Fixed parameter passing error when calling zfs_acl_chmod

[mirror_zfs.git] / module / os / linux / zfs / zfs_acl.c

diff --git a/module/os/linux/zfs/zfs_acl.c b/module/os/linux/zfs/zfs_acl.c
index 437169990f029783d42fabd8fbf6e77929c07128..48abbc010917ff5a749f4d3cb3693bc5f0408110 100644 (file)
--- a/module/os/linux/zfs/zfs_acl.c
+++ b/module/os/linux/zfs/zfs_acl.c
@@ -493,10 +493,8 @@ zfs_acl_release_nodes(zfs_acl_t *aclp)
 {
        zfs_acl_node_t *aclnode;
 
-       while ((aclnode = list_head(&aclp->z_acl))) {
-               list_remove(&aclp->z_acl, aclnode);
+       while ((aclnode = list_remove_head(&aclp->z_acl)))
                zfs_acl_node_free(aclnode);
-       }
        aclp->z_acl_count = 0;
        aclp->z_acl_bytes = 0;
 }
@@ -1802,7 +1800,7 @@ zfs_acl_inherit(zfsvfs_t *zfsvfs, umode_t va_mode, zfs_acl_t *paclp,
  */
 int
 zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr,
-    vsecattr_t *vsecp, zfs_acl_ids_t *acl_ids, zuserns_t *mnt_ns)
+    vsecattr_t *vsecp, zfs_acl_ids_t *acl_ids, zidmap_t *mnt_ns)
 {
        int             error;
        zfsvfs_t        *zfsvfs = ZTOZSB(dzp);
@@ -1889,7 +1887,8 @@ zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr,
                acl_ids->z_mode |= S_ISGID;
        } else {
                if ((acl_ids->z_mode & S_ISGID) &&
-                   secpolicy_vnode_setids_setgids(cr, gid, mnt_ns) != 0) {
+                   secpolicy_vnode_setids_setgids(cr, gid, mnt_ns,
+                   zfs_i_user_ns(ZTOI(dzp))) != 0) {
                        acl_ids->z_mode &= ~S_ISGID;
                }
        }
@@ -1922,8 +1921,8 @@ zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr,
                            zfsvfs->z_acl_inherit != ZFS_ACL_PASSTHROUGH &&
                            zfsvfs->z_acl_inherit != ZFS_ACL_PASSTHROUGH_X)
                                trim = B_TRUE;
-                       zfs_acl_chmod(vap->va_mode, acl_ids->z_mode, B_FALSE,
-                           trim, acl_ids->z_aclp);
+                       zfs_acl_chmod(S_ISDIR(vap->va_mode), acl_ids->z_mode,
+                           B_FALSE, trim, acl_ids->z_aclp);
                }
        }
 
@@ -1979,7 +1978,8 @@ zfs_getacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
        if (mask == 0)
                return (SET_ERROR(ENOSYS));
 
-       if ((error = zfs_zaccess(zp, ACE_READ_ACL, 0, skipaclchk, cr, NULL)))
+       if ((error = zfs_zaccess(zp, ACE_READ_ACL, 0, skipaclchk, cr,
+           zfs_init_idmap)))
                return (error);
 
        mutex_enter(&zp->z_acl_lock);
@@ -2138,7 +2138,8 @@ zfs_setacl(znode_t *zp, vsecattr_t *vsecp, boolean_t skipaclchk, cred_t *cr)
        if (zp->z_pflags & ZFS_IMMUTABLE)
                return (SET_ERROR(EPERM));
 
-       if ((error = zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr, NULL)))
+       if ((error = zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr,
+           zfs_init_idmap)))
                return (error);
 
        error = zfs_vsec_2_aclp(zfsvfs, ZTOI(zp)->i_mode, vsecp, cr, &fuidp,
@@ -2230,8 +2231,7 @@ static int
 zfs_zaccess_dataset_check(znode_t *zp, uint32_t v4_mode)
 {
        if ((v4_mode & WRITE_MASK) && (zfs_is_readonly(ZTOZSB(zp))) &&
-           (!Z_ISDEV(ZTOI(zp)->i_mode) ||
-           (Z_ISDEV(ZTOI(zp)->i_mode) && (v4_mode & WRITE_MASK_ATTRS)))) {
+           (!Z_ISDEV(ZTOI(zp)->i_mode) || (v4_mode & WRITE_MASK_ATTRS))) {
                return (SET_ERROR(EROFS));
        }
 
