From: Darrick J. Wong Date: Thu, 24 Apr 2025 21:42:20 +0000 (-0700) Subject: fuse2fs: add an easy option for emulating kernel access behaviors X-Git-Tag: v1.47.3-rc1~94 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=667ea124cf16c45f3a35b3ba024a3add962788c7;p=thirdparty%2Fe2fsprogs.git fuse2fs: add an easy option for emulating kernel access behaviors By default, fuse doesn't allow processes with a uid/gid that don't match those of the server process to access the fuse mount, it doesn't allow suid files or devices, and it relies on the fuse server to perform permissions checking. This is a secure default for very untrusted filesystems, but it's possible that we might actually want to allow general access to an ext4 filesystem as part of containerizing the ext4 metadata parsing. In other words, we want the kernel access control behavior. Add an "kernel" mount option that moves most of the access permissions interpretation back into the kernel, and logs mount/unmount/error messages to dmesg. Right now this is mostly useful for fstests, so we leave it off by default. Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/174553065033.1160461.1393760776420459221.stgit@frogsfrogsfrogs Signed-off-by: Theodore Ts'o --- diff --git a/misc/fuse2fs.1.in b/misc/fuse2fs.1.in index 1a0c9d54..517c67ff 100644 --- a/misc/fuse2fs.1.in +++ b/misc/fuse2fs.1.in @@ -53,6 +53,15 @@ do not replay the journal and mount the file system read-only .TP \fB-o\fR fuse2fs_debug enable fuse2fs debugging +.TP +.BR -o kernel +Behave more like the kernel ext4 driver in the following ways: +Allows processes owned by other users to access the filesystem. +Uses the kernel's permissions checking logic instead of fuse2fs's. +Enables setuid and device files. +Note that these options can still be overridden (e.g. +.I nosuid +) later. .SS "FUSE options:" .TP \fB-d -o\fR debug diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c index 1f24266b..bacbec2e 100644 --- a/misc/fuse2fs.c +++ b/misc/fuse2fs.c @@ -52,6 +52,7 @@ #endif #include "../version.h" +#include "uuid/uuid.h" #ifdef ENABLE_NLS #include @@ -156,6 +157,7 @@ struct fuse2fs { int fakeroot; int alloc_all_blocks; int norecovery; + int kernel; unsigned long offset; unsigned int next_generation; }; @@ -556,6 +558,13 @@ static void op_destroy(void *p EXT2FS_ATTR((unused))) if (err) translate_error(fs, 0, err); } + + if (ff->kernel) { + char uuid[UUID_STR_SIZE]; + + uuid_unparse(fs->super->s_uuid, uuid); + log_printf(ff, "%s %s.\n", _("unmounting filesystem"), uuid); + } } static void *op_init(struct fuse_conn_info *conn @@ -589,6 +598,13 @@ static void *op_init(struct fuse_conn_info *conn } if (ff->debug) cfg->debug = 1; + + if (ff->kernel) { + char uuid[UUID_STR_SIZE]; + + uuid_unparse(fs->super->s_uuid, uuid); + log_printf(ff, "%s %s.\n", _("mounted filesystem"), uuid); + } return ff; } @@ -3506,6 +3522,7 @@ static struct fuse_opt fuse2fs_opts[] = { FUSE2FS_OPT("no_default_opts", no_default_opts, 1), FUSE2FS_OPT("norecovery", norecovery, 1), FUSE2FS_OPT("offset=%lu", offset, 0), + FUSE2FS_OPT("kernel", kernel, 1), FUSE_OPT_KEY("acl", FUSE2FS_IGNORED), FUSE_OPT_KEY("user_xattr", FUSE2FS_IGNORED), @@ -3551,6 +3568,8 @@ static int fuse2fs_opt_proc(void *data, const char *arg, " -o offset= similar to mount -o offset=, mount the partition starting at \n" " -o norecovery don't replay the journal\n" " -o fuse2fs_debug enable fuse2fs debugging\n" + " -o kernel run this as if it were the kernel, which sets:\n" + " allow_others,default_permissions,suid,dev\n" "\n", outargs->argv[0]); if (key == FUSE2FS_HELPFULL) { @@ -3636,6 +3655,13 @@ int main(int argc, char *argv[]) } stderr = fp; stdout = fp; + } else if (fctx.kernel) { + /* in kernel mode, try to log errors to the kernel log */ + FILE *fp = fopen("/dev/ttyprintk", "a"); + if (fp) { + stderr = fp; + stdout = fp; + } } /* Will we allow users to allocate every last block? */ @@ -3768,6 +3794,10 @@ int main(int argc, char *argv[]) #endif } + if (fctx.kernel) + fuse_opt_insert_arg(&args, 1, + "-oallow_other,default_permissions,suid,dev"); + if (fctx.debug) { int i;