https://github.com/torvalds/linux
Revision 7cf7eed103d3eea600146ea1853d15ee1f2f0456 authored by Linus Torvalds on 18 November 2021, 20:17:33 UTC, committed by Linus Torvalds on 18 November 2021, 20:17:33 UTC
Pull setattr idmapping fix from Christian Brauner:
"This contains a simple fix for setattr. When determining the validity
of the attributes the ia_{g,u}id fields contain the value that will be
written to inode->i_{g,u}id. When the {g,u}id attribute of the file
isn't altered and the caller's fs{g,u}id matches the current {g,u}id
attribute the attribute change is allowed.
The value in ia_{g,u}id does already account for idmapped mounts and
will have taken the relevant idmapping into account. So in order to
verify that the {g,u}id attribute isn't changed we simple need to
compare the ia_{g,u}id value against the inode's i_{g,u}id value.
This only has any meaning for idmapped mounts as idmapping helpers are
idempotent without them. And for idmapped mounts this really only has
a meaning when circular idmappings are used, i.e. mappings where e.g.
id 1000 is mapped to id 1001 and id 1001 is mapped to id 1000. Such
ciruclar mappings can e.g. be useful when sharing the same home
directory between multiple users at the same time.
Before this patch we could end up denying legitimate attribute changes
and allowing invalid attribute changes when circular mappings are
used. To even get into this situation the caller must've been
privileged both to create that mapping and to create that idmapped
mount.
This hasn't been seen in the wild anywhere but came up when expanding
the fstest suite during work on a series of hardening patches. All
idmapped fstests pass without any regressions and we're adding new
tests to verify the behavior of circular mappings.
The new tests can be found at [1]"
Link: https://lore.kernel.org/linux-fsdevel/20211109145713.1868404-2-brauner@kernel.org [1]
* tag 'fs.idmapped.v5.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux:
fs: handle circular mappings correctly
Tip revision: 7cf7eed103d3eea600146ea1853d15ee1f2f0456 authored by Linus Torvalds on 18 November 2021, 20:17:33 UTC
Merge tag 'fs.idmapped.v5.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux
Merge tag 'fs.idmapped.v5.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux
Tip revision: 7cf7eed
Kconfig
# SPDX-License-Identifier: GPL-2.0
#
# Configuration for initramfs
#
config INITRAMFS_SOURCE
string "Initramfs source file(s)"
default ""
help
This can be either a single cpio archive with a .cpio suffix or a
space-separated list of directories and files for building the
initramfs image. A cpio archive should contain a filesystem archive
to be used as an initramfs image. Directories should contain a
filesystem layout to be included in the initramfs image. Files
should contain entries according to the format described by the
"usr/gen_init_cpio" program in the kernel tree.
When multiple directories and files are specified then the
initramfs image will be the aggregate of all of them.
See <file:Documentation/driver-api/early-userspace/early_userspace_support.rst> for more details.
If you are not sure, leave it blank.
config INITRAMFS_FORCE
bool "Ignore the initramfs passed by the bootloader"
depends on CMDLINE_EXTEND || CMDLINE_FORCE
help
This option causes the kernel to ignore the initramfs image
(or initrd image) passed to it by the bootloader. This is
analogous to CMDLINE_FORCE, which is found on some architectures,
and is useful if you cannot or don't want to change the image
your bootloader passes to the kernel.
config INITRAMFS_ROOT_UID
int "User ID to map to 0 (user root)"
depends on INITRAMFS_SOURCE!=""
default "0"
help
If INITRAMFS_SOURCE points to a directory, files owned by this UID
(-1 = current user) will be owned by root in the resulting image.
If you are not sure, leave it set to "0".
config INITRAMFS_ROOT_GID
int "Group ID to map to 0 (group root)"
depends on INITRAMFS_SOURCE!=""
default "0"
help
If INITRAMFS_SOURCE points to a directory, files owned by this GID
(-1 = current group) will be owned by root in the resulting image.
If you are not sure, leave it set to "0".
config RD_GZIP
bool "Support initial ramdisk/ramfs compressed using gzip"
default y
select DECOMPRESS_GZIP
help
Support loading of a gzip encoded initial ramdisk or cpio buffer.
If unsure, say Y.
config RD_BZIP2
bool "Support initial ramdisk/ramfs compressed using bzip2"
default y
select DECOMPRESS_BZIP2
help
Support loading of a bzip2 encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_LZMA
bool "Support initial ramdisk/ramfs compressed using LZMA"
default y
select DECOMPRESS_LZMA
help
Support loading of a LZMA encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_XZ
bool "Support initial ramdisk/ramfs compressed using XZ"
default y
select DECOMPRESS_XZ
help
Support loading of a XZ encoded initial ramdisk or cpio buffer.