@@ -2284,7 +2284,7 @@ zfs_zaccess_dataset_check(znode_t *zp, uint32_t v4_mode)
  */
 static int
 zfs_zaccess_aces_check(znode_t *zp, uint32_t *working_mode,
-    boolean_t anyaccess, cred_t *cr, zuserns_t *mnt_ns)
+    boolean_t anyaccess, cred_t *cr, zidmap_t *mnt_ns)
 {
        zfsvfs_t        *zfsvfs = ZTOZSB(zp);
        zfs_acl_t       *aclp;
@@ -2301,9 +2301,9 @@ zfs_zaccess_aces_check(znode_t *zp, uint32_t *working_mode,
        uid_t           fowner;
 
        if (mnt_ns) {
-               fowner = zfs_uid_into_mnt(mnt_ns,
+               fowner = zfs_uid_to_vfsuid(mnt_ns, zfs_i_user_ns(ZTOI(zp)),
                    KUID_TO_SUID(ZTOI(zp)->i_uid));
-               gowner = zfs_gid_into_mnt(mnt_ns,
+               gowner = zfs_gid_to_vfsgid(mnt_ns, zfs_i_user_ns(ZTOI(zp)),
                    KGID_TO_SGID(ZTOI(zp)->i_gid));
        } else
                zfs_fuid_map_ids(zp, cr, &fowner, &gowner);
@@ -2417,7 +2417,8 @@ zfs_has_access(znode_t *zp, cred_t *cr)
 {
        uint32_t have = ACE_ALL_PERMS;
 
-       if (zfs_zaccess_aces_check(zp, &have, B_TRUE, cr, NULL) != 0) {
+       if (zfs_zaccess_aces_check(zp, &have, B_TRUE, cr,
+           zfs_init_idmap) != 0) {
                uid_t owner;
 
                owner = zfs_fuid_map_id(ZTOZSB(zp),
@@ -2448,7 +2449,7 @@ zfs_has_access(znode_t *zp, cred_t *cr)
  */
 static int
 zfs_zaccess_trivial(znode_t *zp, uint32_t *working_mode, cred_t *cr,
-    zuserns_t *mnt_ns)
+    zidmap_t *mnt_ns)
 {
        int err, mask;
        int unmapped = 0;
@@ -2461,11 +2462,9 @@ zfs_zaccess_trivial(znode_t *zp, uint32_t *working_mode, cred_t *cr,
                return (unmapped ? SET_ERROR(EPERM) : 0);
        }
 
-#if defined(HAVE_IOPS_PERMISSION_USERNS)
-       if (mnt_ns)
-               err = generic_permission(mnt_ns, ZTOI(zp), mask);
-       else
-               err = generic_permission(cr->user_ns, ZTOI(zp), mask);
+#if (defined(HAVE_IOPS_PERMISSION_USERNS) || \
+       defined(HAVE_IOPS_PERMISSION_IDMAP))
+       err = generic_permission(mnt_ns, ZTOI(zp), mask);
 #else
        err = generic_permission(ZTOI(zp), mask);
 #endif
@@ -2480,7 +2479,7 @@ zfs_zaccess_trivial(znode_t *zp, uint32_t *working_mode, cred_t *cr,
 
 static int
 zfs_zaccess_common(znode_t *zp, uint32_t v4_mode, uint32_t *working_mode,
-    boolean_t *check_privs, boolean_t skipaclchk, cred_t *cr, zuserns_t *mnt_ns)
+    boolean_t *check_privs, boolean_t skipaclchk, cred_t *cr, zidmap_t *mnt_ns)
 {
        zfsvfs_t *zfsvfs = ZTOZSB(zp);
        int err;
@@ -2537,7 +2536,7 @@ zfs_zaccess_common(znode_t *zp, uint32_t v4_mode, uint32_t *working_mode,
 
 static int
 zfs_zaccess_append(znode_t *zp, uint32_t *working_mode, boolean_t *check_privs,
-    cred_t *cr, zuserns_t *mnt_ns)
+    cred_t *cr, zidmap_t *mnt_ns)
 {
        if (*working_mode != ACE_WRITE_DATA)
                return (SET_ERROR(EACCES));
@@ -2578,7 +2577,6 @@ zfs_fastaccesschk_execute(znode_t *zdp, cred_t *cr)
        }
 
