kernel/linux.git/fs/notify/fdinfo.c, branch linux-6.0.yLinux kernel stable tree (mirror)https://git.radix-linux.su/kernel/linux.git/atom?h=linux-6.0.y2022-07-01T12:51:13+00:00fanotify: prepare for setting event flags in ignore mask2022-07-01T12:51:13+00:00Amir Goldsteinamir73il@gmail.com2022-06-29T14:42:08+00:00urn:sha1:31a371e419c885e0f137ce70395356ba8639dc52
Setting flags FAN_ONDIR FAN_EVENT_ON_CHILD in ignore mask has no effect.
The FAN_EVENT_ON_CHILD flag in mask implicitly applies to ignore mask and
ignore mask is always implicitly applied to events on directories.
Define a mark flag that replaces this legacy behavior with logic of
applying the ignore mask according to event flags in ignore mask.
Implement the new logic to prepare for supporting an ignore mask that
ignores events on children and ignore mask that does not ignore events
on directories.
To emphasize the change in terminology, also rename ignored_mask mark
member to ignore_mask and use accessors to get only the effective
ignored events or the ignored events and flags.
This change in terminology finally aligns with the "ignore mask"
language in man pages and in most of the comments.
Link: https://lore.kernel.org/r/20220629144210.2983229-2-amir73il@gmail.com
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fanotify: create helper fanotify_mark_user_flags()2022-04-25T12:43:00+00:00Amir Goldsteinamir73il@gmail.com2022-04-22T12:03:23+00:00urn:sha1:4adce25ccfff215939ee465b8c0aa70526d5c352
To translate from fsnotify mark flags to user visible flags.
Link: https://lore.kernel.org/r/20220422120327.3459282-13-amir73il@gmail.com
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fsnotify: create helpers for group mark_mutex lock2022-04-25T12:37:22+00:00Amir Goldsteinamir73il@gmail.com2022-04-22T12:03:17+00:00urn:sha1:43b245a788e2d8f1bb742668a9bdace02fcb3e96
Create helpers to take and release the group mark_mutex lock.
Define a flag FSNOTIFY_GROUP_NOFS in fsnotify_group that determines
if the mark_mutex lock is fs reclaim safe or not. If not safe, the
lock helpers take the lock and disable direct fs reclaim.
In that case we annotate the mutex with a different lockdep class to
express to lockdep that an allocation of mark of an fs reclaim safe group
may take the group lock of another "NOFS" group to evict inodes.
For now, converted only the callers in common code and no backend
defines the NOFS flag. It is intended to be set by fanotify for
evictable marks support.
Link: https://lore.kernel.org/r/20220422120327.3459282-7-amir73il@gmail.com
Suggested-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20220321112310.vpr7oxro2xkz5llh@quack3.lan/
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
inotify: show inotify mask flags in proc fdinfo2022-04-25T12:37:03+00:00Amir Goldsteinamir73il@gmail.com2022-04-22T12:03:12+00:00urn:sha1:a32e697cda27679a0327ae2cafdad8c7170f548f
The inotify mask flags IN_ONESHOT and IN_EXCL_UNLINK are not "internal
to kernel" and should be exposed in procfs fdinfo so CRIU can restore
them.
Fixes: 6933599697c9 ("inotify: hide internal kernel bits from fdinfo")
Link: https://lore.kernel.org/r/20220422120327.3459282-2-amir73il@gmail.com
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fanotify: fix permission model of unprivileged group2021-05-25T10:21:14+00:00Amir Goldsteinamir73il@gmail.com2021-05-24T13:53:21+00:00urn:sha1:a8b98c808eab3ec8f1b5a64be967b0f4af4cae43
Reporting event->pid should depend on the privileges of the user that
initialized the group, not the privileges of the user reading the
events.
Use an internal group flag FANOTIFY_UNPRIV to record the fact that the
group was initialized by an unprivileged user.
To be on the safe side, the premissions to setup filesystem and mount
marks now require that both the user that initialized the group and
the user setting up the mark have CAP_SYS_ADMIN.
