From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 8832B1FF136 for ; Mon, 20 Apr 2026 17:25:10 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id C8A0069CD; Mon, 20 Apr 2026 17:25:08 +0200 (CEST) From: Stoiko Ivanov To: pve-devel@lists.proxmox.com Subject: [PATCH zfsonlinux] d/patches: add further patches for kernel 7.0 compatibility Date: Mon, 20 Apr 2026 17:24:26 +0200 Message-ID: <20260420152446.2596104-1-s.ivanov@proxmox.com> X-Mailer: git-send-email 2.47.3 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1776698609968 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.187 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LOTSOFHASH 0.25 Emails with lots of hash-like gibberish POISEN_SPAM_PILL 0.1 Meta: its spam POISEN_SPAM_PILL_1 0.1 random spam to be learned in bayes POISEN_SPAM_PILL_3 0.1 random spam to be learned in bayes SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: GASLF7I2OAXCOSNSOT2QBHGVPUJSQZKR X-Message-ID-Hash: GASLF7I2OAXCOSNSOT2QBHGVPUJSQZKR X-MailFrom: s.ivanov@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: noticed that NFS-shares on ZFS with kernel 7.0 return EINVAL on vzdump backups being stored there. (strace showed that it was a `openat2` call with O_DIRECTORY, which failed). looking through the recent changes the following commit: d8c08a1ce ("Linux 7.0: also set setlease handler on directories (#18331)") seemed promising. Additionally replace the META patch for kernel compat with the one merged upstream. tested by building a kernel 7.0 with these patches applied and verifying that a previously failing vzdump to a NFS-storage on a ZFS dataset runs through successfully. Signed-off-by: Stoiko Ivanov --- ...itly-set-setlease-handler-to-kernel-.patch | 26 +++--- ...ueue_nonrot-renamed-to-blk_queue_rot.patch | 4 +- ...ix_acl_to_xattr-now-allocates-memory.patch | 4 +- ...ims-for-the-fs_context-based-mount-A.patch | 4 +- .../0014-Linux-7.0-WIP-compat-META.patch | 24 ------ ...et-setlease-handler-on-directories-1.patch | 36 +++++++++ ...nf-Remove-copy-from-user-inatomic-AP.patch | 79 +++++++++++++++++++ ...re-LSMs-get-to-process-mount-options.patch | 67 ++++++++++++++++ .../patches/0017-Linux-7.0-compat-META.patch | 28 +++++++ debian/patches/series | 5 +- 10 files changed, 233 insertions(+), 44 deletions(-) delete mode 100644 debian/patches/0014-Linux-7.0-WIP-compat-META.patch create mode 100644 debian/patches/0014-Linux-7.0-also-set-setlease-handler-on-directories-1.patch create mode 100644 debian/patches/0015-Linux-7.0-autoconf-Remove-copy-from-user-inatomic-AP.patch create mode 100644 debian/patches/0016-Linux-7.0-ensure-LSMs-get-to-process-mount-options.patch create mode 100644 debian/patches/0017-Linux-7.0-compat-META.patch diff --git a/debian/patches/0010-Linux-7.0-explicitly-set-setlease-handler-to-kernel-.patch b/debian/patches/0010-Linux-7.0-explicitly-set-setlease-handler-to-kernel-.patch index bfb563c86..11cc352e0 100644 --- a/debian/patches/0010-Linux-7.0-explicitly-set-setlease-handler-to-kernel-.patch +++ b/debian/patches/0010-Linux-7.0-explicitly-set-setlease-handler-to-kernel-.patch @@ -42,7 +42,7 @@ Signed-off-by: Thomas Lamprecht diff --git a/config/kernel-filelock.m4 b/config/kernel-filelock.m4 