From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D6923D3ABFA
	for <linux-mm@archiver.kernel.org>; Mon, 11 Nov 2024 21:52:08 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 529B36B00DF; Mon, 11 Nov 2024 16:52:08 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 4D8186B00E0; Mon, 11 Nov 2024 16:52:08 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 352586B00E1; Mon, 11 Nov 2024 16:52:08 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 0F76B6B00DF
	for <linux-mm@kvack.org>; Mon, 11 Nov 2024 16:52:08 -0500 (EST)
Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id AE2F6AD6DB
	for <linux-mm@kvack.org>; Mon, 11 Nov 2024 21:52:07 +0000 (UTC)
X-FDA: 82775160426.09.D9449B2
Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com [209.85.208.41])
	by imf27.hostedemail.com (Postfix) with ESMTP id C8DE34000A
	for <linux-mm@kvack.org>; Mon, 11 Nov 2024 21:51:23 +0000 (UTC)
Authentication-Results: imf27.hostedemail.com;
	dkim=pass header.d=linux-foundation.org header.s=google header.b=Yy4KDdbq;
	dmarc=none;
	spf=pass (imf27.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.208.41 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1731361839;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=L24fLxFCjFl/hQH9TQaBFKqNsNfJNVwL6H3wGfP4DSE=;
	b=z8eikgsFaQhxGApQ2Dbqv2PUPArlbSDgXvRFTqbieoLLha5B2Nd17wAZKQ51cFn5SK0VtX
	uLOTEKlG9Jz4A4TzV5dWb1JS+EzUSMHj7nADD3tGSEY2/7CCgR9HizgGVkmaYt6Xi2ripd
	ROEX6D0NRhM/jr1r8DDS/hq/js/c21M=
ARC-Authentication-Results: i=1;
	imf27.hostedemail.com;
	dkim=pass header.d=linux-foundation.org header.s=google header.b=Yy4KDdbq;
	dmarc=none;
	spf=pass (imf27.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.208.41 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1731361839; a=rsa-sha256;
	cv=none;
	b=aZIYGGDH4m8QhmI9CPvPwtWIVZnk7iXybkoY8MVc3aDLICvddPbxbnkiVunUga25vWZSLv
	Ny27ZGSphza9YgEi3qkUr3DIc+TQFyzwIci+mjfVayABpngk6IZXiCb47YPmquGqI5qdQ5
	+HCf9PsKoluqH6aBbD6Qv58gUULWyFs=
Received: by mail-ed1-f41.google.com with SMTP id 4fb4d7f45d1cf-5cec8c4e2f6so5991215a12.1
        for <linux-mm@kvack.org>; Mon, 11 Nov 2024 13:52:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google; t=1731361924; x=1731966724; darn=kvack.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=L24fLxFCjFl/hQH9TQaBFKqNsNfJNVwL6H3wGfP4DSE=;
        b=Yy4KDdbqMpq3qzlkekOhDnu1Sys/JDTlzAmXByx9z93gTjQ1+3m8xqYzTOFEKSGDSi
         wvlSC+yPa5Q7p1Jy6SIFObn8Pzvt2VzT6NsPw6gr489wa9q5zDnyjzEhdaAaEuXK0qdi
         6nND58cQTD7k9Hpl7GGumoeqjCvcYvY51uHmk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1731361924; x=1731966724;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=L24fLxFCjFl/hQH9TQaBFKqNsNfJNVwL6H3wGfP4DSE=;
        b=tVUXY+yULYZUA15WsoV6r0FLHYbAE3zbS7D/h9dddgiUlXf9RzZR+s0dWvfJo2Sz5c
         WAyfNy3eLJhnEYdKgQ5owgZvm2ZG4iC9mxCwY/cgqV+8vPbxEUgctnvKQHHJtlGnmGbr
         qXxyUsoUya33+uw7z13CdCJ9Dmjbfor19c2ubsNM8sTQLLNIaK2NHuHeM68zXF1L0yBw
         KsCPjOzvgOpQwMtmXiXbgCDtv1CHN2F25Lbh5otJh/B1Q+9F+W6UdYeWXb71bTRQx8bN
         wQs3itnsp7wKI98wr3dBinwNx745chwmV6eussChn/BEMThegCLqgUe8KAqmXQyDkRbB
         ePDg==
X-Forwarded-Encrypted: i=1; AJvYcCUgnpZo4/A9JqcAITxr2Us6VHSCQp+zoX4AAi1ltu9ebebooUoBAp3HmHwREWQFLIRhpKbQ+9aTAw==@kvack.org
X-Gm-Message-State: AOJu0Yx7O2yThFjK+8JCBIQrgwY5LIqDJukr5GgIwprQFdZONE9gZAPj
	7SrC/2aLANbI+01j6vY5zyY/MS8ZMHGmcUHqU5JrQZ1vixFn442syqyCFxintxonNyvWjt4BOZ2
	TUS4=
X-Google-Smtp-Source: AGHT+IFr3jrk5aaj/hlhpRRd1M5l8DtDCLSc3DE5vog9VEzr+wQkKPSNlB10ttcVXvPSj1K/ud/RWg==
X-Received: by 2002:aa7:c1da:0:b0:5cf:9e5:7d12 with SMTP id 4fb4d7f45d1cf-5cf0a44756amr10630778a12.22.1731361923729;
        Mon, 11 Nov 2024 13:52:03 -0800 (PST)
Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com. [209.85.208.50])
        by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5cf03bb75f4sm5310256a12.44.2024.11.11.13.52.01
