@@ -307,8 +307,8 @@ xfs_inode_to_log_dinode(
to->di_version = from->di_version;
    to->di_format = from->di_format;
-	to->di_uid = xfs_kuid_to_uid(inode->i_uid);
-	to->di_gid = xfs_kgid_to_gid(inode->i_gid);
+	to->di_uid = i_uid_read(inode);
+	to->di_gid = i_gid_read(inode);
    to->di_projid_lo = from->di_projid_lo;
    to->di_projid_hi = from->di_projid_hi;
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
index c5c0a22f25b44..792b586b99c95 100644
--- a/fs/xfs/xfs_itable.c
+++ b/fs/xfs/xfs_itable.c
@@ -66,8 +66,8 @@ xfs_bulkstat_one_int(
    buf->bs_projid_lo = dic->di_projid_lo;
    buf->bs_projid_hi = dic->di_projid_hi;
    buf->bs_ino = ino;
-	buf->bs_uid = xfs_kuid_to_uid(inode->i_uid);
-	buf->bs_gid = xfs_kgid_to_gid(inode->i_gid);
+	buf->bs_uid = i_uid_read(inode);
+	buf->bs_gid = i_gid_read(inode);
    buf->bs_size = dic->di_size;
buf->bs_nlink = inode->i_nlink;
diff --git a/fs/xfs/xfs_linux.h b/fs/xfs/xfs_linux.h
index edbd5a210df22..dc80281d141ab 100644
--- a/fs/xfs/xfs_linux.h
+++ b/fs/xfs/xfs_linux.h
@@ -165,32 +165,6 @@ struct xstats {
extern struct xstats xfsstats;
-/* Kernel uid/gid conversion. These are used to convert to/from the on disk
- * uid_t/gid_t types to the kuid_t/kgid_t types that the kernel uses internally.
- * The conversion here is type only, the value will remain the same since we
- * are converting to the init_user_ns. The uid is later mapped to a particular
- * user namespace value when crossing the kernel/user boundary.
- */
-static inline uint32_t xfs_kuid_to_uid(kuid_t uid)
-{
-	return from_kuid(&init_user_ns, uid);
-}
-
-static inline kuid_t xfs_uid_to_kuid(uint32_t uid)
-{
-	return make_kuid(&init_user_ns, uid);
-}
-
-static inline uint32_t xfs_kgid_to_gid(kgid_t gid)
-{
-	return from_kgid(&init_user_ns, gid);
-}
-
-static inline kgid_t xfs_gid_to_kgid(uint32_t gid)
-{
-	return make_kgid(&init_user_ns, gid);
-}
-
 static inline dev_t xfs_to_linux_dev_t(xfs_dev_t dev)
 {
    return MKDEV(sysv_major(dev) & 0x1ff, sysv_minor(dev));
diff --git a/fs/xfs/xfs_qm.c b/fs/xfs/xfs_qm.c
index 2a348688a0e50..65b77ea9d5a96 100644
--- a/fs/xfs/xfs_qm.c
+++ b/fs/xfs/xfs_qm.c
@@ -329,8 +329,7 @@ xfs_qm_dqattach_locked(
    ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
if (XFS_IS_UQUOTA_ON(mp) && !ip->i_udquot) {
-		error = xfs_qm_dqattach_one(ip,
-				xfs_kuid_to_uid(VFS_I(ip)->i_uid),
+		error = xfs_qm_dqattach_one(ip, i_uid_read(VFS_I(ip)),
    			XFS_DQ_USER, doalloc, &ip->i_udquot);
    	if (error)
    		goto done;
@@ -338,8 +337,7 @@ xfs_qm_dqattach_locked(
    }
if (XFS_IS_GQUOTA_ON(mp) && !ip->i_gdquot) {
-		error = xfs_qm_dqattach_one(ip,
