From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A0730D597B7
	for <linux-mm@archiver.kernel.org>; Tue, 12 Nov 2024 23:41:07 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id F32E68D0002; Tue, 12 Nov 2024 18:41:06 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id EEC288D0001; Tue, 12 Nov 2024 18:41:06 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id D839C8D0002; Tue, 12 Nov 2024 18:41:06 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id BA2388D0001
	for <linux-mm@kvack.org>; Tue, 12 Nov 2024 18:41:06 -0500 (EST)
Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id 568B71406D9
	for <linux-mm@kvack.org>; Tue, 12 Nov 2024 23:41:06 +0000 (UTC)
X-FDA: 82779065712.14.09D5F63
Received: from mail-qv1-f48.google.com (mail-qv1-f48.google.com [209.85.219.48])
	by imf07.hostedemail.com (Postfix) with ESMTP id DBF2A40002
	for <linux-mm@kvack.org>; Tue, 12 Nov 2024 23:40:04 +0000 (UTC)
Authentication-Results: imf07.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20230601 header.b=awacALmF;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf07.hostedemail.com: domain of amir73il@gmail.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=amir73il@gmail.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1731454801; a=rsa-sha256;
	cv=none;
	b=E0rYZpMpsmzgVW2tyFxCMSGK5JA4rE7B8Wo8QDCw/gHVHP62Zg3Hqi44bFR6h1yllmt/+H
	sVnaEuFuDrp4AQDKJwasF/2hfSGPbkfswv2sJ24Ky3khduEYyXwZkm6sB1XTnaqx8GjAMC
	QLOdrKO4iMD6HkBRcpx5f+zug/0HmPQ=
ARC-Authentication-Results: i=1;
	imf07.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20230601 header.b=awacALmF;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf07.hostedemail.com: domain of amir73il@gmail.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=amir73il@gmail.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1731454801;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=S41n8m1asHjOj2zkIWsKa2/GMlPGIciesJUEgI/ie94=;
	b=3DR6fPe+EV2WM19JVCiITfTw3R/LT57sHt84q7rSKKIbec6INyns46ULil6a1pi7jff4YP
	GupgYplzV+Pp0TJ6nxxXlrXW9tz6JyMpjMipLMgN7BS3qp1X4OuZzGbO9s7BeLew4q4kSY
	/b8s8idaoVuhSb8Rco7suCzsz1txDH4=
Received: by mail-qv1-f48.google.com with SMTP id 6a1803df08f44-6cbf340fccaso1496916d6.1
        for <linux-mm@kvack.org>; Tue, 12 Nov 2024 15:41:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1731454863; x=1732059663; darn=kvack.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=S41n8m1asHjOj2zkIWsKa2/GMlPGIciesJUEgI/ie94=;
        b=awacALmFAFVEo3LHGQAaSNK2pqGDDRl84m050G5eNA/UbGVqkolUpHErVk7ByDgJWy
         6t4w+U8TZfcqgLOSKPgKfx078IjfkAvfHlOouq4hpAo1jk6RKcxtfaeERed9NJay74bz
         7SXCQ7Y9Wv1qbs71SHBS6/Ryy0JtZOvF1qFXxDkDw4J1tbPlJJJ5cUlbPm0RIwnx0Fu0
         cBqCafkRk2whfrwC0KdaOP6++Jk9oJxjMt2R5rqs4feuxxdXLkRfx71PUuK622XpVNUB
         odN9bsxojnnhB7BV3H0n7KoTC17xeRyHyon8kDsSKfQueg5MFZlDDOCumY03U/H5HfE7
         gOtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1731454863; x=1732059663;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=S41n8m1asHjOj2zkIWsKa2/GMlPGIciesJUEgI/ie94=;
        b=oV5wa3HmxWslKyfhGZkO8Kb3eHxL3IkAfAb1e9XjlJRSNfXA0fKoKsuxUJpZe1ki1r
         2opoCrqJelZU3oAHNX9D4lE2D//4pvaAhZglIbVynXTUno9GHHVRA7Ig/aKbRG9ofcoX
         8fg2F5T8CmDu/Zd6gFr1Cw0/+1zI5yWiAKXrIbGos3o1igQjHn5ara6ZikvIfLcMiYQP
         2yv/EE6hhEKOPA72jnmwpfMt5Ceqs8XzT/iXH9pkN06DM86t9In6gPgstVx/uQedypvI
         M+uQwlomsoRxllxZmYgIAHCVvY0VGLLAIVHt2KCOMbB3YYfKdHyJp7u2qwrpDJuaWlUl
         xkOQ==
X-Forwarded-Encrypted: i=1; AJvYcCXLCwCP3hMSVJ968//oGjdD2Q7SJUkhL6iVQrx1dMcOgCMyXo0dxtgS/03/ofGluRiR3DhPBSkX9g==@kvack.org
X-Gm-Message-State: AOJu0YxnV2otOS9e/1a3ArHdVoX/3iNtfUkJjtz3tKUyCkqdH2VD/gGA
