| Message ID | 20200722125849.17418-4-amir73il@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Fixes for fanotify name events | expand |
On Wed 22-07-20 15:58:43, Amir Goldstein wrote: > The audit groups marks mask does not contain any events possible on > child,so setting the flag FS_EVENT_ON_CHILD in the mask is counter > productive. > > It may lead to the undesired outcome of setting the dentry flag > DCACHE_FSNOTIFY_PARENT_WATCHED on a directory inode even though it is > not watching children, because the audit mark contribute the flag > FS_EVENT_ON_CHILD to the inode's fsnotify_mask and another mark could > be contributing an event that is possible on child to the inode's mask. > > Signed-off-by: Amir Goldstein <amir73il@gmail.com> The same as for patch 2/9... Honza > --- > kernel/audit_fsnotify.c | 2 +- > kernel/audit_watch.c | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/kernel/audit_fsnotify.c b/kernel/audit_fsnotify.c > index 30ca239285a3..bd3a6b79316a 100644 > --- a/kernel/audit_fsnotify.c > +++ b/kernel/audit_fsnotify.c > @@ -36,7 +36,7 @@ static struct fsnotify_group *audit_fsnotify_group; > > /* fsnotify events we care about. */ > #define AUDIT_FS_EVENTS (FS_MOVE | FS_CREATE | FS_DELETE | FS_DELETE_SELF |\ > - FS_MOVE_SELF | FS_EVENT_ON_CHILD) > + FS_MOVE_SELF) > > static void audit_fsnotify_mark_free(struct audit_fsnotify_mark *audit_mark) > { > diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c > index 61fd601f1edf..e23d54bcc587 100644 > --- a/kernel/audit_watch.c > +++ b/kernel/audit_watch.c > @@ -53,7 +53,7 @@ static struct fsnotify_group *audit_watch_group; > > /* fsnotify events we care about. */ > #define AUDIT_FS_WATCH (FS_MOVE | FS_CREATE | FS_DELETE | FS_DELETE_SELF |\ > - FS_MOVE_SELF | FS_EVENT_ON_CHILD | FS_UNMOUNT) > + FS_MOVE_SELF | FS_UNMOUNT) > > static void audit_free_parent(struct audit_parent *parent) > { > -- > 2.17.1 >
diff --git a/kernel/audit_fsnotify.c b/kernel/audit_fsnotify.c index 30ca239285a3..bd3a6b79316a 100644 --- a/kernel/audit_fsnotify.c +++ b/kernel/audit_fsnotify.c @@ -36,7 +36,7 @@ static struct fsnotify_group *audit_fsnotify_group; /* fsnotify events we care about. */ #define AUDIT_FS_EVENTS (FS_MOVE | FS_CREATE | FS_DELETE | FS_DELETE_SELF |\ - FS_MOVE_SELF | FS_EVENT_ON_CHILD) + FS_MOVE_SELF) static void audit_fsnotify_mark_free(struct audit_fsnotify_mark *audit_mark) { diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c index 61fd601f1edf..e23d54bcc587 100644 --- a/kernel/audit_watch.c +++ b/kernel/audit_watch.c @@ -53,7 +53,7 @@ static struct fsnotify_group *audit_watch_group; /* fsnotify events we care about. */ #define AUDIT_FS_WATCH (FS_MOVE | FS_CREATE | FS_DELETE | FS_DELETE_SELF |\ - FS_MOVE_SELF | FS_EVENT_ON_CHILD | FS_UNMOUNT) + FS_MOVE_SELF | FS_UNMOUNT) static void audit_free_parent(struct audit_parent *parent) {
The audit groups marks mask does not contain any events possible on child,so setting the flag FS_EVENT_ON_CHILD in the mask is counter productive. It may lead to the undesired outcome of setting the dentry flag DCACHE_FSNOTIFY_PARENT_WATCHED on a directory inode even though it is not watching children, because the audit mark contribute the flag FS_EVENT_ON_CHILD to the inode's fsnotify_mask and another mark could be contributing an event that is possible on child to the inode's mask. Signed-off-by: Amir Goldstein <amir73il@gmail.com> --- kernel/audit_fsnotify.c | 2 +- kernel/audit_watch.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)