new file mode 100644 -index 000000000..5e8d7c784 +index 0000000000000000000000000000000000000000..5e8d7c78469227eb769a91a3a8add4d55c1ba58c --- /dev/null +++ b/config/kernel-filelock.m4 @@ -0,0 +1,23 @@ @@ -70,7 +70,7 @@ index 000000000..5e8d7c784 +]) + diff --git a/config/kernel.m4 b/config/kernel.m4 -index eb2e827d5..df1685066 100644 +index eb2e827d5cbf92537993d6d79340431e7b6a3b35..df168506691dec7b9479da12e9ac9e08694853c4 100644 --- a/config/kernel.m4 +++ b/config/kernel.m4 @@ -140,6 +140,7 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_SRC], [ @@ -90,7 +90,7 @@ index eb2e827d5..df1685066 100644 powerpc*) ZFS_AC_KERNEL_CPU_HAS_FEATURE diff --git a/module/os/linux/zfs/zpl_file.c b/module/os/linux/zfs/zpl_file.c -index f7691c02d..30f3e3855 100644 +index f7691c02d1634164c751df9eab36a641fc53a86e..30f3e3855355332aa10402791429cb4dc326f077 100644 --- a/module/os/linux/zfs/zpl_file.c +++ b/module/os/linux/zfs/zpl_file.c @@ -43,6 +43,9 @@ @@ -112,7 +112,7 @@ index f7691c02d..30f3e3855 100644 #ifdef HAVE_VFS_CLONE_FILE_RANGE .clone_file_range = zpl_clone_file_range, diff --git a/scripts/zfs-tests.sh b/scripts/zfs-tests.sh -index 09a15bafc..697c3f304 100755 +index 09a15bafc27e87a036d547832d80549ffc7da5a6..697c3f304d8150b157935b08e161e7aec531fa54 100755 --- a/scripts/zfs-tests.sh +++ b/scripts/zfs-tests.sh @@ -294,6 +294,16 @@ constrain_path() { @@ -146,7 +146,7 @@ index 09a15bafc..697c3f304 100755 # Exceptions diff --git a/tests/runfiles/linux.run b/tests/runfiles/linux.run -index a65633dd8..2717bf53d 100644 +index a65633dd8cfb276ff68894f4bcd3ecffcc1bc862..2717bf53d0b1ad1fbb5447a0d8ee20d98efff54b 100644 --- a/tests/runfiles/linux.run +++ b/tests/runfiles/linux.run @@ -141,6 +141,10 @@ pre = @@ -161,7 +161,7 @@ index a65633dd8..2717bf53d 100644 tests = ['longname_001_pos', 'longname_002_pos', 'longname_003_pos'] tags = ['functional', 'longname'] diff --git a/tests/zfs-tests/cmd/.gitignore b/tests/zfs-tests/cmd/.gitignore -index 62f1684ac..335e4ceba 100644 +index 62f1684acfb4bfafe8e511e2d69f1af13b73ced1..335e4ceba28200b137abce25038a8989263c7663 100644 --- a/tests/zfs-tests/cmd/.gitignore +++ b/tests/zfs-tests/cmd/.gitignore @@ -58,3 +58,4 @@ @@ -170,7 +170,7 @@ index 62f1684ac..335e4ceba 100644 /statx +/setlease diff --git a/tests/zfs-tests/cmd/Makefile.am b/tests/zfs-tests/cmd/Makefile.am -index 85c3cf3c3..f07e7fda1 100644 +index 85c3cf3c35a8cdfb6ba7f95ab48d942cdc85e0d9..f07e7fda14fd2c63b500dc14b08922373ea1a189 100644 --- a/tests/zfs-tests/cmd/Makefile.am +++ b/tests/zfs-tests/cmd/Makefile.am @@ -132,6 +132,7 @@ scripts_zfs_tests_bin_PROGRAMS += %D%/statx @@ -183,7 +183,7 @@ index 85c3cf3c3..f07e7fda1 100644 diff --git a/tests/zfs-tests/cmd/setlease.c b/tests/zfs-tests/cmd/setlease.c new file mode 100644 -index 000000000..12bcbd91b +index 0000000000000000000000000000000000000000..12bcbd91beb53750a616aa1604a5d7bd9450af6c --- /dev/null +++ b/tests/zfs-tests/cmd/setlease.c @@ -0,0 +1,126 @@ @@ -314,7 +314,7 @@ index 000000000..12bcbd91b + return (0); +} diff --git a/tests/zfs-tests/include/commands.cfg b/tests/zfs-tests/include/commands.cfg -index 1c4d25e15..4ba9aa7c8 100644 +index 1c4d25e152a73d3ea17d59280b66b0df7ef65c37..4ba9aa7c8b676975cb147fc74124488097936823 