        if (uid == KUID_TO_SUID(ZTOI(zdp)->i_uid)) {
-               owner = B_TRUE;
                if (zdp->z_mode & S_IXUSR) {
                        mutex_exit(&zdp->z_acl_lock);
                        return (0);
@@ -2588,7 +2586,6 @@ zfs_fastaccesschk_execute(znode_t *zdp, cred_t *cr)
                }
        }
        if (groupmember(KGID_TO_SGID(ZTOI(zdp)->i_gid), cr)) {
-               groupmbr = B_TRUE;
                if (zdp->z_mode & S_IXGRP) {
                        mutex_exit(&zdp->z_acl_lock);
                        return (0);
@@ -2610,7 +2607,8 @@ slow:
        DTRACE_PROBE(zfs__fastpath__execute__access__miss);
        if ((error = zfs_enter(ZTOZSB(zdp), FTAG)) != 0)
                return (error);
-       error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr, NULL);
+       error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr,
+           zfs_init_idmap);
        zfs_exit(ZTOZSB(zdp), FTAG);
        return (error);
 }
@@ -2623,7 +2621,7 @@ slow:
  */
 int
 zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr,
-    zuserns_t *mnt_ns)
+    zidmap_t *mnt_ns)
 {
        uint32_t        working_mode;
        int             error;
@@ -2662,7 +2660,8 @@ zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr,
                }
        }
 
-       owner = zfs_uid_into_mnt(mnt_ns, KUID_TO_SUID(ZTOI(zp)->i_uid));
+       owner = zfs_uid_to_vfsuid(mnt_ns, zfs_i_user_ns(ZTOI(zp)),
+           KUID_TO_SUID(ZTOI(zp)->i_uid));
        owner = zfs_fuid_map_id(ZTOZSB(zp), owner, cr, ZFS_OWNER);
 
        /*
@@ -2715,7 +2714,6 @@ zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr,
                 * read_acl/read_attributes
                 */
 
-               error = 0;
                ASSERT(working_mode != 0);
 
                if ((working_mode & (ACE_READ_ACL|ACE_READ_ATTRIBUTES) &&
@@ -2772,7 +2770,7 @@ zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr,
  */
 int
 zfs_zaccess_rwx(znode_t *zp, mode_t mode, int flags, cred_t *cr,
-    zuserns_t *mnt_ns)
+    zidmap_t *mnt_ns)
 {
        return (zfs_zaccess(zp, zfs_unix_to_v4(mode >> 6), flags, B_FALSE, cr,
            mnt_ns));
@@ -2782,11 +2780,11 @@ zfs_zaccess_rwx(znode_t *zp, mode_t mode, int flags, cred_t *cr,
  * Access function for secpolicy_vnode_setattr
  */
 int
-zfs_zaccess_unix(znode_t *zp, mode_t mode, cred_t *cr)
+zfs_zaccess_unix(void *zp, int mode, cred_t *cr)
 {
        int v4_mode = zfs_unix_to_v4(mode >> 6);
 
-       return (zfs_zaccess(zp, v4_mode, 0, B_FALSE, cr, NULL));
+       return (zfs_zaccess(zp, v4_mode, 0, B_FALSE, cr, zfs_init_idmap));
 }
 
 /* See zfs_zaccess_delete() */
@@ -2863,7 +2861,7 @@ static const boolean_t zfs_write_implies_delete_child = B_TRUE;
  * zfs_write_implies_delete_child
  */
 int
-zfs_zaccess_delete(znode_t *dzp, znode_t *zp, cred_t *cr, zuserns_t *mnt_ns)
+zfs_zaccess_delete(znode_t *dzp, znode_t *zp, cred_t *cr, zidmap_t *mnt_ns)
 {
        uint32_t wanted_dirperms;
        uint32_t dzp_working_mode = 0;
@@ -2994,7 +2992,7 @@ zfs_zaccess_delete(znode_t *dzp, znode_t *zp, cred_t *cr, zuserns_t *mnt_ns)
 
 int
 zfs_zaccess_rename(znode_t *sdzp, znode_t *szp, znode_t *tdzp,
-    znode_t *tzp, cred_t *cr, zuserns_t *mnt_ns)
+    znode_t *tzp, cred_t *cr, zidmap_t *mnt_ns)
 {
        int add_perm;
        int error;