From: Josef Bacik <josef@toxicpanda.com>
To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz,
amir73il@gmail.com, brauner@kernel.org,
linux-xfs@vger.kernel.org, linux-bcachefs@vger.kernel.org,
linux-btrfs@vger.kernel.org, linux-mm@kvack.org
Subject: [PATCH v5 04/18] fanotify: introduce FAN_PRE_ACCESS permission event
Date: Wed, 4 Sep 2024 16:27:54 -0400 [thread overview]
Message-ID: <19cb8b3b5b93760bc6c6d47a8cbcd277952d7006.1725481503.git.josef@toxicpanda.com> (raw)
In-Reply-To: <cover.1725481503.git.josef@toxicpanda.com>
From: Amir Goldstein <amir73il@gmail.com>
Similar to FAN_ACCESS_PERM permission event, but it is only allowed with
class FAN_CLASS_PRE_CONTENT and only allowed on regular files and dirs.
Unlike FAN_ACCESS_PERM, it is safe to write to the file being accessed
in the context of the event handler.
This pre-content event is meant to be used by hierarchical storage
managers that want to fill the content of files on first read access.
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Christian Brauner <brauner@kernel.org>
---
fs/notify/fanotify/fanotify.c | 3 ++-
fs/notify/fanotify/fanotify_user.c | 17 ++++++++++++++---
include/linux/fanotify.h | 14 ++++++++++----
include/uapi/linux/fanotify.h | 2 ++
4 files changed, 28 insertions(+), 8 deletions(-)
diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index 224bccaab4cc..7dac8e4486df 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c
@@ -910,8 +910,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, u32 mask,
BUILD_BUG_ON(FAN_OPEN_EXEC_PERM != FS_OPEN_EXEC_PERM);
BUILD_BUG_ON(FAN_FS_ERROR != FS_ERROR);
BUILD_BUG_ON(FAN_RENAME != FS_RENAME);
+ BUILD_BUG_ON(FAN_PRE_ACCESS != FS_PRE_ACCESS);
- BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 21);
+ BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 22);
mask = fanotify_group_event_mask(group, iter_info, &match_mask,
mask, data, data_type, dir);
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index 2e2fba8a9d20..c294849e474f 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -1628,6 +1628,7 @@ static int fanotify_events_supported(struct fsnotify_group *group,
unsigned int flags)
{
unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS;
+ bool is_dir = d_is_dir(path->dentry);
/* Strict validation of events in non-dir inode mask with v5.17+ APIs */
bool strict_dir_events = FAN_GROUP_FLAG(group, FAN_REPORT_TARGET_FID) ||
(mask & FAN_RENAME) ||
@@ -1665,9 +1666,15 @@ static int fanotify_events_supported(struct fsnotify_group *group,
* but because we always allowed it, error only when using new APIs.
*/
if (strict_dir_events && mark_type == FAN_MARK_INODE &&
- !d_is_dir(path->dentry) && (mask & FANOTIFY_DIRONLY_EVENT_BITS))
+ !is_dir && (mask & FANOTIFY_DIRONLY_EVENT_BITS))
return -ENOTDIR;
+ /* Pre-content events are only supported on regular files and dirs */
+ if (mask & FANOTIFY_PRE_CONTENT_EVENTS) {
+ if (!is_dir && !d_is_reg(path->dentry))
+ return -EINVAL;
+ }
+
return 0;
}
@@ -1769,11 +1776,15 @@ static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask,
goto fput_and_out;
/*
- * Permission events require minimum priority FAN_CLASS_CONTENT.
+ * Permission events are not allowed for FAN_CLASS_NOTIF.
+ * Pre-content permission events are not allowed for FAN_CLASS_CONTENT.