-				xfs_kgid_to_gid(VFS_I(ip)->i_gid),
+		error = xfs_qm_dqattach_one(ip, i_gid_read(VFS_I(ip)),
    			XFS_DQ_GROUP, doalloc, &ip->i_gdquot);
    	if (error)
    		goto done;
@@ -1646,6 +1644,7 @@ xfs_qm_vop_dqalloc(
 {
    struct xfs_mount	*mp = ip->i_mount;
    struct inode		*inode = VFS_I(ip);
+	struct user_namespace	*user_ns = inode->i_sb->s_user_ns;
    struct xfs_dquot	*uq = NULL;
    struct xfs_dquot	*gq = NULL;
    struct xfs_dquot	*pq = NULL;
@@ -1685,7 +1684,7 @@ xfs_qm_vop_dqalloc(
    		 * holding ilock.
    		 */
    		xfs_iunlock(ip, lockflags);
-			error = xfs_qm_dqget(mp, xfs_kuid_to_uid(uid),
+			error = xfs_qm_dqget(mp, from_kuid(user_ns, uid),
    				XFS_DQ_USER, true, &uq);
    		if (error) {
    			ASSERT(error != -ENOENT);
@@ -1709,7 +1708,7 @@ xfs_qm_vop_dqalloc(
    if ((flags & XFS_QMOPT_GQUOTA) && XFS_IS_GQUOTA_ON(mp)) {
    	if (!gid_eq(inode->i_gid, gid)) {
    		xfs_iunlock(ip, lockflags);
-			error = xfs_qm_dqget(mp, xfs_kgid_to_gid(gid),
+			error = xfs_qm_dqget(mp, from_kgid(user_ns, gid),
    				XFS_DQ_GROUP, true, &gq);
    		if (error) {
    			ASSERT(error != -ENOENT);
@@ -1835,8 +1834,7 @@ xfs_qm_vop_chown_reserve(
    		XFS_QMOPT_RES_RTBLKS : XFS_QMOPT_RES_REGBLKS;
if (XFS_IS_UQUOTA_ON(mp) && udqp &&
-	    xfs_kuid_to_uid(VFS_I(ip)->i_uid) !=
-			be32_to_cpu(udqp->q_core.d_id)) {
+	    i_uid_read(VFS_I(ip)) != be32_to_cpu(udqp->q_core.d_id)) {
    	udq_delblks = udqp;
    	/*
    	 * If there are delayed allocation blocks, then we have to
@@ -1849,8 +1847,7 @@ xfs_qm_vop_chown_reserve(
    	}
    }
    if (XFS_IS_GQUOTA_ON(ip->i_mount) && gdqp &&
-	    xfs_kgid_to_gid(VFS_I(ip)->i_gid) !=
-			be32_to_cpu(gdqp->q_core.d_id)) {
+	    i_gid_read(VFS_I(ip)) != be32_to_cpu(gdqp->q_core.d_id)) {
    	gdq_delblks = gdqp;
    	if (delblks) {
    		ASSERT(ip->i_gdquot);
@@ -1947,16 +1944,14 @@ xfs_qm_vop_create_dqattach(
if (udqp && XFS_IS_UQUOTA_ON(mp)) {
    	ASSERT(ip->i_udquot == NULL);
-		ASSERT(xfs_kuid_to_uid(VFS_I(ip)->i_uid) ==
-			be32_to_cpu(udqp->q_core.d_id));
+		ASSERT(i_uid_read(VFS_I(ip)) == be32_to_cpu(udqp->q_core.d_id));
ip->i_udquot = xfs_qm_dqhold(udqp);
    	xfs_trans_mod_dquot(tp, udqp, XFS_TRANS_DQ_ICOUNT, 1);
    }
    if (gdqp && XFS_IS_GQUOTA_ON(mp)) {
    	ASSERT(ip->i_gdquot == NULL);
-		ASSERT(xfs_kgid_to_gid(VFS_I(ip)->i_gid) ==
-			be32_to_cpu(gdqp->q_core.d_id));
+		ASSERT(i_gid_read(VFS_I(ip)) == be32_to_cpu(gdqp->q_core.d_id));
ip->i_gdquot = xfs_qm_dqhold(gdqp);
    	xfs_trans_mod_dquot(tp, gdqp, XFS_TRANS_DQ_ICOUNT, 1);
-- 
2.25.1

    

2024

2023

2022

2021

2020

2019

[PATCH openEuler-1.0-LTS 3/4] xfs: remove the kuid/kgid conversion wrappers