100644 --- a/tests/zfs-tests/include/commands.cfg +++ b/tests/zfs-tests/include/commands.cfg @@ -182,7 +182,7 @@ export ZFS_FILES='zdb @@ -334,7 +334,7 @@ index 1c4d25e15..4ba9aa7c8 100644 +export ZFSTEST_FILES_LINUX=' + setlease' diff --git a/tests/zfs-tests/tests/Makefile.am b/tests/zfs-tests/tests/Makefile.am -index 99477a743..d14592ffa 100644 +index 99477a74326a5e47bffabdcd89c850f9a3ed3cf4..d14592ffa5d69e37b098213d2ccd97ae0a9d83d5 100644 --- a/tests/zfs-tests/tests/Makefile.am +++ b/tests/zfs-tests/tests/Makefile.am @@ -1655,6 +1655,9 @@ nobase_dist_datadir_zfs_tests_tests_SCRIPTS += \ @@ -349,7 +349,7 @@ index 99477a743..d14592ffa 100644 functional/l2arc/l2arc_l2miss_pos.ksh \ diff --git a/tests/zfs-tests/tests/functional/lease/cleanup.ksh b/tests/zfs-tests/tests/functional/lease/cleanup.ksh new file mode 100755 -index 000000000..5e73dd349 +index 0000000000000000000000000000000000000000..5e73dd34936e1c6ebc7c1c8a1a7d8274677a4191 --- /dev/null +++ b/tests/zfs-tests/tests/functional/lease/cleanup.ksh @@ -0,0 +1,26 @@ @@ -381,7 +381,7 @@ index 000000000..5e73dd349 +default_cleanup diff --git a/tests/zfs-tests/tests/functional/lease/lease_setlease.ksh b/tests/zfs-tests/tests/functional/lease/lease_setlease.ksh new file mode 100755 -index 000000000..8647d0199 +index 0000000000000000000000000000000000000000..8647d01995c32f58d3e37fafea0013b7795af0d7 --- /dev/null +++ b/tests/zfs-tests/tests/functional/lease/lease_setlease.ksh @@ -0,0 +1,44 @@ @@ -431,7 +431,7 @@ index 000000000..8647d0199 +log_pass "F_SETLEASE is supported" diff --git a/tests/zfs-tests/tests/functional/lease/setup.ksh b/tests/zfs-tests/tests/functional/lease/setup.ksh new file mode 100755 -index 000000000..09da91b0f +index 0000000000000000000000000000000000000000..09da91b0f93f70f98a91107ca687549801a67074 --- /dev/null +++ b/tests/zfs-tests/tests/functional/lease/setup.ksh @@ -0,0 +1,27 @@ diff --git a/debian/patches/0011-Linux-7.0-blk_queue_nonrot-renamed-to-blk_queue_rot.patch b/debian/patches/0011-Linux-7.0-blk_queue_nonrot-renamed-to-blk_queue_rot.patch index 09bd98589..8c5c17946 100644 --- a/debian/patches/0011-Linux-7.0-blk_queue_nonrot-renamed-to-blk_queue_rot.patch +++ b/debian/patches/0011-Linux-7.0-blk_queue_nonrot-renamed-to-blk_queue_rot.patch @@ -19,7 +19,7 @@ Signed-off-by: Thomas Lamprecht 2 files changed, 30 insertions(+) diff --git a/config/kernel-blk-queue.m4 b/config/kernel-blk-queue.m4 -index cd2b143e8..c6479b51d 100644 +index cd2b143e89a0892af2e7a1cc40154cfcf1210d44..c6479b51da8c0faef6f54687149644d6cf321e9e 100644 --- a/config/kernel-blk-queue.m4 +++ b/config/kernel-blk-queue.m4 @@ -225,6 +225,30 @@ AC_DEFUN([ZFS_AC_KERNEL_BLK_QUEUE_MAX_HW_SECTORS], [ @@ -69,7 +69,7 @@ index cd2b143e8..c6479b51d 100644 ZFS_AC_KERNEL_BLK_MQ_RQ_HCTX ]) diff --git a/module/os/linux/zfs/vdev_disk.c b/module/os/linux/zfs/vdev_disk.c -index 1bd3500e9..ab7457b04 100644 +index 1bd3500e9f6665b0b23878ca575e57161a5031a7..ab7457b04e2e3bd30167a61f28f6c1aa24bdf8a6 100644 --- a/module/os/linux/zfs/vdev_disk.c +++ b/module/os/linux/zfs/vdev_disk.c @@ -445,7 +445,11 @@ vdev_disk_open(vdev_t *v, uint64_t *psize, uint64_t *max_psize, diff --git a/debian/patches/0012-Linux-7.0-posix_acl_to_xattr-now-allocates-memory.patch