diff options
author | Miklos Szeredi <mszeredi@redhat.com> | 2022-11-10 15:46:33 +0100 |
---|---|---|
committer | Miklos Szeredi <mszeredi@redhat.com> | 2023-01-26 17:10:38 +0100 |
commit | 8ed7cb3f279fe67a93f407ee2ec3ea661a483a65 (patch) | |
tree | cdce22c462eab384ddfa139affcedfd28b7e93c8 /include/uapi | |
parent | 15d937d7ca8c55d2b0ce9116e20c780fdd0b67cc (diff) | |
download | linux-stable-8ed7cb3f279fe67a93f407ee2ec3ea661a483a65.tar.gz linux-stable-8ed7cb3f279fe67a93f407ee2ec3ea661a483a65.tar.bz2 linux-stable-8ed7cb3f279fe67a93f407ee2ec3ea661a483a65.zip |
fuse: optional supplementary group in create requests
Permission to create an object (create, mkdir, symlink, mknod) needs to
take supplementary groups into account.
Add a supplementary group request extension. This can contain an arbitrary
number of group IDs and can be added to any request. This extension is not
added to any request by default.
Add FUSE_CREATE_SUPP_GROUP init flag to enable supplementary group info in
creation requests. This adds just a single supplementary group that
matches the parent group in the case described above. In other cases the
extension is not added.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'include/uapi')
-rw-r--r-- | include/uapi/linux/fuse.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/include/uapi/linux/fuse.h b/include/uapi/linux/fuse.h index c71f12429e3d..1b9d0dfae72d 100644 --- a/include/uapi/linux/fuse.h +++ b/include/uapi/linux/fuse.h @@ -204,6 +204,8 @@ * - add total_extlen to fuse_in_header * - add FUSE_MAX_NR_SECCTX * - add extension header + * - add FUSE_EXT_GROUPS + * - add FUSE_CREATE_SUPP_GROUP */ #ifndef _LINUX_FUSE_H @@ -365,6 +367,8 @@ struct fuse_file_lock { * FUSE_SECURITY_CTX: add security context to create, mkdir, symlink, and * mknod * FUSE_HAS_INODE_DAX: use per inode DAX + * FUSE_CREATE_SUPP_GROUP: add supplementary group info to create, mkdir, + * symlink and mknod (single group that matches parent) */ #define FUSE_ASYNC_READ (1 << 0) #define FUSE_POSIX_LOCKS (1 << 1) @@ -401,6 +405,7 @@ struct fuse_file_lock { /* bits 32..63 get shifted down 32 bits into the flags2 field */ #define FUSE_SECURITY_CTX (1ULL << 32) #define FUSE_HAS_INODE_DAX (1ULL << 33) +#define FUSE_CREATE_SUPP_GROUP (1ULL << 34) /** * CUSE INIT request/reply flags @@ -509,10 +514,12 @@ struct fuse_file_lock { /** * extension type * FUSE_MAX_NR_SECCTX: maximum value of &fuse_secctx_header.nr_secctx + * FUSE_EXT_GROUPS: &fuse_supp_groups extension */ enum fuse_ext_type { /* Types 0..31 are reserved for fuse_secctx_header */ FUSE_MAX_NR_SECCTX = 31, + FUSE_EXT_GROUPS = 32, }; enum fuse_opcode { @@ -1073,4 +1080,14 @@ struct fuse_ext_header { uint32_t type; }; +/** + * struct fuse_supp_groups - Supplementary group extension + * @nr_groups: number of supplementary groups + * @groups: flexible array of group IDs + */ +struct fuse_supp_groups { + uint32_t nr_groups; + uint32_t groups[]; +}; + #endif /* _LINUX_FUSE_H */ |