Bug 2179877 - Backport idmapped mount upstream fixes before enablement of idmapped mounts
Summary: Backport idmapped mount upstream fixes before enablement of idmapped mounts
Keywords:
Status: VERIFIED
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: kernel
Version: 9.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Alexey Gladkov
QA Contact: Chao Ye
URL:
Whiteboard:
Depends On:
Blocks: 2132410
TreeView+ depends on / blocked
 
Reported: 2023-03-20 10:34 UTC by Adrian Reber
Modified: 2023-06-30 22:22 UTC (History)
3 users (show)

Fixed In Version: kernel-5.14.0-334.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Gitlab redhat/centos-stream/src/kernel centos-stream-9 merge_requests 2179 0 None opened Revert "Disable idmapped mounts" 2023-06-13 10:03:07 UTC
Gitlab redhat/centos-stream/src/kernel centos-stream-9 merge_requests 2207 0 None opened fs: backport idmapped mounts fixes 2023-03-21 13:15:39 UTC
Red Hat Issue Tracker RHELPLAN-152335 0 None None None 2023-03-20 10:36:44 UTC

Description Adrian Reber 2023-03-20 10:34:18 UTC 
Before enabling idmapped mounts in RHEL the following upstream patches need to backported:

1. https://github.com/torvalds/linux/commit/968219708108440b23bc292e0486e3cc1d9a1bed
2. https://github.com/torvalds/linux/commit/012e332286e2bb9f6ac77d195f17e74b2963d663
3. https://github.com/torvalds/linux/commit/168f912893407a5acb798a4a58613b5f1f98c717
4. https://github.com/torvalds/linux/commit/bf1ac16edf6770a92bc75cf2373f1f9feea398a4
5. https://github.com/torvalds/linux/commit/42d0c4bdf753063b6eec55415003184d3ca24f6e
6. https://github.com/torvalds/linux/commit/d1c56bfdaca465bd1d0e913053a9c5cafe8b6a6c

All of these should already exist in the different LTS releases upstream.

Once these patches have been backported we can think about how to enable idmapped mounts (with a sysctl or not).
Comment 1 Adrian Reber 2023-03-20 10:36:37 UTC 
After talking with upstream I was pointed to a branch which already contains all patches for 5.14: https://github.com/brauner/linux-pidfd/commits/vfs.idmapped.backport.v5.14
Comment 2 Alexey Gladkov 2023-03-20 15:41:18 UTC 
> https://github.com/torvalds/linux/commit/d1c56bfdaca465bd1d0e913053a9c5cafe8b6a6c

This patch should be backported along with MR[1] as they conflict. After backporting the fixes, I will add this patch to MR[1] which allows idmapped mounts.

[1] https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/2179
Comment 5 Adrian Reber 2023-03-22 12:32:31 UTC 
(In reply to Alexey Gladkov from comment #2)
> > https://github.com/torvalds/linux/commit/d1c56bfdaca465bd1d0e913053a9c5cafe8b6a6c
> 
> This patch should be backported along with MR[1] as they conflict. After
> backporting the fixes, I will add this patch to MR[1] which allows idmapped
> mounts.
> 
> [1]
> https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/
> merge_requests/2179

Good idea.
Comment 8 Alexey Gladkov 2023-03-28 13:01:14 UTC 
@cye can I get qa_ack+ ?
Comment 9 Alexey Gladkov 2023-03-28 13:33:22 UTC 
Thanks!
Comment 10 Chao Ye 2023-04-03 02:46:08 UTC 
Namespace function test pass with 5.14.0-291.2207_819415434.el9.x86_64:
https://beaker.engineering.redhat.com/jobs/7684079

Set verified:tested.
Note You need to log in before you can comment on or make changes to this bug.