From patchwork Thu Nov  8 03:07:14 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Matthew Bobrowski <mbobrowski@mbobrowski.org>
X-Patchwork-Id: 10673405
Return-Path: <linux-fsdevel-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 30496109C
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
 Thu,  8 Nov 2018 03:07:24 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1DD4C2D702
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
 Thu,  8 Nov 2018 03:07:24 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 120D12D705; Thu,  8 Nov 2018 03:07:24 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 805972D702
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
 Thu,  8 Nov 2018 03:07:23 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728679AbeKHMkl (ORCPT
        <rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
        Thu, 8 Nov 2018 07:40:41 -0500
Received: from mail-pf1-f196.google.com ([209.85.210.196]:43023 "EHLO
        mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728667AbeKHMkk (ORCPT
        <rfc822;linux-fsdevel@vger.kernel.org>);
        Thu, 8 Nov 2018 07:40:40 -0500
Received: by mail-pf1-f196.google.com with SMTP id g7-v6so6367208pfo.10
        for <linux-fsdevel@vger.kernel.org>;
 Wed, 07 Nov 2018 19:07:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=mbobrowski-org.20150623.gappssmtp.com; s=20150623;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=JhO6nDP7m+lfNYl1f8cMBuzdDVmaGispjDDlGhFI+Kc=;
        b=1Dbwz2WZy3YvFaVEmx6Hd45pVvHtHyKlu/m3OqMBYUHOmwVsgehuzEvgklg106lFSD
         s1qnT6eACgLs6EAWSCmVu2GD0M7c2HHZ4+onAcPNnwNtQjBkvY8/G3c9Bf+1coHmRWiv
         LVG4pS//Xwia6y8kuflYTwAR3LNh99LROSMDNxP4pG4J0oo1lBfddlbo3kh0Q4960uK9
         J87TDZrMxxn2fmQlp8ikSzEbXWqF8GLVD8Y5Lk188ciRUfQHXgcZfGQQ24gliU/Af/vh
         MLs55vFauEyfzebqMxm2ZxHwVm3wj/XblMgQ3K111c1WVxDhupQhMlf+xwbZ2OX8LY3M
         F//w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=JhO6nDP7m+lfNYl1f8cMBuzdDVmaGispjDDlGhFI+Kc=;
        b=d2BzSI9B95/FMtc0xFSnu5MaDpuMzVCNs0icDJFEhXT1gyAsDsg5gVa45tcdkHvDCe
         ul6BPVDvtyD8DmnCXa6kV3jIwatDPTGaTZws40SZXIcvQatZYeP58YSub+Fp5vt97FAD
         AGr1480pRJSZVLpcooK8J/S+0EtpobU/7UEqYpFVgjk5mTyR1O2Ex+85DS881s+H9ijN
         2pibnMXjkk4/bXUwh9o3DG37h1SrJ0npN2HlVBy4Cpc2968rsezI2YnWc1ymQSjTKVUJ
         pjHdcJ79DlXEYtasoUg9dQse3O0B27wVng5/7pL/PvF1JKt4ekLPfUmU7fgcnSWIfQ9D
         +n3g==
X-Gm-Message-State: AGRZ1gJ+p8ysndepMLNKRRdJvQhJmqqvwY/jiKR8t2mywSMs0aU50hAJ
        7cIZrCZ8cT2p9gLrQLCgf1GJgWvZ7GMJ
X-Google-Smtp-Source: 
 AJdET5dndHHsSbp+jLG+uv+KkQwOrhDASNgeNrCj/pfqBbhCz1j/NwGEY2EzOsnjLr/NWu19zMrvjQ==
X-Received: by 2002:a63:205:: with SMTP id 5mr2413510pgc.327.1541646441276;
        Wed, 07 Nov 2018 19:07:21 -0800 (PST)
Received: from lithium.mbobrowski.org ([103.230.158.220])
        by smtp.gmail.com with ESMTPSA id
 72-v6sm2418240pfl.126.2018.11.07.19.07.18
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 07 Nov 2018 19:07:20 -0800 (PST)
Date: Thu, 8 Nov 2018 14:07:14 +1100
From: Matthew Bobrowski <mbobrowski@mbobrowski.org>
To: jack@suse.cz
Cc: amir73il@gmail.com, linux-api@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, sgrubb@redhat.com
Subject: [PATCH v7 2/4] fanotify: introduce new event mask FAN_OPEN_EXEC
Message-ID: 
 <05d2297ae76d5b7b00cc1d6af27b25e898e986c0.1541639254.git.mbobrowski@mbobrowski.org>
References: <cover.1541639254.git.mbobrowski@mbobrowski.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <cover.1541639254.git.mbobrowski@mbobrowski.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

A new event mask FAN_OPEN_EXEC has been defined so that users have the
ability to receive events specifically when a file has been opened with
the intent to be executed. Events of FAN_OPEN_EXEC type will be
generated when a file has been opened using either execve(), execveat()
or uselib() system calls.