b/debian/patches/0012-Linux-7.0-posix_acl_to_xattr-now-allocates-memory.patch index bb97a96f5..924884801 100644 --- a/debian/patches/0012-Linux-7.0-posix_acl_to_xattr-now-allocates-memory.patch +++ b/debian/patches/0012-Linux-7.0-posix_acl_to_xattr-now-allocates-memory.patch @@ -27,7 +27,7 @@ Signed-off-by: Thomas Lamprecht 2 files changed, 48 insertions(+) diff --git a/config/kernel-acl.m4 b/config/kernel-acl.m4 -index 3dbd97948..4393e3ab8 100644 +index 3dbd97948189c1af6487a3ce1d035b46fc0e993e..4393e3ab8b5e0175434f5dc61fdb224ae713774b 100644 --- a/config/kernel-acl.m4 +++ b/config/kernel-acl.m4 @@ -21,6 +21,35 @@ AC_DEFUN([ZFS_AC_KERNEL_POSIX_ACL_EQUIV_MODE_WANTS_UMODE_T], [ @@ -82,7 +82,7 @@ index 3dbd97948..4393e3ab8 100644 ZFS_AC_KERNEL_INODE_OPERATIONS_SET_ACL ]) diff --git a/include/os/linux/kernel/linux/xattr_compat.h b/include/os/linux/kernel/linux/xattr_compat.h -index f2f7e1ed0..39645c190 100644 +index f2f7e1ed017f6002ff2f1b59de25dc3dd6a04785..39645c19094f13b16e12f98ff7afa532b6105d4f 100644 --- a/include/os/linux/kernel/linux/xattr_compat.h +++ b/include/os/linux/kernel/linux/xattr_compat.h @@ -130,10 +130,27 @@ zpl_acl_from_xattr(const void *value, int size) diff --git a/debian/patches/0013-Linux-7.0-add-shims-for-the-fs_context-based-mount-A.patch b/debian/patches/0013-Linux-7.0-add-shims-for-the-fs_context-based-mount-A.patch index 0ef647a1e..73ccba85a 100644 --- a/debian/patches/0013-Linux-7.0-add-shims-for-the-fs_context-based-mount-A.patch +++ b/debian/patches/0013-Linux-7.0-add-shims-for-the-fs_context-based-mount-A.patch @@ -20,7 +20,7 @@ Signed-off-by: Thomas Lamprecht 2 files changed, 72 insertions(+), 1 deletion(-) diff --git a/config/kernel-fst-mount.m4 b/config/kernel-fst-mount.m4 -index 576f5f012..798acf19b 100644 +index 576f5f0129c555b418668762cf183c165b3bf05a..798acf19b79d22adfc59a48a832af757fc4fb47f 100644 --- a/config/kernel-fst-mount.m4 +++ b/config/kernel-fst-mount.m4 @@ -3,6 +3,10 @@ dnl # 2.6.38 API change @@ -45,7 +45,7 @@ index 576f5f012..798acf19b 100644 ]) ]) diff --git a/module/os/linux/zfs/zpl_super.c b/module/os/linux/zfs/zpl_super.c -index 347b35250..d509152b6 100644 +index 347b352506e54b0a5b5ff2b3d8fd3d549941183c..d509152b692133f5dd0339e750dba50160e37232 100644 --- a/module/os/linux/zfs/zpl_super.c +++ b/module/os/linux/zfs/zpl_super.c @@ -24,6 +24,7 @@ diff --git a/debian/patches/0014-Linux-7.0-WIP-compat-META.patch b/debian/patches/0014-Linux-7.0-WIP-compat-META.patch deleted file mode 100644 index 856e68d94..000000000 --- a/debian/patches/0014-Linux-7.0-WIP-compat-META.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Thomas Lamprecht -Date: Mon, 9 Mar 2026 20:53:31 +0100 -Subject: [PATCH] Linux 7.0 WIP compat: META - -Update the META file to reflect compatibility with the 7.0 kernel to -unblock build of the release candidates. - -Signed-off-by: Thomas Lamprecht ---- - META | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/META b/META -index c6d7e3e94..805ab052f 100644 ---- a/META -+++ b/META -@@ -6,5 +6,5 @@ Release: 1 - Release-Tags: relext - License: CDDL - Author: OpenZFS --Linux-Maximum: 6.19 -+Linux-Maximum: 7.0 - Linux-Minimum: 4.18 diff --git a/debian/patches/0014-Linux-7.0-also-set-setlease-handler-on-directories-1.patch b/debian/patches/0014-Linux-7.0-also-set-setlease-handler-on-directories-1.patch new file mode 100644 index 000000000..819c0726a --- /dev/null +++ b/debian/patches/0014-Linux-7.0-also-set-setlease-handler-on-directories-1.