diff --git a/include/sys/trace_acl.h b/include/sys/trace_acl.h index db4334951a2a..bd19c5a1669d 100644 --- a/include/sys/trace_acl.h +++ b/include/sys/trace_acl.h @@ -31,6 +31,7 @@ #define _TRACE_ACL_H #include +#include #include /* @@ -56,8 +57,6 @@ DECLARE_EVENT_CLASS(zfs_ace_class, __field(uint64_t, z_mapcnt) __field(uint64_t, z_size) __field(uint64_t, z_pflags) - __field(uint64_t, z_uid) - __field(uint64_t, z_gid) __field(uint32_t, z_sync_cnt) __field(mode_t, z_mode) __field(boolean_t, z_is_sa) @@ -65,6 +64,8 @@ DECLARE_EVENT_CLASS(zfs_ace_class, __field(boolean_t, z_is_ctldir) __field(boolean_t, z_is_stale) + __field(uint32_t, i_uid) + __field(uint32_t, i_gid) __field(unsigned long, i_ino) __field(unsigned int, i_nlink) __field(u64, i_version) @@ -91,8 +92,6 @@ DECLARE_EVENT_CLASS(zfs_ace_class, __entry->z_mapcnt = zn->z_mapcnt; __entry->z_size = zn->z_size; __entry->z_pflags = zn->z_pflags; - __entry->z_uid = zn->z_uid; - __entry->z_gid = zn->z_gid; __entry->z_sync_cnt = zn->z_sync_cnt; __entry->z_mode = zn->z_mode; __entry->z_is_sa = zn->z_is_sa; @@ -100,6 +99,8 @@ DECLARE_EVENT_CLASS(zfs_ace_class, __entry->z_is_ctldir = zn->z_is_ctldir; __entry->z_is_stale = zn->z_is_stale; + __entry->i_uid = zfs_uid_read(ZTOI(zn)); + __entry->i_gid = zfs_gid_read(ZTOI(zn)); __entry->i_ino = zn->z_inode.i_ino; __entry->i_nlink = zn->z_inode.i_nlink; __entry->i_version = zn->z_inode.i_version; @@ -118,22 +119,22 @@ DECLARE_EVENT_CLASS(zfs_ace_class, TP_printk("zn { id %llu unlinked %u atime_dirty %u " "zn_prefetch %u moved %u blksz %u seq %u " "mapcnt %llu size %llu pflags %llu " - "uid %llu gid %llu sync_cnt %u mode 0x%x is_sa %d " + "sync_cnt %u mode 0x%x is_sa %d " "is_mapped %d is_ctldir %d is_stale %d inode { " - "ino %lu nlink %u version %llu size %lli blkbits %u " - "bytes %u mode 0x%x generation %x } } ace { type %u " - "flags %u access_mask %u } mask_matched %u", + "uid %u gid %u ino %lu nlink %u version %llu size %lli " + "blkbits %u bytes %u mode 0x%x generation %x } } " + "ace { type %u flags %u access_mask %u } mask_matched %u", __entry->z_id, __entry->z_unlinked, __entry->z_atime_dirty, __entry->z_zn_prefetch, __entry->z_moved, __entry->z_blksz, __entry->z_seq, __entry->z_mapcnt, __entry->z_size, - __entry->z_pflags, __entry->z_uid, - __entry->z_gid, __entry->z_sync_cnt, __entry->z_mode, + __entry->z_pflags, __entry->z_sync_cnt, __entry->z_mode, __entry->z_is_sa, __entry->z_is_mapped, - __entry->z_is_ctldir, __entry->z_is_stale, __entry->i_ino, - __entry->i_nlink, __entry->i_version, __entry->i_size, - __entry->i_blkbits, __entry->i_bytes, __entry->