Link: https://lore.kernel.org/linux-fsdevel/CAOQ4uxiA77_P5vtv7e83g0+9d7B5W9ZTE4GfQEYbWmfT1rA=VA@mail.gmail.com/
Fixes: 7cea2a3c505e ("fanotify: support limited functionality for unprivileged users")
Cc: <Stable@vger.kernel.org> # v5.12+
Link: https://lore.kernel.org/r/20210524135321.2190062-1-amir73il@gmail.com
Reviewed-by: Matthew Bobrowski <repnop@google.com>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fanotify: support limited functionality for unprivileged users2021-03-16T15:55:05+00:00Amir Goldsteinamir73il@gmail.com2021-03-04T11:29:21+00:00urn:sha1:7cea2a3c505e87a9d6afc78be4a7f7be636a73a7
Add limited support for unprivileged fanotify groups.
An unprivileged users is not allowed to get an open file descriptor in
the event nor the process pid of another process. An unprivileged user
cannot request permission events, cannot set mount/filesystem marks and
cannot request unlimited queue/marks.
This enables the limited functionality similar to inotify when watching a
set of files and directories for OPEN/ACCESS/MODIFY/CLOSE events, without
requiring SYS_CAP_ADMIN privileges.
The FAN_REPORT_DFID_NAME init flag, provide a method for an unprivileged
listener watching a set of directories (with FAN_EVENT_ON_CHILD) to monitor
all changes inside those directories.
This typically requires that the listener keeps a map of watched directory
fid to dirfd (O_PATH), where fid is obtained with name_to_handle_at()
before starting to watch for changes.
When getting an event, the reported fid of the parent should be resolved
to dirfd and fstatsat(2) with dirfd and name should be used to query the
state of the filesystem entry.
Link: https://lore.kernel.org/r/20210304112921.3996419-3-amir73il@gmail.com
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fsnotify: Remove proc_fs.h include2020-05-13T15:16:14+00:00Fabian Frederickfabf@skynet.be2020-05-12T18:19:06+00:00urn:sha1:5a449099b9d5b0a1ac23c1cdbda4bfbaf4b27076
proc_fs.h was already included in fdinfo.h
Link: https://lore.kernel.org/r/20200512181906.405927-1-fabf@skynet.be
Signed-off-by: Fabian Frederick <fabf@skynet.be>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fsnotify/fdinfo: exportfs_encode_inode_fh() takes pointer as 4th argument2019-10-17T08:32:59+00:00Ben Dooks (Codethink)ben.dooks@codethink.co.uk2019-10-16T09:59:55+00:00urn:sha1:ddd06c36bdb3ceed09c5fee3c8cf5ef7d1d9f6c9
The call to exportfs_encode_inode_fh() takes an pointer
as the 4th argument, so replace the integer 0 with the
NULL pointer.
This fixes the following sparse warning:
fs/notify/fdinfo.c:53:87: warning: Using plain integer as NULL pointer
Link: https://lore.kernel.org/r/20191016095955.3347-1-ben.dooks@codethink.co.uk
Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Jan Kara <jack@suse.cz>
fsnotify/fdinfo: include fdinfo.h for inotify_show_fdinfo()2018-11-15T16:34:27+00:00Eric Biggersebiggers@google.com2018-11-15T00:12:14+00:00urn:sha1:d6f7aa9820f21a879af8ceda17b2ebd1cf4beb25
inotify_show_fdinfo() is defined in fs/notify/fdinfo.c and declared in
fs/notify/fdinfo.h, but the declaration isn't included at the point of
the definition. Include the header to enforce that the definition
matches the declaration.
This addresses a gcc warning when -Wmissing-prototypes is enabled.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fanotify: store fanotify_init() flags in group's fanotify_data2018-09-27T13:29:00+00:00Amir Goldsteinamir73il@gmail.com2018-09-21T18:20:30+00:00urn:sha1:96a71f21ef1fcc32bea07c612a332a89a213f054
This averts the need to re-generate flags in fanotify_show_fdinfo()
and sets the scene for addition of more upcoming flags without growing
new members to the fanotify_data struct.
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>