[v2,6/9] fanotify: enable FAN_REPORT_FID init flag

Message ID	20181115184544.30681-7-amir73il@gmail.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-fsdevel-owner@kernel.org> From: Amir Goldstein <amir73il@gmail.com> To: Jan Kara <jack@suse.cz> Cc: Matthew Bobrowski <mbobrowski@mbobrowski.org>, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org Subject: [PATCH v2 6/9] fanotify: enable FAN_REPORT_FID init flag Date: Thu, 15 Nov 2018 20:45:41 +0200 Message-Id: <20181115184544.30681-7-amir73il@gmail.com> In-Reply-To: <20181115184544.30681-1-amir73il@gmail.com> References: <20181115184544.30681-1-amir73il@gmail.com> Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk
Series	fanotify: add support for more event types \| expand [v2,0/9] fanotify: add support for more event types [v2,1/9] fanotify: rename struct fanotify_{,perm_}event_info [v2,2/9] fanotify: define the structures to report a unique file identifier [v2,3/9] fanotify: classify events that hold a file identifier [v2,4/9] fanotify: encode file identifier for FAN_REPORT_FID [v2,5/9] fanotify: copy event fid info to user [v2,6/9] fanotify: enable FAN_REPORT_FID init flag [v2,7/9] fanotify: support events with data type FSNOTIFY_EVENT_DENTRY [v2,8/9] fanotify: add support for create/attrib/move/delete events [v2,9/9] fanotify: report FAN_ONDIR to listener for filename events

Message ID

20181115184544.30681-7-amir73il@gmail.com (mailing list archive)

State

New, archived

Headers

From: Amir Goldstein <amir73il@gmail.com>
To: Jan Kara <jack@suse.cz>
Cc: Matthew Bobrowski <mbobrowski@mbobrowski.org>,
        linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org
Subject: [PATCH v2 6/9] fanotify: enable FAN_REPORT_FID init flag
Date: Thu, 15 Nov 2018 20:45:41 +0200
Message-Id: <20181115184544.30681-7-amir73il@gmail.com>
In-Reply-To: <20181115184544.30681-1-amir73il@gmail.com>
References: <20181115184544.30681-1-amir73il@gmail.com>
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk

Series

fanotify: add support for more event types | expand

Commit Message

Amir Goldstein Nov. 15, 2018, 6:45 p.m. UTC

When setting up an fanotify listener, user may request to get fid
information in event instead of an open file descriptor.

The fid obtained with event on a watched object contains the file
handle returned by name_to_handle_at(2) and fsid returned by statfs(2).
Both name_to_handle_at(2) and statfs(2) are allowed for unprivileged
users that have access to a given path, so we also allow an unprivileged
listener to get fid information, because with unprivileged listener,
users can only set marks on inode objects they have read access to.

When setting a mark, we need to make sure that the filesystem
supports file handles, so user can use name_to_handle_at(2) to compare
fid returned with event to the file handle of watched objects.

Cc: <linux-api@vger.kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
---
 fs/notify/fanotify/fanotify_user.c | 17 ++++++++++++++++-
 include/linux/fanotify.h           |  2 +-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index 7e38d7a1854b..8ded9b5c0e76 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -17,6 +17,7 @@ 
 #include <linux/compat.h>
 #include <linux/sched/signal.h>
 #include <linux/memcontrol.h>
+#include <linux/exportfs.h>
 
 #include <asm/ioctls.h>
 
@@ -942,6 +943,19 @@  static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask,
 	if (ret)
 		goto fput_and_out;
 
+	/*
+	 * We need to make sure whether the file system supports at least
+	 * encoding a file handle so user can use name_to_handle_at() to
+	 * compare fid returned with event to the file handle of watched
+	 * objects. However, name_to_handle_at() requires that filesystem
+	 * supports decoding file handles as well.
+	 */
+	ret = -EOPNOTSUPP;
+	if (FAN_GROUP_FLAG(group, FAN_REPORT_FID) &&
+	    (!path.dentry->d_sb->s_export_op ||
+	     !path.dentry->d_sb->s_export_op->fh_to_dentry))
+		goto path_put_and_out;
+
 	/* inode held in place by reference to path; group by fget on fd */
 	if (mark_type == FAN_MARK_INODE)
 		inode = path.dentry->d_inode;
@@ -970,6 +984,7 @@  static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask,
 		ret = -EINVAL;
 	}
 
+path_put_and_out:
 	path_put(&path);
 fput_and_out:
 	fdput(f);
@@ -1006,7 +1021,7 @@  COMPAT_SYSCALL_DEFINE6(fanotify_mark,
  */
 static int __init fanotify_user_setup(void)
 {
-	BUILD_BUG_ON(HWEIGHT32(FANOTIFY_INIT_FLAGS) != 7);
+	BUILD_BUG_ON(HWEIGHT32(FANOTIFY_INIT_FLAGS) != 8);
 	BUILD_BUG_ON(HWEIGHT32(FANOTIFY_MARK_FLAGS) != 9);
 
 	fanotify_mark_cache = KMEM_CACHE(fsnotify_mark,
diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
index 9e2142795335..f59be967f72b 100644
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -19,7 +19,7 @@ 
 				 FAN_CLASS_PRE_CONTENT)
 
 #define FANOTIFY_INIT_FLAGS	(FANOTIFY_CLASS_BITS | \
-				 FAN_REPORT_TID | \
+				 FAN_REPORT_TID | FAN_REPORT_FID | \
 				 FAN_CLOEXEC | FAN_NONBLOCK | \
 				 FAN_UNLIMITED_QUEUE | FAN_UNLIMITED_MARKS)

[v2,6/9] fanotify: enable FAN_REPORT_FID init flag

Commit Message

Patch