From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 13C7FD42BBF
	for <linux-mm@archiver.kernel.org>; Tue, 12 Nov 2024 20:12:43 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 76B326B00AC; Tue, 12 Nov 2024 15:12:43 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 71B0F6B00AE; Tue, 12 Nov 2024 15:12:43 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 595BC6B00AF; Tue, 12 Nov 2024 15:12:43 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 36C276B00AC
	for <linux-mm@kvack.org>; Tue, 12 Nov 2024 15:12:43 -0500 (EST)
Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay04.hostedemail.com (Postfix) with ESMTP id D5F2C1A042D
	for <linux-mm@kvack.org>; Tue, 12 Nov 2024 20:12:42 +0000 (UTC)
X-FDA: 82778540082.18.2ADDED4
Received: from mail-lj1-f181.google.com (mail-lj1-f181.google.com [209.85.208.181])
	by imf21.hostedemail.com (Postfix) with ESMTP id 0800A1C0015
	for <linux-mm@kvack.org>; Tue, 12 Nov 2024 20:11:20 +0000 (UTC)
Authentication-Results: imf21.hostedemail.com;
	dkim=pass header.d=linux-foundation.org header.s=google header.b=DGKfm3xN;
	dmarc=none;
	spf=pass (imf21.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.208.181 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1731442298; a=rsa-sha256;
	cv=none;
	b=AaNSHS7DMoa95MRH5rQd+Z/wUU856MfhFKDurgdEDFfxyXJV8BROtb6NxrKK1msBEHUCBX
	i2AL+fmPcmUlKW950mhxO7Tb24sNUJJSuc+GwYWPZ97GcNIi5SlzCnb7FK0PhXFmHzc/6S
	TA1Opz9nB+f+luvt8NCDY+xUheqiFLo=
ARC-Authentication-Results: i=1;
	imf21.hostedemail.com;
	dkim=pass header.d=linux-foundation.org header.s=google header.b=DGKfm3xN;
	dmarc=none;
	spf=pass (imf21.hostedemail.com: domain of torvalds@linuxfoundation.org designates 209.85.208.181 as permitted sender) smtp.mailfrom=torvalds@linuxfoundation.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1731442298;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=0qYB3r0e+M+AIIS7skjeHUYQNaIJb6UwbAHof7SMGqw=;
	b=ZDYB0bLDAlmTMqlCemu5G3gZXnGwEwx+YqQNbI2B5ANFqiZgdC01Ets8mmoCNSPFxoITr3
	bJM+a1Hjtv/e1bFeciSAYIQnAZMppaY2frMsLFiwv2nr7dAaQQkzN5SJ/0PvYa86AxszUi
	Ilo6p1gpbXig3hM8bHvQcUDDRXEiPlA=
Received: by mail-lj1-f181.google.com with SMTP id 38308e7fff4ca-2fb51e00c05so71783161fa.0
        for <linux-mm@kvack.org>; Tue, 12 Nov 2024 12:12:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google; t=1731442359; x=1732047159; darn=kvack.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=0qYB3r0e+M+AIIS7skjeHUYQNaIJb6UwbAHof7SMGqw=;
        b=DGKfm3xNdl0oNwQVTojEZsmz0UdXS8GnNOFpnyiLLa9Cw3EbJGJM8tensw4XiXP9Q2
         jJh7uskqGrsFWraC56//Kjp5f0Tfo8Mj1TIXc/BmLyw/8v3XC1GkcaQWctgxkFn+H4eb
         G/3fh3ZtME3iw3JoHm+D4vehRpZ3Mm3v13e5A=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1731442359; x=1732047159;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=0qYB3r0e+M+AIIS7skjeHUYQNaIJb6UwbAHof7SMGqw=;
        b=uIT3JJnp85nxCxxLEoB13EokBzOGl8Xyt8e8US8TlC28jfO9y00yErRtH6IwFH9IMa
         UvSzd5hH5nN7KVIlaKj3hOUXf9hbZPOWXnaxZcs6mEjbmScXl/r6SlqXQWfKIfnPgcL1
         RGABD3DbHLNFcVp9MMMilgToc9sMd1+k+Uct7x7PPx8gcMoKeAoFclvWolluTBW+WTyA
         LyFQ45YuZkiwDNR+hh1inD/Ol7Bk7GmpiXFn/uCPbQoj14OnMkxlygSO++cNYIE8IHgW
         7Wx8SalIQNC9/C5tWr7VDPA22UCunFcbbNglCRmWy0s5lEKlPlWl8D5K7zV2NW/V7/6a
         SyyA==
X-Forwarded-Encrypted: i=1; AJvYcCXDQsuwUklUGJwbzYcFw5ALYhBwmMloTu7exT6jCBOu+KMc4Y+avDxN5DaXzIGVbULq4vfG6oHq6w==@kvack.org
X-Gm-Message-State: AOJu0Yz0LD1huFtmFu6+LfxAHoLsG9v1+Yk4dorZyhMPc+qWhufbzT1s
	1L8f56/abvFjEe4KXFib/Cd2qO2TLfof/jiFhrGTp5HhRuamNRe3Vv2ffwZvMv0jbN9xgkvG85O
	P+jAA1A==
X-Google-Smtp-Source: AGHT+IEqtQhIJxkV8fZs3y8O1K2Dw4Mp3+Cnh1ilXdXCOatq7jh5Un0ojrtv4Wk0pkIpcQep3BF9yA==
X-Received: by 2002:a2e:b896:0:b0:2fa:fdd1:be23 with SMTP id 38308e7fff4ca-2ff2028aadamr126190601fa.28.1731442358351;
        Tue, 12 Nov 2024 12:12:38 -0800 (PST)
Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com. [209.85.208.45])
        by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a9ee0a4c3f5sm765878366b.76.2024.11.12.12.12.37