	aUJsJ1zM90kCKyprU023Z47wCaQumGm/6IrgPBq8sAV4rQk8+yBQd2s8LraFtCy6Z2IXQEWKy/P
	9Z9e5I8bggOw4kf6Hg1J3q1c8w88=
X-Google-Smtp-Source: AGHT+IF5mj0cZzbas4T/DS3EAEzFgd019hNrEPMuAGUvwR2aAP50Ksm9TLyWCyC7OjmCeuhyupOXVNxsG44rGwB6G1o=
X-Received: by 2002:a05:6214:5296:b0:6cb:5bde:d78 with SMTP id
 6a1803df08f44-6d39d567a33mr292873866d6.3.1731454863339; Tue, 12 Nov 2024
 15:41:03 -0800 (PST)
MIME-Version: 1.0
References: <cover.1731433903.git.josef@toxicpanda.com> <60a2309da948dc81e4c66b9e5fe3f1e2faa2010e.1731433903.git.josef@toxicpanda.com>
 <CAHk-=wgNFNYinkWCUvT2UnH2E2K_qPexEPgrm-xgr68YXnEQ_g@mail.gmail.com>
In-Reply-To: <CAHk-=wgNFNYinkWCUvT2UnH2E2K_qPexEPgrm-xgr68YXnEQ_g@mail.gmail.com>
From: Amir Goldstein <amir73il@gmail.com>
Date: Wed, 13 Nov 2024 00:40:52 +0100
Message-ID: <CAOQ4uxgakk8pW39JkjL1Up-dGZtTDn06QAQvX8p0fVZksCzA9Q@mail.gmail.com>
Subject: Re: [PATCH v7 07/18] fsnotify: generate pre-content permission event
 on open
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Josef Bacik <josef@toxicpanda.com>, kernel-team@fb.com, linux-fsdevel@vger.kernel.org, 
	jack@suse.cz, brauner@kernel.org, linux-xfs@vger.kernel.org, 
	linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Rspam-User: 
X-Rspamd-Queue-Id: DBF2A40002
X-Rspamd-Server: rspam11
X-Stat-Signature: xputdos5qzdtkdcmmh1o8jrcct4w8mz1
X-HE-Tag: 1731454804-546500
X-HE-Meta: U2FsdGVkX1+HKM6WJwvOTxgbmu9d8K16BOab9MDCIj7ArRTOzRgZPJAn7JjeTmCTGT6naqb9FMINvJyLfsMVNa30gohyl8TVxUUsjRydNzpO1xp/r8fs8R5uIyyVSUdpcYUEASswiLDbsjpwEdumhtC9aeLXK3eqMGq3XQpnH9Vnf4E7psH+rSwh6pp/O7Z4IL5JzQ2zKN50ULEN+3rXAPRpjzklHz8GPxti+ZOC4eN3xZQAaNYQ1dKz4gCNf08nx/CfHVr4QEgIJDljw+xOa1jCsrF0TiXIRBbaGOCYdsDcSSb5Il+kMBWrONtonFdzIA0AflwLI6L1YzSY+c+dQUhYwoFn/PQnY68b7EmJujnj9W2uwRKJUmkg7KCVSYe1XqLg8OxyrxqAzZTnCsFhx5bVcoXW9UXVrb8aei1v+b2m7oiA6IEC2IW/Bxv2ReIqP8LLRQAnIK6HeJ1bBc0pZNLyO82ki2pDjPO6xP8ZGS+zhWuAaSsCxKXlh3UJIRWmw4sNm+15gh3SMV0d59i/llAX47Ivej+kjLV0ORhKnmfxOgcpV45dwS9UIHxXzujeXSjZQUSQR7cYINtxSWDpIpV1kDlfrQHzyBQy3KBqubIB1m8pDhXrlZDKiw/lkYBPDgH6EcbK7z6I1jQPYbMzAO5mMZMiKWK1iZ6AEN9JASEVrXCSemnOsiKX9nMCbTGx/rvCIBtHvDjGHYnttq3VbuX5Kib3Nwkv51SqNQKsu4Wy4ROglw7rEB3d5Aw+eFvjxOviwv5VABZEjrBjgFtp/oYHr+Bfbv3hkDzEiWiMDWyshKH9+IjmLndZS8Dut2BO0pG7Y1nt13uOJ7RIqC56exEFDu0T2hpRhVKqZ8v1rKWOyS8rk1y6xTLnfGBzbEnhO9xaSPtmnmg0d2JmZewfsXloCweFOsO4vpAcoS7CWIAMyNtiQXYfenjnJzrFlNsVo+aBuHItBBnIC+auHoq
 LmaXn/GY
 X9nemBDbR2ceLR5YJphXRrZwH261eYsZXzLIy1510JAQgWEmxuEVLrUDWSZ7gEtTUOwJGh/M5BXJxfc1v+L1uvubp4/KvbdMbd/1ard48OwpWydqMt+ib/YwB7HISpsVirJ8guPQNdsQJeXO+v8BY8cTFYZVZnqrertNObGTivIGP2FV7c8BpZGuTzfqEW+yZIpw9V1DXVUaWkfDd5WvFu+FJiazvcLL/rAgt4IirjAxj8N1+Qj4XTTnMrRNuDDyjBfBxsmeqdwIwfqnxJZKZeiFugMFFyOoBV9yyn7sUcboFdk1yFH42MbWmCW4iXdDnjBriYXsB906juyFIK18FJX6qdlWrCNCjmrHk8H6zjVJwRVITi2XVqoBa2AoUOFbYQqsl1vNhBtYbZSA7a6RUl8GKqRkCqv2v/6PBc1mAxZdWyAX2q9tSh/KuyQpfmsbbsioOOQkuHLPlqnPSXbSm8ZzO1yEBbaZUKOCJpWuga4HunM0=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000003, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Tue, Nov 12, 2024 at 8:54=E2=80=AFPM Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> On Tue, 12 Nov 2024 at 09:56, Josef Bacik <josef@toxicpanda.com> wrote:
> >
> > +       /*
> > +        * This permission hook is different than fsnotify_open_perm() =
hook.
> > +        * This is a pre-content hook that is called without sb_writers=
 held
> > +        * and after the file was truncated.
> > +        */
> > +       return fsnotify_file_area_perm(file, MAY_OPEN, &file->f_pos, 0)=
;
> >  }
>
> I still object to this all.
>
> You can't say "permission denied" after you've already truncated the
> file. It's not a sane model. I complained about that earlier, it seems
> that complaint was missed in the other complaints.
>