If unsure, say N.
config RD_LZO
bool "Support initial ramdisk/ramfs compressed using LZO"
default y
select DECOMPRESS_LZO
help
Support loading of a LZO encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_LZ4
bool "Support initial ramdisk/ramfs compressed using LZ4"
default y
select DECOMPRESS_LZ4
help
Support loading of a LZ4 encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_ZSTD
bool "Support initial ramdisk/ramfs compressed using ZSTD"
default y
select DECOMPRESS_ZSTD
help
Support loading of a ZSTD encoded initial ramdisk or cpio buffer.
If unsure, say N.
choice
prompt "Built-in initramfs compression mode"
depends on INITRAMFS_SOURCE != ""
help
This option allows you to decide by which algorithm the builtin
initramfs will be compressed. Several compression algorithms are
available, which differ in efficiency, compression and
decompression speed. Compression speed is only relevant
when building a kernel. Decompression speed is relevant at
each boot. Also the memory usage during decompression may become
relevant on memory constrained systems. This is usually based on the
dictionary size of the algorithm with algorithms like XZ and LZMA
featuring large dictionary sizes.
High compression options are mostly useful for users who are
low on RAM, since it reduces the memory consumption during
boot.
Keep in mind that your build system needs to provide the appropriate
compression tool to compress the generated initram cpio file for
embedding.
If in doubt, select 'None'
config INITRAMFS_COMPRESSION_GZIP
bool "Gzip"
depends on RD_GZIP
help
Use the old and well tested gzip compression algorithm. Gzip provides
a good balance between compression ratio and decompression speed and
has a reasonable compression speed. It is also more likely to be
supported by your build system as the gzip tool is present by default
on most distros.
config INITRAMFS_COMPRESSION_BZIP2
bool "Bzip2"
depends on RD_BZIP2
help
It's compression ratio and speed is intermediate. Decompression speed
is slowest among the choices. The initramfs size is about 10% smaller
with bzip2, in comparison to gzip. Bzip2 uses a large amount of
memory. For modern kernels you will need at least 8MB RAM or more for
booting.
If you choose this, keep in mind that you need to have the bzip2 tool
available to be able to compress the initram.
config INITRAMFS_COMPRESSION_LZMA
bool "LZMA"
depends on RD_LZMA
help
This algorithm's compression ratio is best but has a large dictionary
size which might cause issues in memory constrained systems.
Decompression speed is between the other choices. Compression is
slowest. The initramfs size is about 33% smaller with LZMA in
comparison to gzip.
If you choose this, keep in mind that you may need to install the xz
or lzma tools to be able to compress the initram.
config INITRAMFS_COMPRESSION_XZ
bool "XZ"
depends on RD_XZ
help
XZ uses the LZMA2 algorithm and has a large dictionary which may cause
problems on memory constrained systems. The initramfs size is about
30% smaller with XZ in comparison to gzip. Decompression speed is
better than that of bzip2 but worse than gzip and LZO. Compression is
slow.
If you choose this, keep in mind that you may need to install the xz
tool to be able to compress the initram.
config INITRAMFS_COMPRESSION_LZO
bool "LZO"
depends on RD_LZO
help
It's compression ratio is the second poorest amongst the choices. The
kernel size is about 10% bigger than gzip. Despite that, it's
decompression speed is the second fastest and it's compression speed
is quite fast too.
If you choose this, keep in mind that you may need to install the lzop
tool to be able to compress the initram.
config INITRAMFS_COMPRESSION_LZ4
bool "LZ4"
depends on RD_LZ4
help
It's compression ratio is the poorest amongst the choices. The kernel
size is about 15% bigger than gzip; however its decompression speed
is the fastest.
If you choose this, keep in mind that most distros don't provide lz4
by default which could cause a build failure.
config INITRAMFS_COMPRESSION_ZSTD
bool "ZSTD"
depends on RD_ZSTD
help
ZSTD is a compression algorithm targeting intermediate compression
with fast decompression speed. It will compress better than GZIP and
decompress around the same speed as LZO, but slower than LZ4.
If you choose this, keep in mind that you may need to install the zstd
tool to be able to compress the initram.
config INITRAMFS_COMPRESSION_NONE
bool "None"
help
Do not compress the built-in initramfs at all. This may sound wasteful
in space, but, you should be aware that the built-in initramfs will be
compressed at a later stage anyways along with the rest of the kernel,
on those architectures that support this. However, not compressing the
initramfs may lead to slightly higher memory consumption during a
short time at boot, while both the cpio image and the unpacked
filesystem image will be present in memory simultaneously
endchoice
Computing file changes ...