        for <linux-mm@kvack.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 12 Nov 2024 12:12:37 -0800 (PST)
Received: by mail-ed1-f45.google.com with SMTP id 4fb4d7f45d1cf-5c957d8bce2so4163366a12.2
        for <linux-mm@kvack.org>; Tue, 12 Nov 2024 12:12:37 -0800 (PST)
X-Forwarded-Encrypted: i=1; AJvYcCWPPh6b85f/yf2VNPH2iGiavH5zoGzQuiq2zGMAlaW+o84Li/wPLtkK1naJi8/eyYsrkA2KlEJ3Lw==@kvack.org
X-Received: by 2002:a50:cd1d:0:b0:5cf:22ab:c3b5 with SMTP id
 4fb4d7f45d1cf-5cf22abcab5mr13468088a12.1.1731442356992; Tue, 12 Nov 2024
 12:12:36 -0800 (PST)
MIME-Version: 1.0
References: <cover.1731433903.git.josef@toxicpanda.com> <141e2cc2dfac8b2f49c1c8d219dd7c20925b2cef.1731433903.git.josef@toxicpanda.com>
In-Reply-To: <141e2cc2dfac8b2f49c1c8d219dd7c20925b2cef.1731433903.git.josef@toxicpanda.com>
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Tue, 12 Nov 2024 12:12:20 -0800
X-Gmail-Original-Message-ID: <CAHk-=wjkBEch_Z9EMbup2bHtbtt7aoj-o5V6Nara+VxeUtckGw@mail.gmail.com>
Message-ID: <CAHk-=wjkBEch_Z9EMbup2bHtbtt7aoj-o5V6Nara+VxeUtckGw@mail.gmail.com>
Subject: Re: [PATCH v7 05/18] fsnotify: introduce pre-content permission events
To: Josef Bacik <josef@toxicpanda.com>
Cc: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, 
	amir73il@gmail.com, brauner@kernel.org, linux-xfs@vger.kernel.org, 
	linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Rspam-User: 
X-Rspamd-Queue-Id: 0800A1C0015
X-Rspamd-Server: rspam11
X-Stat-Signature: qxhbi1z4kh63m7ktyurnxgarnsj3tybf
X-HE-Tag: 1731442280-118891
X-HE-Meta: U2FsdGVkX181/LVn+S0t8Buv7L9ZVzRDWqYH16zKeRerMn6Lxer+9wUQClfugsK6Mi5llcgWRUh3HlYcH/WADeJqx7jKS5N6iPYP7+BkxBm3aPQebU48S/pNb9ZCTFfVG6PQH+L9B0z/mbHiyZPDyvU/ksUpN+SNGgoXWZvaErNdwbOgQSjg1laZGoEhdv2qtzY1UJGbPuGyllYW/qyQnJnGMaMoS3dG6HaoiJAAPj7QX+xlpmVi0f/cPxn5ddvBSXehMdNK2dKRfkb1GyErAbfE5d2v1/Mfvnl/nuFXQQeXTxUnLH4kCGqLjHWh8gKdNmbWwP7cfv4v0FvzMqP3a5gL3UgHoFWfZZDWZWhAa56w/lxM3Kc9S6k5+e/D5PoEXN9HNlDQdP61m+oMYy2+8SS4+FxsJHzTfdGOgw7AS9dYvd1fc4NtD2YvaiByzdUQwWyfsIIckDHddPZFyeUf+S/Yf4uTQabckxNStDQciVdN61u660Ma6B6OWiv6scqugoxNHEEMeGhR1NkrpxN85DpcPd0E0UPhZ8mhpRRvqxBTiqEkzaBD/dwlqAjO9q/6pJcfKVBl+9VLvE/VAyRGJNEK84qC5vYrjPHuHoRlIVB7ZlzXk61AdtWnK4I61PNvjOnTc2aKEurq/ExoA3vm1Z8wC4WXoGLSYQenXmMrVi7h9Shz/0qJ61IIoszVS19r7VEXrpvohsLpZDn1T5WsgjLyg2xXPCKEcObDEsMXnOujiX5/OHQplebZNBz4VR+tGSfg6a3L9/+NFS500FW9rt3s7pywyI2q76QXHrxmuLUFCP1GSzACjT2zm9hWedTclEm3daAcxpaclQuc4bCj51FE3a3fr20wvNB/hU5B8UsIzXhI8Cbi+0jixvmvrbhITUD5rZc+RLXRkwBdyvY+uxh+LPPaVUaORgluFaz7v8UMxpmvXukCc9lWKDZ3qtmXzQ9bz67y6MQraPpnISB
 hbRJtaXG
 6VqmM3B/S80WPwwDnkhzS9u25gY+/ZckKPkDcHWYYaqbPE8m0QHXf3kfMpWwIk9N1J8dpaCgbeM7GCQduw4G192cXcopkhUqL8DN/UCglciENkK8pXdXKw6vJMBfcBR8OwSTjRabU9oP4jIJ+YgNHnIs4RfRwfm3zMgPDv7zdQFyMesBDtZyOQs0t49KWMLqjPtUj7YjwvVNwpiv+nMnLIOl02Dt5NrHJHAS0XtOp0aGUilD1TbpKFuo9jCuhRCqpBm7xKbKxfLWvdtRsJENUtqluKQyNXGEWT+3133z/FJM4Gb+MPrb6rCragHad7sMmqHG29i/7CLrVlPZNE47cdYQYGyoRVvz5byp7wH5nSnjWXDVqEMwUr4xMmJg+9Eblf5hHZXBtHWxPO2C49qoHACF8Kd8uZ2cOpv+i6RQNwojBH5ec2px4i03kdbmeO9B88RWYnandzMVvXaVs8xmlUvHK+I7Id/2e0zj004S5Pd/n5+mhLExPaiaQv6iiEkN06UCjvybbwqhlmyURm/PIHWxyOWJCpgrD/uT/U3y/V8sMOP7u7QsykBeCjAZxBPFeKGBv
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Tue, 12 Nov 2024 at 09:56, Josef Bacik <josef@toxicpanda.com> wrote:
>
>  #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
> +static inline int fsnotify_pre_content(struct file *file)
> +{
> +       struct inode *inode = file_inode(file);
> +
> +       /*
> +        * Pre-content events are only reported for regular files and dirs
> +        * if there are any pre-content event watchers on this sb.
> +        */
> +       if ((!S_ISDIR(inode->i_mode) && !S_ISREG(inode->i_mode)) ||
> +           !(inode->i_sb->s_iflags & SB_I_ALLOW_HSM) ||
> +           !fsnotify_sb_has_priority_watchers(inode->i_sb,
> +                                              FSNOTIFY_PRIO_PRE_CONTENT))
> +               return 0;
> +
> +       return fsnotify_file(file, FS_PRE_ACCESS);
> +}