The feature is implemented within fsnotify_open() by generating the
FAN_OPEN_EXEC event type if __FMODE_EXEC is set within file->f_flags.

Signed-off-by: Matthew Bobrowski <mbobrowski@mbobrowski.org>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
---
 fs/notify/fanotify/fanotify.c    | 3 ++-
 fs/notify/fsnotify.c             | 2 +-
 include/linux/fanotify.h         | 2 +-
 include/linux/fsnotify.h         | 2 ++
 include/linux/fsnotify_backend.h | 7 +++++--
 include/uapi/linux/fanotify.h    | 1 +
 6 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index 0a09950317dd..e30f3a1d9699 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c
@@ -209,8 +209,9 @@ static int fanotify_handle_event(struct fsnotify_group *group,
 	BUILD_BUG_ON(FAN_OPEN_PERM != FS_OPEN_PERM);
 	BUILD_BUG_ON(FAN_ACCESS_PERM != FS_ACCESS_PERM);
 	BUILD_BUG_ON(FAN_ONDIR != FS_ISDIR);
+	BUILD_BUG_ON(FAN_OPEN_EXEC != FS_OPEN_EXEC);
 
-	BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 10);
+	BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 11);
 
 	mask = fanotify_group_event_mask(iter_info, mask, data, data_type);
 	if (!mask)
diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c
index d2c34900ae05..b3f58f36a0ab 100644
--- a/fs/notify/fsnotify.c
+++ b/fs/notify/fsnotify.c
@@ -401,7 +401,7 @@ static __init int fsnotify_init(void)
 {
 	int ret;
 
-	BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 23);
+	BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 24);
 
 	ret = init_srcu_struct(&fsnotify_mark_srcu);
 	if (ret)
diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
index a5a60691e48b..c521e4264f2b 100644
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -37,7 +37,7 @@
 
 /* Events that user can request to be notified on */
 #define FANOTIFY_EVENTS		(FAN_ACCESS | FAN_MODIFY | \
-				 FAN_CLOSE | FAN_OPEN)
+				 FAN_CLOSE | FAN_OPEN | FAN_OPEN_EXEC)
 
 /* Events that require a permission response from user */
 #define FANOTIFY_PERM_EVENTS	(FAN_OPEN_PERM | FAN_ACCESS_PERM)
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h
index fd1ce10553bf..1fe5ac93b252 100644
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@ -215,6 +215,8 @@ static inline void fsnotify_open(struct file *file)
 
 	if (S_ISDIR(inode->i_mode))
 		mask |= FS_ISDIR;
+	if (file->f_flags & __FMODE_EXEC)
+		mask |= FS_OPEN_EXEC;
 
 	fsnotify_parent(path, NULL, mask);
 	fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0);
diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h
index 135b973e44d1..39d94e62a836 100644
--- a/include/linux/fsnotify_backend.h
+++ b/include/linux/fsnotify_backend.h
@@ -38,6 +38,7 @@
 #define FS_DELETE		0x00000200	/* Subfile was deleted */
 #define FS_DELETE_SELF		0x00000400	/* Self was deleted */
 #define FS_MOVE_SELF		0x00000800	/* Self was moved */
+#define FS_OPEN_EXEC		0x00001000	/* File was opened for exec */
 
 #define FS_UNMOUNT		0x00002000	/* inode on umount fs */
 #define FS_Q_OVERFLOW		0x00004000	/* Event queued overflowed */
@@ -62,7 +63,8 @@
 #define FS_EVENTS_POSS_ON_CHILD   (FS_ACCESS | FS_MODIFY | FS_ATTRIB |\
 				   FS_CLOSE_WRITE | FS_CLOSE_NOWRITE | FS_OPEN |\
 				   FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE |\
-				   FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM)
+				   FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM | \
+				   FS_OPEN_EXEC)
 
 #define FS_MOVE			(FS_MOVED_FROM | FS_MOVED_TO)
 
@@ -74,7 +76,8 @@
 			     FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE | \
 			     FS_DELETE | FS_DELETE_SELF | FS_MOVE_SELF | \
 			     FS_UNMOUNT | FS_Q_OVERFLOW | FS_IN_IGNORED | \
-			     FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME)
+			     FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME | \
+			     FS_OPEN_EXEC)
 
 /* Extra flags that may be reported with event or control handling of events */
 #define ALL_FSNOTIFY_FLAGS  (FS_EXCL_UNLINK | FS_ISDIR | FS_IN_ONESHOT | \
diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h
index b86740d1c50a..d9664fbc905b 100644
--- a/include/uapi/linux/fanotify.h
+++ b/include/uapi/linux/fanotify.h
@@ -10,6 +10,7 @@
 #define FAN_CLOSE_WRITE		0x00000008	/* Writtable file closed */
 #define FAN_CLOSE_NOWRITE	0x00000010	/* Unwrittable file closed */
 #define FAN_OPEN		0x00000020	/* File was opened */
+#define FAN_OPEN_EXEC		0x00001000	/* File was opened for exec */
 
 #define FAN_Q_OVERFLOW		0x00004000	/* Event queued overflowed */