[PATCH 1/2] erofs-utils: mkfs: improvement for unprivileged container support

Sun Aug 14 12:29:14 AEST 2022

When developer want to use erofs at guest container rootfs, it require
to uid/gid offsetting for each files.
This patch add uid/gid offsetting feature to mkfs.erofs.

Example of how to use uid/gid offset:
 In case of lxc guest image.

 Image creation:
     mkafs.erofs --uid-offset=100000 --gid-offset=100000 file dir

 Set lxc config:
     lxc.idmap = u 0 100000 65536
     lxc.idmap = g 0 100000 65536

Signed-off-by: Naoto Yamaguchi <naoto.yamaguchi at aisin.co.jp>
---
 include/erofs/config.h |  1 +
 lib/inode.c            |  2 ++
 mkfs/main.c            | 18 ++++++++++++++++++
 3 files changed, 21 insertions(+)

diff --git a/include/erofs/config.h b/include/erofs/config.h
index 0d0916c..19b7a67 100644
--- a/include/erofs/config.h
+++ b/include/erofs/config.h
@@ -67,6 +67,7 @@ struct erofs_configure {
 	u32 c_dict_size;
 	u64 c_unix_timestamp;
 	u32 c_uid, c_gid;
+	u32 c_uid_offset, c_gid_offset;
 #ifdef WITH_ANDROID
 	char *mount_point;
 	char *target_out_path;
diff --git a/lib/inode.c b/lib/inode.c
index f192510..cc72c01 100644
--- a/lib/inode.c
+++ b/lib/inode.c
@@ -836,6 +836,8 @@ static int erofs_fill_inode(struct erofs_inode *inode,
 	inode->i_mode = st->st_mode;
 	inode->i_uid = cfg.c_uid == -1 ? st->st_uid : cfg.c_uid;
 	inode->i_gid = cfg.c_gid == -1 ? st->st_gid : cfg.c_gid;
+	inode->i_uid += cfg.c_uid_offset;
+	inode->i_gid += cfg.c_gid_offset;
 	inode->i_mtime = st->st_mtime;
 	inode->i_mtime_nsec = ST_MTIM_NSEC(st);
 
diff --git a/mkfs/main.c b/mkfs/main.c
index d2c9830..819b1f0 100644
--- a/mkfs/main.c
+++ b/mkfs/main.c
@@ -51,6 +51,8 @@ static struct option long_options[] = {
 	{"blobdev", required_argument, NULL, 13},
 	{"ignore-mtime", no_argument, NULL, 14},
 	{"preserve-mtime", no_argument, NULL, 15},
+	{"uid-offset", required_argument, NULL, 16},
+	{"gid-offset", required_argument, NULL, 17},
 #ifdef WITH_ANDROID
 	{"mount-point", required_argument, NULL, 512},
 	{"product-out", required_argument, NULL, 513},
@@ -97,6 +99,8 @@ static void usage(void)
 #endif
 	      " --force-uid=#         set all file uids to # (# = UID)\n"
 	      " --force-gid=#         set all file gids to # (# = GID)\n"
+	      " --uid-offset=#        add offset # to all file uids (# = id offset)\n"
+	      " --gid-offset=#        add offset # to all file gids (# = id offset)\n"
 	      " --help                display this help and exit\n"
 	      " --ignore-mtime        use build time instead of strict per-file modification time\n"
 	      " --max-extent-bytes=#  set maximum decompressed extent size # in bytes\n"
@@ -323,6 +327,20 @@ static int mkfs_parse_options_cfg(int argc, char *argv[])
 		case 10:
 			cfg.c_compress_hints_file = optarg;
 			break;
+		case 16:
+			cfg.c_uid_offset = strtoul(optarg, &endptr, 0);
+			if (cfg.c_uid_offset == -1 || *endptr != '\0') {
+				erofs_err("invalid uid offset %s", optarg);
+				return -EINVAL;
+			}
+			break;
+		case 17:
+			cfg.c_gid_offset = strtoul(optarg, &endptr, 0);
+			if (cfg.c_gid_offset == -1 || *endptr != '\0') {
+				erofs_err("invalid gid offset %s", optarg);
+				return -EINVAL;
+			}
+			break;
 #ifdef WITH_ANDROID
 		case 512:
 			cfg.mount_point = optarg;
-- 
2.25.1