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Rob Norris +Date: Wed, 18 Mar 2026 09:28:30 +1100 +Subject: [PATCH] Linux 7.0: also set setlease handler on directories (#18331) + +It turns out the kernel can also take directory leases, most notably in +the NFS server. Without a setlease handler on the directory file ops, +attempts to open a directory over NFS can fail with EINVAL. + +Adding a directory setlease handler was missed in 168023b603. This fixes +that, allowing directories to be properly accessed over NFS. + +Sponsored-by: TrueNAS +Reported-by: Satadru Pramanik + +Signed-off-by: Rob Norris +Reviewed-by: Alexander Motin +Reviewed-by: Brian Behlendorf +(cherry picked from commit d8c08a1cea6428fa37b3a6585150b10dedfd79b8) +Signed-off-by: Stoiko Ivanov +--- + module/os/linux/zfs/zpl_file.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/module/os/linux/zfs/zpl_file.c b/module/os/linux/zfs/zpl_file.c +index 30f3e3855355332aa10402791429cb4dc326f077..efcb400f196e3595fde85e5cf17be8bcf2d9520d 100644 +--- a/module/os/linux/zfs/zpl_file.c ++++ b/module/os/linux/zfs/zpl_file.c +@@ -1268,6 +1268,7 @@ const struct file_operations zpl_dir_file_operations = { + .read = generic_read_dir, + .iterate_shared = zpl_iterate, + .fsync = zpl_fsync, ++ .setlease = generic_setlease, + .unlocked_ioctl = zpl_ioctl, + #ifdef CONFIG_COMPAT + .compat_ioctl = zpl_compat_ioctl, diff --git a/debian/patches/0015-Linux-7.0-autoconf-Remove-copy-from-user-inatomic-AP.patch b/debian/patches/0015-Linux-7.0-autoconf-Remove-copy-from-user-inatomic-AP.patch new file mode 100644 index 000000000..b0f610085 --- /dev/null +++ b/debian/patches/0015-Linux-7.0-autoconf-Remove-copy-from-user-inatomic-AP.patch @@ -0,0 +1,79 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: John Cabaj +Date: Mon, 23 Mar 2026 11:19:41 -0500 +Subject: [PATCH] Linux 7.0: autoconf: Remove copy-from-user-inatomic API + checks (#18348) (#18354) + +This function was removed in c6442bd3b643: "Removing old code outside +of 4.18 kernsls", but fails at present on PowerPC builds due to the +recent inclusion of 6bc9c0a90522: "powerpc: fix KUAP warning in VMX +usercopy path" in the upstream kernel, which introduces a use of +cpu_feature_keys[], which is a GPL-only symbol. Removing the API +check as it doesn't appear necessary. + +Signed-off-by: John Cabaj +Reviewed-by: Tony Hutter +Reviewed-by: Alexander Motin +(cherry picked from commit 8518e3e809a4ca0d152c24efbd2409772295b056) +Signed-off-by: Stoiko Ivanov +--- + config/kernel-copy-from-user-inatomic.m4 | 29 ------------------------ + config/kernel.m4 | 2 -- + 2 files changed, 31 deletions(-) + delete mode 100644 config/kernel-copy-from-user-inatomic.m4 + +diff --git a/config/kernel-copy-from-user-inatomic.m4 b/config/kernel-copy-from-user-inatomic.m4 +deleted file mode 100644 +index fec354b2f38e32e959024bf1d8608c8a7aab5803..0000000000000000000000000000000000000000 +--- a/config/kernel-copy-from-user-inatomic.m4 ++++ /dev/null +@@ -1,29 +0,0 @@ +-dnl # +-dnl # On certain architectures `__copy_from_user_inatomic` +-dnl # is a GPL exported variable and cannot be used by OpenZFS. +-dnl # +- +-dnl # +-dnl # Checking if `__copy_from_user_inatomic` is available. +-dnl # +-AC_DEFUN([ZFS_AC_KERNEL_SRC___COPY_FROM_USER_INATOMIC], [ +- ZFS_LINUX_TEST_SRC([__copy_from_user_inatomic], [ +- #include +- ], [ +- int result __attribute__ ((unused)) = __copy_from_user_inatomic(NULL, NULL, 0); +- ], [], [ZFS_META_LICENSE]) +-]) +- +-AC_DEFUN([ZFS_AC_KERNEL___COPY_FROM_USER_INATOMIC], [ +- AC_MSG_CHECKING([whether __copy_from_user_inatomic is available]) +- ZFS_LINUX_TEST_RESULT([__copy_from_user_inatomic_license], [ +- AC_MSG_RESULT(yes) +- ], [ +- AC_MSG_RESULT(no) +- AC_MSG_ERROR([ +- *** The `__copy_from_user_inatomic()` Linux kernel function is +- *** incompatible with the CDDL license and will prevent the module +- *** linking stage from succeeding. OpenZFS cannot be compiled. +- ]) +- ]) +-]) +diff --git a/config/kernel.m4 b/config/kernel.m4 +index df168506691dec7b9479da12e9ac9e08694853c4..258611467893a0a9666a8da3bdcd78999c765679 100644 +--- a/config/kernel.m4 ++++ b/config/kernel.m4 +@@ -118,7 +118,6 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_SRC], [ + ZFS_AC_KERNEL_SRC_ADD_DISK + ZFS_AC_KERNEL_SRC_KTHREAD + ZFS_AC_KERNEL_SRC_ZERO_PAGE +- ZFS_AC_KERNEL_SRC___COPY_FROM_USER_INATOMIC + ZFS_AC_KERNEL_SRC_IDMAP_MNT_API + ZFS_AC_KERNEL_SRC_IDMAP_NO_USERNS + ZFS_AC_KERNEL_SRC_IATTR_VFSID +@@ -242,7 +241,6 @@ AC_DEFUN([ZFS_AC_KERNEL_TEST_RESULT], [ + ZFS_AC_KERNEL_ADD_DISK + ZFS_AC_KERNEL_KTHREAD + ZFS_AC_KERNEL_ZERO_PAGE +- ZFS_AC_KERNEL___COPY_FROM_USER_INATOMIC + ZFS_AC_KERNEL_IDMAP_MNT_API + ZFS_AC_KERNEL_IDMAP_NO_USERNS + ZFS_AC_KERNEL_IATTR_VFSID diff --git a/debian/patches/0016-Linux-7.0-ensure-LSMs-get-to-process-mount-options.patch b/debian/patches/0016-Linux-7.0-ensure-LSMs-get-to-process-mount-options.patch new file mode 100644 index 000000000..45eea3f03 --- /dev/null +++ b/debian/patches/0016-Linux-7.0-ensure-LSMs-get-to-process-mount-options.patch @@ -0,0 +1,67 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Rob Norris +Date: Tue, 31 Mar 2026 10:44:31 +1100 +Subject: [PATCH] Linux 7.0: ensure LSMs get to process mount options + +Normally, kernel gives any LSM registering a `sb_eat_lsm_opts` hook a +first look at mount options coming in from a userspace mount request. +The LSM may process and/or remove any options. Whatever is left is +passed to the filesystem. + +This is how the dataset properties `context`, `fscontext`, `defcontext` +and `rootcontext` are used to configure ZFS mounts for SELinux. libzfs +will fetch those properties from the dataset, then add them to the mount +options. + +In 0f608aa6ca (#18216) we added our own mount shims to cover the loss of +the kernel-provided ones. It turns out that if a filesystem provides a +`.parse_monolithic callback`, it is expected to do _all_ mount option +parameter processing - the kernel will not get involved at all. Because +of that, LSMs are never given a chance to process mount options. The +`context` properties are never seen by SELinux, nor are any other +options targetting