fuse: support idmapped ->permission inode op

We only cover the case when "default_permissions" flag is used. A reason for that is that otherwise all the permission checks are done in the userspace and we have to deal with VFS idmapping in the userspace (which is bad), alternatively we have to provide the userspace with idmapped req->in.h.uid/req->in.h.gid which is also not align with VFS idmaps philosophy. Signed-off-by: Alexander Mikhalitsyn <[email protected]> Reviewed-by: Christian Brauner <[email protected]> Signed-off-by: Miklos Szeredi <[email protected]>
author: Alexander Mikhalitsyn <[email protected]> 2024-09-03 17:16:18 +0200
committer: Miklos Szeredi <[email protected]> 2024-09-04 16:49:58 +0200
commit: c1d82215d391ded456e7bdd1c0893c9cb6322272 (patch)
tree: 9fd5243085d15522db7af247f4cbc74ffd4b5b83
parent: 2a8c810d5e492906fe0af94a6e8b2398714e80e0 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 2bc3ae40619a..70ed1c47d7ce 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -1545,7 +1545,7 @@ static int fuse_permission(struct mnt_idmap *idmap,
 	}
 
 	if (fc->default_permissions) {
-		err = generic_permission(&nop_mnt_idmap, inode, mask);
+		err = generic_permission(idmap, inode, mask);
 
 		/* If permission is denied, try to refresh file
 		   attributes.  This is also needed, because the root
@@ -1553,7 +1553,7 @@ static int fuse_permission(struct mnt_idmap *idmap,
 		if (err == -EACCES && !refreshed) {
 			err = fuse_perm_getattr(inode, mask);
 			if (!err)
-				err = generic_permission(&nop_mnt_idmap,
+				err = generic_permission(idmap,
 							 inode, mask);
 		}
author	Alexander Mikhalitsyn <[email protected]>	2024-09-03 17:16:18 +0200
committer	Miklos Szeredi <[email protected]>	2024-09-04 16:49:58 +0200
commit	c1d82215d391ded456e7bdd1c0893c9cb6322272 (patch)
tree	9fd5243085d15522db7af247f4cbc74ffd4b5b83
parent	2a8c810d5e492906fe0af94a6e8b2398714e80e0 (diff)