        for <linux-mm@kvack.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Mon, 11 Nov 2024 13:52:02 -0800 (PST)
Received: by mail-ed1-f50.google.com with SMTP id 4fb4d7f45d1cf-5cacb76e924so7381171a12.0
        for <linux-mm@kvack.org>; Mon, 11 Nov 2024 13:52:01 -0800 (PST)
X-Forwarded-Encrypted: i=1; AJvYcCUpB8AngqoVtKH58psknNVIAMfwiZldmM+G+qUotWFJTfOWh/3GoW2XYuL0erJl7SEK60Eb/cw48A==@kvack.org
X-Received: by 2002:a17:906:730d:b0:a89:f5f6:395 with SMTP id
 a640c23a62f3a-a9eefeade4cmr1373427066b.1.1731361921497; Mon, 11 Nov 2024
 13:52:01 -0800 (PST)
MIME-Version: 1.0
References: <cover.1731355931.git.josef@toxicpanda.com> <b509ec78c045d67d4d7e31976eba4b708b238b66.1731355931.git.josef@toxicpanda.com>
In-Reply-To: <b509ec78c045d67d4d7e31976eba4b708b238b66.1731355931.git.josef@toxicpanda.com>
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 11 Nov 2024 13:51:45 -0800
X-Gmail-Original-Message-ID: <CAHk-=wh4BEjbfaO93hiZs3YXoNmV=YkWT4=OOhuxM3vD2S-1iA@mail.gmail.com>
Message-ID: <CAHk-=wh4BEjbfaO93hiZs3YXoNmV=YkWT4=OOhuxM3vD2S-1iA@mail.gmail.com>
Subject: Re: [PATCH v6 06/17] fsnotify: generate pre-content permission event
 on open
To: Josef Bacik <josef@toxicpanda.com>
Cc: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, 
	amir73il@gmail.com, brauner@kernel.org, linux-xfs@vger.kernel.org, 
	linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Rspam-User: 
X-Rspamd-Server: rspam03
X-Rspamd-Queue-Id: C8DE34000A
X-Stat-Signature: 8aoh3fwgydw8ci86ppkcz7wi8qciuzez
X-HE-Tag: 1731361883-677657
X-HE-Meta: U2FsdGVkX18MVPcmBL8X2bbKDUIbhJeQCYJd/f6a2WWujfw8A7rtymkvowsfAiTx0LoZGLlhIGW4jQoV7lOFHlFsIPlgXDBCBh5ZEGuzuom8osstSPolffk076hHqXA9wC+3ISI9IAwT5Lc92StAuQZjZjYXFHKEr+x36E8CyF+k5D1QqO3vm+ZktBZ7TLnsfWWdweVMcaWJ8f8aHTXjm4tepKU2ORuWOLZxTfL0JhXx6uH1WypeBToheoPfsRK+LAJ2a5S3YgILD+zCMdc4DIzjtrYWf+AVkJyGvlVmsUdvg7jX6b3b0Karx5SwLll5283Kp83rGBI6h3yKFLg3XQ/EYVzdPus9J6MEs1zNb2lKQlm8cPtrGL3IQ45mZm5hB1OM8ZjlkH0kj8n5ghsOOjY6+1k363IQ8xshDRmBm6W/XejJ7oZP7Az47Rr6Z56Mn3o2N3QKRdwrzQTEGw0Q45sjld7SZkcen/b2h9a4gkOq1m2FsoE+irrnOvoopwUz37tDgz5aOvcFaLrmw5qP+gw44Rrj5L5eOdFwSayTVVP4Hitvhe5ubZkhoTubaCP/abUXXTrow75gjhC2X1gXFXFRcA0rNngvJrMns8sjLj5Sq+cPiElVShi3aEWaKbv5diCIldhptceI1WnkhxL1x1ERUP9McntW7aAGS7E8cZzrD9axc7PR2qjzIpCKbCgkPcbxhHPMOMdpRpa5IUqcgMnEzROKQ3VI82Xn267ibHjbFiCxU3y8qlZp9wbghZQJZH9styTXI0+Cnpilxga6tFFtztDSLCfhAqYHHZdqke2Oqx4ygZAiFyL/K3ng/uLflXrjFzuj/x2zI6Rl1PQGJeFR7KZ0+CJ8JmaAy1RCOJ0Z6GBAw3ew0sqEz6yXgXP+QyscCOXloCuwwVaAkY6bRtytq8mMswq+8AdsJbwg3xLgVDLl7CEGEoSCm5gHRbL5K4Bje6WgRA93hQE8qEp
 N0MUCBcT
 88fmnTkkq+9E9gGEyulJleZnNB4v1f1GPOCOQp5IED2tMXBVXkOQqm1QODXexVYNqLOZIO9LwqBsUul+Akhm+uMH3fySBBVvqOg51odxiRsvImtSKJy+1c5QSu45zcn3tZvWgr63UfSkzAgqamMKw422qvY4PG3LzQQxrsL/QezHwApzVGMnrLx8gLiVct7k8+o6tSph4sn+TvnCsCh9LrzjcFtwsC4WJCoJMEaDLF1t52eQ4MNjaqKvSR2Opddr7MLZKOTmfv9dRVXA7zF8FFAfkImwZ/z8a5JG1hZYO4r8oRlOX/WwCL5iaiXV3bc/8i3Gov51c2RjUPfhRYQe4K/WhHVxLN0Xor+YaCZHdAfL7ZqgUWFfkdRJqcurRE431sv1NM9P5Rmg2soWCqVA/0GhpXm7HcRxnRuaYBBORp+qFBDFdakAB1fNIWE7EkKeCyBLfB1lAPrILL+yW8tLzHWNSJIo3jF5lASciKiWsByXet1dzEASMVOsS3YG3Nt3JjEhvBVmEPLM1gWrNruSy19zQUvgbk2DvH1tKjp68FOSv0ToMVqowqhcQ+JoiGDa47ctr
X-Bogosity: Ham, tests=bogofilter, spamicity=0.001228, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Mon, 11 Nov 2024 at 12:19, Josef Bacik <josef@toxicpanda.com> wrote:
>
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -3782,7 +3782,15 @@ static int do_open(struct nameidata *nd,
> +       /*
> +        * This permission hook is different than fsnotify_open_perm() hook.
> +        * This is a pre-content hook that is called without sb_writers held
> +        * and after the file was truncated.
> +        */
> +       return fsnotify_file_area_perm(file, MAY_OPEN, &file->f_pos, 0);
>  }