Yeah, no.

None of this should check inode->i_sb->s_iflags at any point.

The "is there a pre-content" thing should check one thing, and one
thing only: that "is this file watched" flag.

The whole indecipherable mess of inline functions that do random
things in <linux/fsnotify.h> needs to be cleaned up, not made even
more indecipherable.

I'm NAKing this whole series until this is all sane and cleaned up,
and I don't want to see a new hacky version being sent out tomorrow
with just another layer of new hacks, with random new inline functions
that call other inline functions and have complex odd conditionals
that make no sense.

Really. If the new hooks don't have that *SINGLE* bit test, they will
not get merged.

And that *SINGLE* bit test had better not be hidden under multiple
layers of odd inline functions.

You DO NOT get to use the same old broken complex function for the new
hooks that then mix these odd helpers.

This whole "add another crazy inline function using another crazy
helper needs to STOP. Later on in the patch series you do

+/*
+ * fsnotify_truncate_perm - permission hook before file truncate
+ */
+static inline int fsnotify_truncate_perm(const struct path *path,
loff_t length)
+{
+       return fsnotify_pre_content(path, &length, 0);
+}

or things like this:

+static inline bool fsnotify_file_has_pre_content_watches(struct file *file)
+{
+       if (!(file->f_mode & FMODE_NOTIFY_PERM))
+               return false;
+
+       if (!(file_inode(file)->i_sb->s_iflags & SB_I_ALLOW_HSM))
+               return false;
+
+       return fsnotify_file_object_watched(file, FSNOTIFY_PRE_CONTENT_EVENTS);
+}

and no, NONE of that should be tested at runtime.

I repeat: you should have *ONE* inline function that basically does

 static inline bool fsnotify_file_watched(struct file *file)
 {
        return file && unlikely(file->f_mode & FMODE_NOTIFY_PERM);
 }

and absolutely nothing else. If that file is set, the file has
notification events, and you go to an out-of-line slow case. You don't
inline the unlikely cases after that.

And you make sure that you only set that special bit on files and
filesystems that support it. You most definitely don't check for
SB_I_ALLOW_HSM kind of flags at runtime in critical code.

               Linus