Not missed.
I answered here:
https://lore.kernel.org/linux-fsdevel/CAOQ4uxg0k4bGz6zOKS+Qt5BjEqDdUhvgG+5p=
LBPqSCcnQdffig@mail.gmail.com/
Starting with "...I understand why it seems stupid..."

Nevertheless, we can also drop this patch for now,
I don't think the post-open is a must-have hook for HSM.

> Also, this whole "This permission hook is different than
> fsnotify_open_perm() hook" statement is purely because
> fsnotify_open_perm() itself was broken and called from the wrong place
> as mentioned in the other email.
>

You wrote it should be called "in the open path" - that is ambiguous.
pre-content hook must be called without sb_writers held, so current
(in linux-next) location of fsnotify_open_perm() is not good in case of
O_CREATE flag, so I am not sure where a good location is.
Easier is to drop this patch.

> Fix *THAT* first, then unify the two places that should *not* be
> different into one single "this is the fsnotify_open" code. And that
> place explicitly sets that FMODE_NOTIFY_PERM bit, and makes sure that
> it does *not* set it for FMODE_NONOTIFY or FMODE_PATH cases.
>
> And then please work on making sure that that isn't called unless
> actually required.
>
> The actual real "pre-content permission events" should then ONLY test
> the FMODE_NOTIFY_PERM bit. Nothing else. None of this "re-use the
> existing fsnotify_file() logic" stuff. Noe extra tests, no extra
> logic.
>
> Don't make me jump through filve layers of inline functions that all
> test different 'mask' bits, just to verify that the open / read /
> write paths don't do something stupid.
>
> IOW, make it straightforward and obvious what you are doing, and make
> it very clear that you're not pointlessly testing things like
> FMODE_NONOTIFY when the *ONLY* thing that should be tested is whether
> FMODE_NOTIFY_PERM is set.
>
> Please.

Yes. Clear.

Thanks for taking the time to look closer.
and thanks for the feedback,
Amir.