From 50f9fd6fcef7f523367acb34ee2189230e76258a Mon Sep 17 00:00:00 2001
From: Ameer Hamza <ahamza@ixsystems.com>
Date: Tue, 27 Jun 2023 23:24:39 +0500
Subject: [PATCH] linux 6.3 compat changes for truenas/zfs-2.2-release

Signed-off-by: Ameer Hamza <ahamza@ixsystems.com>
---
 include/os/linux/zfs/sys/zpl.h  |  2 ++
 module/os/linux/zfs/policy.c    |  2 +-
 module/os/linux/zfs/zpl_xattr.c | 12 ++++++++----
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/include/os/linux/zfs/sys/zpl.h b/include/os/linux/zfs/sys/zpl.h
index 55cdf51c97..cfb2a6ed3e 100644
--- a/include/os/linux/zfs/sys/zpl.h
+++ b/include/os/linux/zfs/sys/zpl.h
@@ -109,6 +109,8 @@ zpl_chmod_acl(struct inode *ip)
 #if defined(HAVE_IOPS_PERMISSION_USERNS)
 extern int zpl_permission(struct user_namespace *userns, struct inode *ip,
     int mask);
+#elif defined(HAVE_IOPS_PERMISSION_IDMAP)
+extern int zpl_permission(struct mnt_idmap *idmap, struct inode *ip, int mask);
 #else
 extern int zpl_permission(struct inode *ip, int mask);
 #endif
diff --git a/module/os/linux/zfs/policy.c b/module/os/linux/zfs/policy.c
index ebec1e93a4..16e1762ec8 100644
--- a/module/os/linux/zfs/policy.c
+++ b/module/os/linux/zfs/policy.c
@@ -123,7 +123,7 @@ secpolicy_vnode_access2(const cred_t *cr, struct inode *ip, uid_t owner,
 	if ((uid == owner) || (uid == 0))
 		return (0);
 
-	if (zpl_inode_owner_or_capable(kcred->user_ns, ip))
+	if (zpl_inode_owner_or_capable(zfs_init_idmap, ip))
 		return (0);
 
 #if defined(CONFIG_USER_NS)
diff --git a/module/os/linux/zfs/zpl_xattr.c b/module/os/linux/zfs/zpl_xattr.c
index 138c1cb467..4d6ac10495 100644
--- a/module/os/linux/zfs/zpl_xattr.c
+++ b/module/os/linux/zfs/zpl_xattr.c
@@ -1499,6 +1499,8 @@ static xattr_handler_t zpl_xattr_acl_default_handler = {
 int
 #if defined(HAVE_IOPS_PERMISSION_USERNS)
 zpl_permission(struct user_namespace *userns, struct inode *ip, int mask)
+#elif defined(HAVE_IOPS_PERMISSION_IDMAP)
+zpl_permission(struct mnt_idmap *idmap, struct inode *ip, int mask)
 #else
 zpl_permission(struct inode *ip, int mask)
 #endif
@@ -1514,8 +1516,9 @@ zpl_permission(struct inode *ip, int mask)
 	 */
 	if ((ITOZSB(ip)->z_acl_type != ZFS_ACLTYPE_NFSV4) ||
 	    ((ITOZ(ip)->z_pflags & ZFS_ACL_TRIVIAL && GENERIC_MASK(mask)))) {
-#if defined(HAVE_IOPS_PERMISSION_USERNS)
-		return (generic_permission(userns, ip, mask));
+#if (defined(HAVE_IOPS_PERMISSION_USERNS) || \
+	defined(HAVE_IOPS_PERMISSION_IDMAP))
+		return (generic_permission(zfs_init_idmap, ip, mask));
 #else
 		return (generic_permission(ip, mask));
 #endif
@@ -1532,8 +1535,9 @@ zpl_permission(struct inode *ip, int mask)
 	 * NFSv4 ACE. Pass back to default kernel permissions check.
 	 */
 	if (to_check == 0) {
-#if defined(HAVE_IOPS_PERMISSION_USERNS)
-		return (generic_permission(userns, ip, mask));
+#if (defined(HAVE_IOPS_PERMISSION_USERNS) || \
+	defined(HAVE_IOPS_PERMISSION_IDMAP))
+		return (generic_permission(zfs_init_idmap, ip, mask));
 #else
 		return (generic_permission(ip, mask));
 #endif