Stop adding sh*t like this to the VFS layer.

Seriously. I spend time and effort looking at profiles, and then
people who do *not* seem to spend the time and effort just willy nilly
add fsnotify and security events and show down basic paths.

I'm going to NAK any new fsnotify and permission hooks unless people
show that they don't add any overhead.

Because I'm really really tired of having to wade through various
permission hooks in the profiles that I can not fix or optimize,
because those hoosk have no sane defined semantics, just "let user
space know".

Yes, right now it's mostly just the security layer. But this really
looks to me like now fsnotify will be the same kind of pain.

And that location is STUPID. Dammit, it is even *documented* to be
stupid. It's a "pre-content" hook that happens after the contents have
already been truncated. WTF? That's no "pre".

I tried to follow the deep chain of inlines to see what actually ends
up happening, and it looks like if the *whole* filesystem has no
notify events at all, the fsnotify_sb_has_watchers() check will make
this mostly go away, except for all the D$ accesses needed just to
check for it.

But even *one* entirely unrelated event will now force every single
open to typically call __fsnotify_parent() (or possibly "just"
fsnotify), because there's no sane "nobody cares about this dentry"
kind of thing.

So effectively this is a new hook that gets called on every single
open call that nobody else cares about than you, and that people have
lived without for three decades.

Stop it, or at least add the code to not do this all completely pointlessly.

Because otherwise I will not take this kind of stuff any more. I just
spent time trying to figure out how to avoid the pointless cache
misses we did for every path component traversal.

So I *really* don't want to see another pointless stupid fsnotify hook
in my profiles.

                Linus