i_mode, - __entry->i_generation, __entry->z_type, __entry->z_flags, - __entry->z_access_mask, __entry->mask_matched) + __entry->z_is_ctldir, __entry->z_is_stale, __entry->i_uid, + __entry->i_gid, __entry->i_ino, __entry->i_nlink, + __entry->i_version, __entry->i_size, __entry->i_blkbits, + __entry->i_bytes, __entry->i_mode, __entry->i_generation, + __entry->z_type, __entry->z_flags, __entry->z_access_mask, + __entry->mask_matched) ); #define DEFINE_ACE_EVENT(name) \ diff --git a/include/sys/zfs_znode.h b/include/sys/zfs_znode.h index bf03c153024b..a12675d6f583 100644 --- a/include/sys/zfs_znode.h +++ b/include/sys/zfs_znode.h @@ -188,8 +188,6 @@ typedef struct znode { uint64_t z_dnodesize; /* dnode size */ uint64_t z_size; /* file size (cached) */ uint64_t z_pflags; /* pflags (cached) */ - uint64_t z_uid; /* uid fuid (cached) */ - uint64_t z_gid; /* gid fuid (cached) */ uint32_t z_sync_cnt; /* synchronous open count */ mode_t z_mode; /* mode (cached) */ kmutex_t z_acl_lock; /* acl data lock */ diff --git a/module/zfs/zfs_acl.c b/module/zfs/zfs_acl.c index 5af0db5563dd..bbb731495634 100644 --- a/module/zfs/zfs_acl.c +++ b/module/zfs/zfs_acl.c @@ -53,6 +53,7 @@ #include #include #include +#include #include "fs/fs_subr.h" #define ALLOW ACE_ACCESS_ALLOWED_ACE_TYPE @@ -1166,7 +1167,8 @@ zfs_acl_chown_setattr(znode_t *zp) error = zfs_acl_node_read(zp, B_TRUE, &aclp, B_FALSE); if (error == 0 && aclp->z_acl_count > 0) zp->z_mode = zfs_mode_compute(zp->z_mode, aclp, - &zp->z_pflags, zp->z_uid, zp->z_gid); + &zp->z_pflags, KUID_TO_SUID(ZTOI(zp)->i_uid), + KGID_TO_SGID(ZTOI(zp)->i_gid)); /* * Some ZFS implementations (ZEVO) create neither a ZNODE_ACL @@ -1324,7 +1326,7 @@ zfs_aclset_common(znode_t *zp, zfs_acl_t *aclp, cred_t *cr, dmu_tx_t *tx) mode = zp->z_mode; mode = zfs_mode_compute(mode, aclp, &zp->z_pflags, - zp->z_uid, zp->z_gid); + zfs_uid_read(ZTOI(zp)), zfs_gid_read(ZTOI(zp))); zp->z_mode = mode; SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zsb), NULL, @@ -1778,7 +1780,7 @@ zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr, (uint64_t)vap->va_gid, cr, ZFS_GROUP, &acl_ids->z_fuidp); gid = vap->va_gid; - if (acl_ids->z_fgid != dzp->z_gid && + if (acl_ids->z_fgid != KGID_TO_SGID(ZTOI(dzp)->i_gid) && !groupmember(vap->va_gid, cr) && secpolicy_vnode_create_gid(cr) != 0) acl_ids->z_fgid = 0; @@ -1788,7 +1790,8 @@ zfs_acl_ids_create(znode_t *dzp, int flag, vattr_t *vap, cred_t *cr, char *domain; uint32_t rid; - acl_ids->z_fgid = dzp->z_gid; + acl_ids->z_fgid = KGID_TO_SGID( + ZTOI(dzp)->i_gid); gid = zfs_fuid_map_id(zsb, acl_ids->z_fgid, cr, ZFS_GROUP); @@ -2340,7 +2343,8 @@ zfs_has_access(znode_t *zp, cred_t *cr) if (zfs_zaccess_aces_check(zp, &have, B_TRUE, cr) != 0) { uid_t owner; - owner = zfs_fuid_map_id(ZTOZSB(zp), zp->z_uid, cr, ZFS_OWNER); + owner = zfs_fuid_map_id(ZTOZSB(zp), + KUID_TO_SUID(ZTOI(zp)->i_uid), cr, ZFS_OWNER); return (secpolicy_vnode_any_access(cr, ZTOI(zp), owner) == 0); } return (B_TRUE); @@ -2418,12 +2422,13 @@ zfs_fastaccesschk_execute(znode_t *zdp, cred_t *cr) return (0); } - if (FUID_INDEX(zdp->z_uid) != 0 || FUID_INDEX(zdp->z_gid) != 0) { + if (KUID_TO_SUID(ZTOI(zdp)->i_uid) != 0 || + KGID_TO_SGID(ZTOI(zdp)->i_gid) != 0) { mutex_exit(&zdp->z_acl_lock); goto slow; } - if (uid == zdp->z_uid) { + if (uid == KUID_TO_SUID(ZTOI(zdp)->i_uid)) { owner = B_TRUE; if (zdp->z_mode & S_IXUSR) { mutex_exit(&zdp->z_acl_lock); @@ -2433,7 +2438,7 @@ zfs_fastaccesschk_execute(znode_t *zdp, cred_t *cr) goto slow; } } - if (groupmember(zdp->z_gid, cr)) { + if (groupmember(KGID_TO_SGID(ZTOI(zdp)->i_gid), cr)) { groupmbr = B_TRUE; if (zdp->z_mode & S_IXGRP) { mutex_exit(&zdp->z_acl_lock); @@ -2513,7 +2518,8 @@ zfs_zaccess(znode_t *zp, int mode, int flags, boolean_t skipaclchk, cred_t *cr) } } - owner = zfs_fuid_map_id(ZTOZSB(zp), zp->z_uid, cr, ZFS_OWNER); + owner = zfs_fuid_map_id(ZTOZSB(zp), KUID_TO_SUID(ZTOI(zp)->i_uid), + cr, ZFS_OWNER); /* * Map the bits required to the standard inode flags * S_IRUSR|S_IWUSR|S_IXUSR in the needed_bits. Map the bits @@ -2642,7 +2648,8 @@ zfs_delete_final_check(znode_t *zp, znode_t *dzp, int error; uid_t downer; - downer = zfs_fuid_map_id(ZTOZSB(dzp), dzp->z_uid, cr, ZFS_OWNER); + downer = zfs_fuid_map_id(ZTOZSB(dzp), KUID_TO_SUID(ZTOI(dzp)->i_uid), + cr, ZFS_OWNER); error = secpolicy_vnode_access2(cr, ZTOI(dzp), downer, available_perms, S_IWUSR|S_IXUSR); diff --git a/module/zfs/zfs_ctldir.c b/module/zfs/zfs_ctldir.c index 5930e62d932e..459f01c98721 100644 --- a/module/zfs/zfs_ctldir.c +++ b/module/zfs/zfs_ctldir.c @@ -479,8 +479,6 @@ zfsctl_inode_alloc(zfs_sb_t *zsb, uint64_t id, zp->z_mapcnt = 0; zp->z_size = 0; zp->z_pflags = 0; - zp->z_uid = 0; - zp->z_gid = 0; zp->z_mode = 0; zp->z_sync_cnt = 0; zp->z_is_mapped = B_FALSE; diff --git a/module/zfs/zfs_dir.c b/module/zfs/zfs_dir.c index 564f715967d2..8eee626d9814 100644 --- a/module/zfs/zfs_dir.c +++ b/module/zfs/zfs_dir.c @@ -1104,8 +1104,10 @@ zfs_sticky_remove_access(znode_t *zdp, znode_t *zp, cred_t *cr) if ((zdp->z_mode & S_ISVTX) == 0) return (0); - downer = zfs_fuid_map_id(zsb, zdp->z_uid, cr, ZFS_OWNER); - fowner = zfs_fuid_map_id(zsb, zp->z_uid, cr, ZFS_OWNER); + downer = zfs_fuid_map_id(zsb, KUID_TO_SUID(ZTOI(zdp)->i_uid), + cr, ZFS_OWNER); + fowner = zfs_fuid_map_id(zsb, KUID_TO_SUID(ZTOI(zp)->i_uid), + cr, ZFS_OWNER); if ((uid = crgetuid(cr)) == downer || uid == fowner || (S_ISDIR(ZTOI(zp)->i_mode) && diff --git a/module/zfs/zfs_fuid.c b/module/zfs/zfs_fuid.c index 6ca61b87242f..eb0ffe419d16 100644 --- a/module/zfs/zfs_fuid.c +++ b/module/zfs/zfs_fuid.c @@ -387,8 +387,10 @@ zfs_fuid_find_by_idx(zfs_sb_t *zsb, uint32_t idx) void zfs_fuid_map_ids(znode_t *zp, cred_t *cr, uid_t *uidp, uid_t *gidp) { - *uidp = zfs_fuid_map_id(ZTOZSB(zp), zp->z_uid, cr, ZFS_OWNER); - *gidp = zfs_fuid_map_id(ZTOZSB(zp), zp->z_gid, cr, ZFS_GROUP); + *uidp = zfs_fuid_map_id(ZTOZSB(zp), KUID_TO_SUID(ZTOI(zp)->i_uid), + cr, ZFS_OWNER); + *gidp = zfs_fuid_map_id(ZTOZSB(zp), KGID_TO_SGID(ZTOI(zp)->i_gid), + cr, ZFS_GROUP); } uid_t diff --git a/module/zfs/zfs_log.c b/module/zfs/zfs_log.c index 4d89cb04b592..69efb3c16132 100644 --- a/module/zfs/zfs_log.c +++ b/module/zfs/zfs_log.c @@ -282,13 +282,13 @@ zfs_log_create(zilog_t *zilog, dmu_tx_t *tx, uint64_t txtype, /* Store dnode slot count in 8 bits above object id. */ LR_FOID_SET_SLOTS(lr->lr_foid, zp->z_dnodesize >> DNODE_SHIFT); lr->lr_mode = zp->z_mode; - if (!IS_EPHEMERAL(zp->z_uid)) { - lr->lr_uid = (uint64_t)zp->z_uid; + if (!IS_EPHEMERAL(KUID_TO_SUID(ZTOI(zp)->i_uid))) { + lr->lr_uid = (uint64_t)KUID_TO_SUID(ZTOI(zp)->i_uid); } else { lr->lr_uid = fuidp->z_fuid_owner; } - if (!IS_EPHEMERAL(zp->z_gid)) { - lr->lr_gid = (uint64_t)zp->z_gid; + if (!IS_EPHEMERAL(KGID_TO_SGID(ZTOI(zp)->i_gid))) { + lr->lr_gid = (uint64_t)KGID_TO_SGID(ZTOI(zp)->i_gid); } else { lr->lr_gid = fuidp->z_fuid_group; } @@ -407,8 +407,8 @@ zfs_log_symlink(zilog_t *zilog, dmu_tx_t *tx, uint64_t txtype, lr = (lr_create_t *)&itx->itx_lr; lr->lr_doid = dzp->z_id; lr->lr_foid = zp->z_id; - lr->lr_uid = zp->z_uid; - lr->lr_gid = zp->z_gid; + lr->lr_uid = KUID_TO_SUID(ZTOI(zp)->i_uid); + lr->lr_gid = KGID_TO_SGID(ZTOI(zp)->i_gid); lr->lr_mode = zp->z_mode; (void) sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(ZTOZSB(zp)), &lr->lr_gen, sizeof (uint64_t)); diff --git a/module/zfs/zfs_vfsops.c b/module/zfs/zfs_vfsops.c index 8486510912b6..d8b27461aacc 100644 --- a/module/zfs/zfs_vfsops.c +++ b/module/zfs/zfs_vfsops.c @@ -627,10 +627,11 @@ zfs_owner_overquota(zfs_sb_t *zsb, znode_t *zp, boolean_t isgroup) { uint64_t fuid; uint64_t quotaobj; + struct inode *ip = ZTOI(zp); quotaobj = isgroup ? zsb->z_groupquota_obj : zsb->z_userquota_obj; - fuid = isgroup ? zp->z_gid : zp->z_uid; + fuid = isgroup ? KGID_TO_SGID(ip->i_gid) : KUID_TO_SUID(ip->i_uid); if (quotaobj == 0 || zsb->z_replay) return (B_FALSE); diff --git a/module/zfs/zfs_vnops.c b/module/zfs/zfs_vnops.c index bc3dd2166914..bde2140d013d 100644 --- a/module/zfs/zfs_vnops.c +++ b/module/zfs/zfs_vnops.c @@ -602,6 +602,7 @@ zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr) int count = 0; sa_bulk_attr_t bulk[4]; uint64_t mtime[2], ctime[2]; + uint32_t uid; ASSERTV(int iovcnt = uio->uio_iovcnt); /* @@ -862,11 +863,12 @@ zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr) * user 0 is not an ephemeral uid. */ mutex_enter(&zp->z_acl_lock); + uid = KUID_TO_SUID(ip->i_uid); if ((zp->z_mode & (S_IXUSR | (S_IXUSR >> 3) | (S_IXUSR >> 6))) != 0 && (zp->z_mode & (S_ISUID | S_ISGID)) != 0 && secpolicy_vnode_setid_retain(cr, - (zp->z_mode & S_ISUID) != 0 && zp->z_uid == 0) != 0) { + ((zp->z_mode & S_ISUID) != 0 && uid == 0)) != 0) { uint64_t newmode; zp->z_mode &= ~(S_ISUID | S_ISGID); newmode = zp->z_mode; @@ -2844,7 +2846,7 @@ zfs_setattr(struct inode *ip, vattr_t *vap, int flags, cred_t *cr) if (mask & ATTR_UID) { new_uid = zfs_fuid_create(zsb, (uint64_t)vap->va_uid, cr, ZFS_OWNER, &fuidp); - if (new_uid != zp->z_uid && + if (new_uid != KUID_TO_SUID(ZTOI(zp)->i_uid) && zfs_fuid_overquota(zsb, B_FALSE, new_uid)) { if (attrzp) iput(ZTOI(attrzp)); @@ -2856,7 +2858,7 @@ zfs_setattr(struct inode *ip, vattr_t *vap, int flags, cred_t *cr) if (mask & ATTR_GID) { new_gid = zfs_fuid_create(zsb, (uint64_t)vap->va_gid, cr, ZFS_GROUP, &fuidp); - if (new_gid != zp->z_gid && + if (new_gid != KGID_TO_SGID(ZTOI(zp)->i_gid) && zfs_fuid_overquota(zsb, B_TRUE, new_gid)) { if (attrzp) iput(ZTOI(attrzp)); @@ -2950,24 +2952,24 @@ zfs_setattr(struct inode *ip, vattr_t *vap, int flags, cred_t *cr) if (mask & ATTR_UID) { SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zsb), NULL, &new_uid, sizeof (new_uid)); - zp->z_uid = new_uid; + ZTOI(zp)->i_uid = SUID_TO_KUID(new_uid); if (attrzp) { SA_ADD_BULK_ATTR(xattr_bulk, xattr_count, SA_ZPL_UID(zsb), NULL, &new_uid, sizeof (new_uid)); - attrzp->z_uid = new_uid; + ZTOI(attrzp)->i_uid = SUID_TO_KUID(new_uid); } } if (mask & ATTR_GID) { SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zsb), NULL, &new_gid, sizeof (new_gid)); - zp->z_gid = new_gid; + ZTOI(zp)->i_gid = SGID_TO_KGID(new_gid); if (attrzp) { SA_ADD_BULK_ATTR(xattr_bulk, xattr_count, SA_ZPL_GID(zsb), NULL, &new_gid, sizeof (new_gid)); - attrzp->z_gid = new_gid; + ZTOI(attrzp)->i_gid = SGID_TO_KGID(new_gid); } } if (!(mask & ATTR_MODE)) { @@ -3847,7 +3849,7 @@ zfs_link(struct inode *tdip, struct inode *sip, char *name, cred_t *cr, return (SET_ERROR(EINVAL)); } - owner = zfs_fuid_map_id(zsb, szp->z_uid, cr, ZFS_OWNER); + owner = zfs_fuid_map_id(zsb, KUID_TO_SUID(sip->i_uid), cr, ZFS_OWNER); if (owner != crgetuid(cr) && secpolicy_basic_link(cr) != 0) { ZFS_EXIT(zsb); return (SET_ERROR(EPERM)); diff --git a/module/zfs/zfs_znode.c b/module/zfs/zfs_znode.c index ac49c95a56e6..b43b576e88a2 100644 --- a/module/zfs/zfs_znode.c +++ b/module/zfs/zfs_znode.c @@ -533,8 +533,6 @@ zfs_inode_update_impl(znode_t *zp, boolean_t new) dmu_object_size_from_db(sa_get_db(zp->z_sa_hdl), &blksize, &i_blocks); spin_lock(&ip->i_lock); - ip->i_uid = SUID_TO_KUID(zp->z_uid); - ip->i_gid = SGID_TO_KGID(zp->z_gid); ip->i_mode = zp->z_mode; zfs_set_inode_flags(zp, ip); ip->i_blkbits = SPA_MINBLOCKSHIFT; @@ -582,6 +580,7 @@ zfs_znode_alloc(zfs_sb_t *zsb, dmu_buf_t *db, int blksz, uint64_t parent; uint64_t tmp_gen; uint64_t links; + uint64_t z_uid, z_gid; sa_bulk_attr_t bulk[8]; int count = 0; @@ -621,8 +620,8 @@ zfs_znode_alloc(zfs_sb_t *zsb, dmu_buf_t *db, int blksz, &zp->z_pflags, 8); SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_PARENT(zsb), NULL, &parent, 8); - SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zsb), NULL, &zp->z_uid, 8); - SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zsb), NULL, &zp->z_gid, 8); + SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zsb), NULL, &z_uid, 8); + SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zsb), NULL, &z_gid, 8); if (sa_bulk_lookup(zp->z_sa_hdl, bulk, count) != 0 || tmp_gen == 0) { @@ -636,6 +635,8 @@ zfs_znode_alloc(zfs_sb_t *zsb, dmu_buf_t *db, int blksz, zp->z_mode = mode; ip->i_generation = (uint32_t)tmp_gen; set_nlink(ip, (uint32_t)links); + zfs_uid_write(ip, z_uid); + zfs_gid_write(ip, z_gid); ip->i_ino = obj; zfs_inode_update_new(zp); @@ -1159,6 +1160,7 @@ zfs_rezget(znode_t *zp) int err; int count = 0; uint64_t gen; + uint64_t z_uid, z_gid; znode_hold_t *zh; /* @@ -1216,9 +1218,9 @@ zfs_rezget(znode_t *zp) SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zsb), NULL, &zp->z_pflags, sizeof (zp->z_pflags)); SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zsb), NULL, - &zp->z_uid, sizeof (zp->z_uid)); + &z_uid, sizeof (z_uid)); SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zsb), NULL, - &zp->z_gid, sizeof (zp->z_gid)); + &z_gid, sizeof (z_gid)); SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zsb), NULL, &mode, sizeof (mode)); @@ -1229,6 +1231,8 @@ zfs_rezget(znode_t *zp) } zp->z_mode = mode; + zfs_uid_write(ZTOI(zp), z_uid); + zfs_gid_write(ZTOI(zp), z_gid); if (gen != ZTOI(zp)->i_generation) { zfs_znode_dmu_fini(zp);