git.baikalelectronics.ru Git - kernel.git/commit

apparmor: handle idmapped mounts

The i_uid and i_gid are mostly used when logging for AppArmor. This is
broken in a bunch of places where the global root id is reported instead
of the i_uid or i_gid of the file. Nonetheless, be kind and log the
mapped inode if we're coming from an idmapped mount. If the initial user
namespace is passed nothing changes so non-idmapped mounts will see
identical behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

author	Christian Brauner <christian.brauner@ubuntu.com>
	Thu, 21 Jan 2021 13:19:44 +0000 (14:19 +0100)
committer	Christian Brauner <christian.brauner@ubuntu.com>
	Sun, 24 Jan 2021 13:27:20 +0000 (14:27 +0100)
commit	eab0f0a67cb5fd66e4c21878526f90e26de662b1
tree	d06df042d5feaadad59ccd3c53f7611740db0f3e	tree \| snapshot
parent	baf32546e288f2b28eae786c7381089f2ed61099	commit \| diff

security/apparmor/domain.c		diff \| blob \| history
security/apparmor/file.c		diff \| blob \| history
security/apparmor/lsm.c		diff \| blob \| history