From patchwork Wed Nov 7 11:16:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10672193 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BCC2B15E9 for ; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A9F112AC94 for ; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9D8FB2AC97; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 26A5C2AC94 for ; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726660AbeKGUqu (ORCPT ); Wed, 7 Nov 2018 15:46:50 -0500 Received: from mail-pl1-f194.google.com ([209.85.214.194]:41246 "EHLO mail-pl1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726248AbeKGUqt (ORCPT ); Wed, 7 Nov 2018 15:46:49 -0500 Received: by mail-pl1-f194.google.com with SMTP id p16-v6so7738071plr.8 for ; Wed, 07 Nov 2018 03:16:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=N/s5x49GP+MYQYSkplo/ifLb5L5w7ZbBVZ1oqb/zBVw=; b=ue5OAVwWnyLZ2ol1xk92BnmIxl0pxAME32NYEbApMv8V7K9FLlUxrir6ora4aiq47r x4XV7+6lTgvYbpAte8UoWBq/fHNOQr0hnm7d8M3bCkuuHMQIWSrIHnugHarfjwe86vgx yoWyA3t9FFM51Ji6UNdbOfBzKyeqOjsoKBL4o+qv6K72bD4feOsOadUCNlrrFS4V6iQA PZZr2kJfy2Jp4AjLuVQjQFbsT8BV8ivEcIvpGfZSLMjhgkuPd/7XwY4R6Z3ijYO7HBii x+3vPQUs82Q3RP8CS4ZZhdL6urO0lP+CTiZhHrI4tO7SOZTITpWYEclvMgPdevzW1ZvV BurA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=N/s5x49GP+MYQYSkplo/ifLb5L5w7ZbBVZ1oqb/zBVw=; b=QCJtejkn/44ewxXaAhooPrsIGmSQz7qAy4l+w/dA/Pw5PPD6+VrtnwEVwLW0QnSIrG U7+4HQW4wXHYHWIKd3sJPTbvFLltNUez66id59ZhfgugHg0Hkl4if7RG92R5yWmsUNB1 5NFaPGa1/sXUaPRU87GzkJpHCEEiHMT9Wiye92jw9LRPBT802FN544gfVXV6ZxXm7pkr mwVoOGXNcGCj0ohG+WtKvXRsKLaMPuwhckipzaIqbK1/pHklAxRhf42l8wBR9+Mzymin VZ+oNYwkxPyyN2yXP7dnZcevt6hbb6EaVvgfLfEULJmp9bC3ouDPHqYMqjlZuFBKoj/2 Cs/Q== X-Gm-Message-State: AGRZ1gKuIgEItVa/lTeSbmMVkfwOPk1IM5W9BSGC6wehs28+5mXZk+UD ZyN060PENpvws5fagphdfaXp X-Google-Smtp-Source: AJdET5cT0UWlBELc4yZ01USPpQSK4HWGt2pYhjV9GOv5My0TIEDJc3m+ni09dVLg1gyL/N5nx7ImnQ== X-Received: by 2002:a17:902:4d45:: with SMTP id o5-v6mr1474445plh.335.1541589414260; Wed, 07 Nov 2018 03:16:54 -0800 (PST) Received: from workstation.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id t64-v6sm401283pfd.127.2018.11.07.03.16.51 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 07 Nov 2018 03:16:53 -0800 (PST) Date: Wed, 7 Nov 2018 22:16:48 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v6 1/4] fanotify: return only user requested event types in event mask Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Modify fanotify_should_send_event() so that it now returns a mask for an event that contains ONLY flags for the event types that have been specifically requested by the user. Flags that may have been included within the event mask, but have not been explicitly requested by the user will not be present in the returned value. As an example, given the situation where a user requests events of type FAN_OPEN. Traditionally, the event mask returned within an event that occurred on a filesystem object that has been marked for monitoring and is opened, will only ever have the FAN_OPEN bit set. With the introduction of the new flags like FAN_OPEN_EXEC, and perhaps any other future event flags, there is a possibility of the returned event mask containing more than a single bit set, despite having only requested the single event type. Prior to these modifications performed to fanotify_should_send_event(), a user would have received a bundled event mask containing flags FAN_OPEN and FAN_OPEN_EXEC in the instance that a file was opened for execution via execve(), for example. This means that a user would receive event types in the returned event mask that have not been requested. This runs the possibility of breaking existing systems and causing other unforeseen issues. To mitigate this possibility, fanotify_should_send_event() has been modified to return the event mask containing ONLY event types explicitly requested by the user. This means that we will NOT report events that the user did no set a mask for, and we will NOT report events that the user has set an ignore mask for. The function name fanotify_should_send_event() has also been updated so that it's more relevant to what it has been designed to do. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index e08a6647267b..0a09950317dd 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -89,7 +89,13 @@ static int fanotify_get_response(struct fsnotify_group *group, return ret; } -static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, +/* + * This function returns a mask for an event that only contains the flags + * that have been specifically requested by the user. Flags that may have + * been included within the event mask, but have not been explicitly + * requested by the user, will not be present in the returned mask. + */ +static u32 fanotify_group_event_mask(struct fsnotify_iter_info *iter_info, u32 event_mask, const void *data, int data_type) { @@ -101,14 +107,14 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, pr_debug("%s: report_mask=%x mask=%x data=%p data_type=%d\n", __func__, iter_info->report_mask, event_mask, data, data_type); - /* if we don't have enough info to send an event to userspace say no */ + /* If we don't have enough info to send an event to userspace say no */ if (data_type != FSNOTIFY_EVENT_PATH) - return false; + return 0; - /* sorry, fanotify only gives a damn about files and dirs */ + /* Sorry, fanotify only gives a damn about files and dirs */ if (!d_is_reg(path->dentry) && !d_can_lookup(path->dentry)) - return false; + return 0; fsnotify_foreach_obj_type(type) { if (!fsnotify_iter_should_report_type(iter_info, type)) @@ -131,11 +137,7 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, !(marks_mask & FS_ISDIR & ~marks_ignored_mask)) return false; - if (event_mask & FANOTIFY_OUTGOING_EVENTS & - marks_mask & ~marks_ignored_mask) - return true; - - return false; + return event_mask & FANOTIFY_OUTGOING_EVENTS & marks_mask; } struct fanotify_event_info *fanotify_alloc_event(struct fsnotify_group *group, @@ -210,7 +212,8 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 10); - if (!fanotify_should_send_event(iter_info, mask, data, data_type)) + mask = fanotify_group_event_mask(iter_info, mask, data, data_type); + if (!mask) return 0; pr_debug("%s: group=%p inode=%p mask=%x\n", __func__, group, inode,