other LSMs. + +Fix this by calling `security_sb_eat_lsm_opts()` in +`zpl_parse_monolithic()`, before we stash the remaining options for +`zfs_domount()`. + +Sponsored-by: TrueNAS +Reviewed-by: Tony Hutter +Reviewed-by: Brian Behlendorf +Signed-off-by: Rob Norris +Closes #18376 +(cherry picked from commit 4155d1533e1ac22057c9d21d57b28f8d36e59359) +Signed-off-by: Stoiko Ivanov +--- + module/os/linux/zfs/zpl_super.c | 17 +++++++++++++++-- + 1 file changed, 15 insertions(+), 2 deletions(-) + +diff --git a/module/os/linux/zfs/zpl_super.c b/module/os/linux/zfs/zpl_super.c +index d509152b692133f5dd0339e750dba50160e37232..5baa4f637cdc2e3cd4f68032f28de686b95200a0 100644 +--- a/module/os/linux/zfs/zpl_super.c ++++ b/module/os/linux/zfs/zpl_super.c +@@ -524,9 +524,22 @@ zpl_prune_sb(uint64_t nr_to_scan, void *arg) + static int + zpl_parse_monolithic(struct fs_context *fc, void *data) + { ++ if (data == NULL) ++ return (0); ++ ++ /* ++ * Because we supply a .parse_monolithic callback, the kernel does ++ * no consideration of the options blob at all. Because of this, we ++ * have to give LSMs a first look at it. They will remove any options ++ * of interest to them (eg the SELinux *context= options). ++ */ ++ int err = security_sb_eat_lsm_opts((char *)data, &fc->security); ++ if (err) ++ return (err); ++ + /* +- * We do options parsing in zfs_domount(); just stash the options blob +- * in the fs_context so we can pass it down later. ++ * Whatever is left we stash on in the fs_context so we can pass it ++ * down to zfs_domount() or zfs_remount() later. + */ + fc->fs_private = data; + return (0); diff --git a/debian/patches/0017-Linux-7.0-compat-META.patch b/debian/patches/0017-Linux-7.0-compat-META.patch new file mode 100644 index 000000000..ed1efa6f0 --- /dev/null +++ b/debian/patches/0017-Linux-7.0-compat-META.patch @@ -0,0 +1,28 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Brian Behlendorf +Date: Thu, 16 Apr 2026 16:45:20 -0700 +Subject: [PATCH] Linux 7.0 compat: META + +Update the META file to reflect compatibility with the 7.0 +kernel. + +Reviewed-by: Tony Hutter +Signed-off-by: Brian Behlendorf +Closes #18435 +(cherry picked from commit d88d9c91dce065c59e2d21aea5a85ba525b6a2f5) +Signed-off-by: Stoiko Ivanov +--- + META | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/META b/META +index c6d7e3e94057c7b6870ebb3818ba0e04141efdd0..805ab052fa8dc1882eb4b6f362225997a03b34ee 100644 +--- a/META ++++ b/META +@@ -6,5 +6,5 @@ Release: 1 + Release-Tags: relext + License: CDDL + Author: OpenZFS +-Linux-Maximum: 6.19 ++Linux-Maximum: 7.0 + Linux-Minimum: 4.18 diff --git a/debian/patches/series b/debian/patches/series index 95bf2d047..a437c55e1 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -11,4 +11,7 @@ 0011-Linux-7.0-blk_queue_nonrot-renamed-to-blk_queue_rot.patch 0012-Linux-7.0-posix_acl_to_xattr-now-allocates-memory.patch 0013-Linux-7.0-add-shims-for-the-fs_context-based-mount-A.patch -0014-Linux-7.0-WIP-compat-META.patch +0014-Linux-7.0-also-set-setlease-handler-on-directories-1.patch +0015-Linux-7.0-autoconf-Remove-copy-from-user-inatomic-AP.patch +0016-Linux-7.0-ensure-LSMs-get-to-process-mount-options.patch +0017-Linux-7.0-compat-META.patch -- 2.47.3