*/
ret = -EINVAL;
if (mask & FANOTIFY_PERM_EVENTS &&
- group->priority < FSNOTIFY_PRIO_CONTENT)
+ group->priority == FSNOTIFY_PRIO_NORMAL)
+ goto fput_and_out;
+ else if (mask & FANOTIFY_PRE_CONTENT_EVENTS &&
+ group->priority == FSNOTIFY_PRIO_CONTENT)
goto fput_and_out;
if (mask & FAN_FS_ERROR &&
diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
index 4f1c4f603118..5c811baf44d2 100644
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -88,6 +88,16 @@
#define FANOTIFY_DIRENT_EVENTS (FAN_MOVE | FAN_CREATE | FAN_DELETE | \
FAN_RENAME)
+/* Content events can be used to inspect file content */
+#define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \
+ FAN_ACCESS_PERM)
+/* Pre-content events can be used to fill file content */
+#define FANOTIFY_PRE_CONTENT_EVENTS (FAN_PRE_ACCESS)
+
+/* Events that require a permission response from user */
+#define FANOTIFY_PERM_EVENTS (FANOTIFY_CONTENT_PERM_EVENTS | \
+ FANOTIFY_PRE_CONTENT_EVENTS)
+
/* Events that can be reported with event->fd */
#define FANOTIFY_FD_EVENTS (FANOTIFY_PATH_EVENTS | FANOTIFY_PERM_EVENTS)
@@ -103,10 +113,6 @@
FANOTIFY_INODE_EVENTS | \
FANOTIFY_ERROR_EVENTS)
-/* Events that require a permission response from user */
-#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM | \
- FAN_OPEN_EXEC_PERM)
-
/* Extra flags that may be reported with event or control handling of events */
#define FANOTIFY_EVENT_FLAGS (FAN_EVENT_ON_CHILD | FAN_ONDIR)
diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h
index a37de58ca571..bcada21a3a2e 100644
--- a/include/uapi/linux/fanotify.h
+++ b/include/uapi/linux/fanotify.h
@@ -26,6 +26,8 @@
#define FAN_ACCESS_PERM 0x00020000 /* File accessed in perm check */
#define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */
+#define FAN_PRE_ACCESS 0x00080000 /* Pre-content access hook */
+
#define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */
#define FAN_RENAME 0x10000000 /* File was renamed */
--
2.43.0
next prev parent reply other threads:[~2024-09-04 20:29 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-04 20:27 [PATCH v5 00/18] fanotify: add pre-content hooks Josef Bacik
2024-09-04 20:27 ` [PATCH v5 01/18] fanotify: don't skip extra event info if no info_mode is set Josef Bacik
2024-09-05 7:49 ` Amir Goldstein
2024-09-04 20:27 ` [PATCH v5 02/18] fsnotify: introduce pre-content permission event Josef Bacik
2024-09-04 20:27 ` [PATCH v5 03/18] fsnotify: generate pre-content permission event on open Josef Bacik
2024-10-24 13:06 ` Amir Goldstein
2024-09-04 20:27 ` Josef Bacik [this message]
2024-09-04 20:27 ` [PATCH v5 05/18] fanotify: introduce FAN_PRE_MODIFY permission event Josef Bacik
2024-09-04 20:27 ` [PATCH v5 06/18] fanotify: pass optional file access range in pre-content event Josef Bacik
2024-09-04 20:27 ` [PATCH v5 07/18] fanotify: rename a misnamed constant Josef Bacik
2024-09-04 20:27 ` [PATCH v5 08/18] fanotify: report file range info with pre-content events Josef Bacik
2024-09-04 20:27 ` [PATCH v5 09/18] fanotify: allow to set errno in FAN_DENY permission response Josef Bacik
2024-09-04 20:28 ` [PATCH v5 10/18] fs: add a flag to indicate the fs supports pre-content events Josef Bacik
2024-09-05 8:07 ` Amir Goldstein
2024-09-04 20:28 ` [PATCH v5 11/18] fanotify: add a helper to check for pre content events Josef Bacik
2024-09-05 8:09 ` Amir Goldstein
2024-09-04 20:28 ` [PATCH v5 12/18] fanotify: disable readahead if we have pre-content watches Josef Bacik
2024-09-05 8:12 ` Amir Goldstein
2024-09-04 20:28 ` [PATCH v5 13/18] mm: don't allow huge faults for files with pre content watches Josef Bacik
2024-09-05 8:14 ` Amir Goldstein
2024-09-04 20:28 ` [PATCH v5 14/18] fsnotify: generate pre-content permission event on page fault Josef Bacik
2024-09-04 20:28 ` [PATCH v5 15/18] bcachefs: add pre-content fsnotify hook to fault Josef Bacik
2024-09-04 20:28 ` [PATCH v5 16/18] xfs: add pre-content fsnotify hook for write faults Josef Bacik
2024-09-05 8:29 ` Amir Goldstein
2024-09-04 20:28 ` [PATCH v5 17/18] btrfs: disable defrag on pre-content watched files Josef Bacik
2024-09-05 8:23 ` Amir Goldstein
2024-09-04 20:28 ` [PATCH v5 18/18] fs: enable pre-content events on supported file systems Josef Bacik
2024-09-05 8:27 ` Amir Goldstein
2024-09-05 10:36 ` Jan Kara
[not found] ` <CAOQ4uxikusW_q=zdqDKCHz8kGoTyUg1htWhPR1OFAFGHdj-vcQ@mail.gmail.com>
2024-09-05 10:32 ` [PATCH v5 00/18] fanotify: add pre-content hooks Jan Kara
2024-09-05 19:30 ` Josef Bacik
2024-09-05 12:08 ` Jan Kara
2024-09-05 19:29 ` Josef Bacik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=19cb8b3b5b93760bc6c6d47a8cbcd277952d7006.1725481503.git.josef@toxicpanda.com \
--to=josef@toxicpanda.com \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=jack@suse.cz \
--cc=kernel-team@fb.com \
--cc=linux-bcachefs@vger.kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox