fs: support mapped mounts of mapped filesystems
Christian Brauner authored
commit bd303368 upstream.

In previous patches we added new and modified existing helpers to handle
idmapped mounts of filesystems mounted with an idmapping. In this final
patch we convert all relevant places in the vfs to actually pass the
filesystem's idmapping into these helpers.

With this the vfs is in shape to handle idmapped mounts of filesystems
mounted with an idmapping. Note that this is just the generic
infrastructure. Actually adding support for idmapped mounts to a
filesystem mountable with an idmapping is follow-up work.

In this patch we extend the definition of an idmapped mount from a mount
that that has the initial idmapping attached to it to a mount that has
an idmapping attached to it which is not the same as the idmapping the
filesystem was mounted with.

As before we do not allow the initial idmapping to be attached to a
mount. In addition this patch prevents that the idmapping the filesystem
was mounted ...
38753e91
Name Last commit Last update
..
apparmor apparmor: fix error check
bpf bpf: Implement task local storage
integrity ima: remove the IMA_TEMPLATE Kconfig option
keys KEYS: trusted: tpm2: Fix migratable logic
landlock landlock: Fix same-layer rule unions
loadpin LSM: Add "contents" flag to kernel_read_file hook
lockdown Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
safesetid LSM: SafeSetID: Mark safesetid_initialized as __initdata
selinux selinux: fix bad cleanup on error in hashtab_duplicate()
smack Fix incorrect type in assignment of ipv6 port for audit
tomoyo TOMOYO: fix __setup handlers return values
yama task_work: cleanup notification modes
Kconfig fortify: Explicitly disable Clang support
Kconfig.hardening hardening: Clarify Kconfig text for auto-var-init
Makefile security: remove unneeded subdir-$(CONFIG_...)
commoncap.c fs: support mapped mounts of mapped filesystems
device_cgroup.c device_cgroup: Fix RCU list debugging warning
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
lsm_audit.c audit: remove unnecessary 'ret' initialization
min_addr.c sysctl: pass kernel pointers to ->proc_handler
security.c lockdown: also lock down previous kgdb use