From patchwork Wed Oct 17 09:05:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10645133 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 44BAF109C for ; Wed, 17 Oct 2018 09:05:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 35D0D2AC39 for ; Wed, 17 Oct 2018 09:05:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 297642AC49; Wed, 17 Oct 2018 09:05:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 972D52AC40 for ; Wed, 17 Oct 2018 09:05:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727101AbeJQQ7y (ORCPT ); Wed, 17 Oct 2018 12:59:54 -0400 Received: from mail-pf1-f195.google.com ([209.85.210.195]:37883 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726904AbeJQQ7w (ORCPT ); Wed, 17 Oct 2018 12:59:52 -0400 Received: by mail-pf1-f195.google.com with SMTP id j23-v6so12874169pfi.4 for ; Wed, 17 Oct 2018 02:05:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=qk8HdiWtwGqOR2cu9Tf6CeFbItr0CkKtYQo+mNqz+1g=; b=IW7g9QKJ9t7mSdvKBsEJqcwuv9kteJqatlk0AF/lnB/kJgjmEZZJRVrjWBQEtNkpIg xcUbMKFgdlRsTKIbFD7W7yDqtgdL1JHRWowc3juz824SZB1Sl2oPA4mNyDboQtrKPwoQ psDvMvsFPJjG+fKsiJBBsobu8AAqqr+c/hyGKX/+ypCvh8gA2oMH1jvY9ZKup2Q2/o+c pHdumpkRQeu4A5a/H3dhT+A+tBta6TUgw12O5Aopl/fr7RRrri7ZtLGXmwh2AvHaNGMq Q3BAlrubqREZnyvZv6PoMynoIAK6Y3ln/kgGlgboRzNfy4lOWmC5u4URjX5lBYZsDZ+D TCCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=qk8HdiWtwGqOR2cu9Tf6CeFbItr0CkKtYQo+mNqz+1g=; b=nKzQzClUPEDXfDkrtYS7tfUAdgtBWOQMIIwO4w0zgkxtAziKDJg4mvEg+CleR07shG 4AhSYPuiRWdJIGDq90KK1fXarA5GJg9DES+649C6p/JO7fNKwicpFERgqttbOuEMAwiL ejvc9pgmCKtGhp9N2sw5j+rBfaTamCJZEF1O560HztWZc9OlnAVKPEoRoNm54p4wVcua psTCnGdLP1k0dKnRt3TKkx5nL99JJMVwOFRvfhSXhTS5c2J2Wjsj5STxYFSsRj9gvZMj d1GLat/yjUOkwAKChpJbS1lqBWT6gu7YUOnFwnkslI0FwP3MFZ8BoAzh8CTntKySaZAf VGzg== X-Gm-Message-State: ABuFfoiDMMnZGfnBLgXN5tKPrz2By57Tga0q3BhcVBX+ZwYvUVIWYAED VfPHlee3Xpgw7l122tZvx88n X-Google-Smtp-Source: ACcGV61xuJV35ergEvvz5E1QG8skDqC46fMDH/V67oZ/6IHL0QyWtbB2SypVL+3kUWqoHc8XjfhaPQ== X-Received: by 2002:a63:f409:: with SMTP id g9-v6mr22309690pgi.369.1539767108342; Wed, 17 Oct 2018 02:05:08 -0700 (PDT) Received: from development.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id r18-v6sm17728995pgv.17.2018.10.17.02.05.05 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 17 Oct 2018 02:05:07 -0700 (PDT) Date: Wed, 17 Oct 2018 20:05:02 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v5 1/3] fanotify: introduce new event type FAN_OPEN_EXEC Message-ID: <8a0286bdaa409656fe3dd5e45b79cae62ba49ac6.1539758834.git.mbobrowski@mbobrowski.org> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP A new event type FAN_OPEN_EXEC has been defined so that users have the ability to receive events specifically when a file has been opened with the intent to be executed. Events of FAN_OPEN_EXEC type will be generated when a file has been opened by using either execve(), execveat() or uselib() system calls. The feature is implemented within fsnotify_open() by generating the FAN_OPEN_EXEC event type if __FMODE_EXEC is set within file->f_flags. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fsnotify.c | 2 +- include/linux/fanotify.h | 2 +- include/linux/fsnotify.h | 2 ++ include/linux/fsnotify_backend.h | 7 +++++-- include/uapi/linux/fanotify.h | 1 + 6 files changed, 12 insertions(+), 5 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 2c57186caa2e..b3e92302ed84 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -207,8 +207,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(FAN_OPEN_PERM != FS_OPEN_PERM); BUILD_BUG_ON(FAN_ACCESS_PERM != FS_ACCESS_PERM); BUILD_BUG_ON(FAN_ONDIR != FS_ISDIR); + BUILD_BUG_ON(FAN_OPEN_EXEC != FS_OPEN_EXEC); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 10); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 11); if (!fanotify_should_send_event(iter_info, mask, data, data_type)) return 0; diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index a0ad06285450..051e5fc0dba1 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -402,7 +402,7 @@ static __init int fsnotify_init(void) { int ret; - BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 23); + BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 24); ret = init_srcu_struct(&fsnotify_mark_srcu); if (ret) diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index 05b696b4856b..0e07d23b6c17 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -39,7 +39,7 @@ /* Events that user can request to be notified on */ #define FANOTIFY_EVENTS (FAN_ACCESS | FAN_MODIFY | \ - FAN_CLOSE | FAN_OPEN) + FAN_CLOSE | FAN_OPEN | FAN_OPEN_EXEC) /* Events that require a permission response from user */ #define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index fd1ce10553bf..1fe5ac93b252 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -215,6 +215,8 @@ static inline void fsnotify_open(struct file *file) if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; + if (file->f_flags & __FMODE_EXEC) + mask |= FS_OPEN_EXEC; fsnotify_parent(path, NULL, mask); fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 135b973e44d1..329ac6684326 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -38,6 +38,7 @@ #define FS_DELETE 0x00000200 /* Subfile was deleted */ #define FS_DELETE_SELF 0x00000400 /* Self was deleted */ #define FS_MOVE_SELF 0x00000800 /* Self was moved */ +#define FS_OPEN_EXEC 0x00001000 /* File was opened for exec */ #define FS_UNMOUNT 0x00002000 /* inode on umount fs */ #define FS_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ @@ -62,7 +63,8 @@ #define FS_EVENTS_POSS_ON_CHILD (FS_ACCESS | FS_MODIFY | FS_ATTRIB |\ FS_CLOSE_WRITE | FS_CLOSE_NOWRITE | FS_OPEN |\ FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE |\ - FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM) + FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM |\ + FS_OPEN_EXEC) #define FS_MOVE (FS_MOVED_FROM | FS_MOVED_TO) @@ -74,7 +76,8 @@ FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE | \ FS_DELETE | FS_DELETE_SELF | FS_MOVE_SELF | \ FS_UNMOUNT | FS_Q_OVERFLOW | FS_IN_IGNORED | \ - FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME) + FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME |\ + FS_OPEN_EXEC) /* Extra flags that may be reported with event or control handling of events */ #define ALL_FSNOTIFY_FLAGS (FS_EXCL_UNLINK | FS_ISDIR | FS_IN_ONESHOT | \ diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 00b2304ed124..da278f11ab29 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -10,6 +10,7 @@ #define FAN_CLOSE_WRITE 0x00000008 /* Writtable file closed */ #define FAN_CLOSE_NOWRITE 0x00000010 /* Unwrittable file closed */ #define FAN_OPEN 0x00000020 /* File was opened */ +#define FAN_OPEN_EXEC 0x00001000 /* File was opened for exec */ #define FAN_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ From patchwork Wed Oct 17 09:05:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10645141 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9CB75109C for ; Wed, 17 Oct 2018 09:05:31 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8A4C12AB61 for ; Wed, 17 Oct 2018 09:05:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7B20A2AC39; Wed, 17 Oct 2018 09:05:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B549A2ABC4 for ; Wed, 17 Oct 2018 09:05:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727257AbeJQRAN (ORCPT ); Wed, 17 Oct 2018 13:00:13 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:41769 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727040AbeJQRAN (ORCPT ); Wed, 17 Oct 2018 13:00:13 -0400 Received: by mail-pg1-f194.google.com with SMTP id 23-v6so12216522pgc.8 for ; Wed, 17 Oct 2018 02:05:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=DPkyJTDeO5eRnpNSoP0zYPSk/syJlOe3qWZ8sKZjxfU=; b=v06o/Aea57LKNx9o2gpyUEwtaqQU099EkedLAFYYB9SGQCid9O7LVsQ25TP7AYUuze 1Y014wJT8LtLZN8w4zklvgqt75cZUvQv3CuqY0y3dtHjF+mNisA0eTgrtHwq3rSVzxKH iuY4/XbVtqoALwgW6FSH3CnpCwRM8cQTerYFgfiH3Sn5uXXNhFAdyKQyouJ/F42CKRID JTkayTLAi0XsYa8WpPJ2cBnyfLh3LCni7UPrvimTxOxMgAsxACWa2esdE1W2fpdO06D1 FD4OfROq+P2q0j6IG4dfKFY95CB2YSWDN2LoZauOQMmCmoOAunHA6mu0f1haBGUk8LAA Bbmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=DPkyJTDeO5eRnpNSoP0zYPSk/syJlOe3qWZ8sKZjxfU=; b=cWYnIL1UhhcR4Vzr7sgLgXNkWZQzqN6csN6KMqIOUPHXIpobztXa6hNkB9eU/okLJr 6ekt6kvxyqk+WqZrgaIGLr1eIt5XFcPGLnEl7+rqlk5kVISEFmW29JBruSWCGZo3GV3J i0X29AtWIJm1TA+tM/S+ozq2Dw6ZeEzYQ8raurjRd7A6RsD+2C49huQm5ADABhVHEXhm w/kCv76joKQ51eEU4NDZBdMKqWILtrWofW2xvlDg8yW7pLlvGVr7PgcHFkLMC3W21aZr CkvZ0qCQENiGpdUll5mcnIpJ8fnFpDYV0pE6BkYpp5iQQJYW334Zeq9vy5xiWs/fC3ia az3Q== X-Gm-Message-State: ABuFfohxIKSqDnOZkzVlKV4cjHAZz65r8UOQLHHFf7Ai4cxUQba1cDvc UI1m83jBa0910C1Cs48IOaW1 X-Google-Smtp-Source: ACcGV60ohpLs4qx1ILxSMSZiXRDhAZOkEZU43HRlfrM91YTQe3uQHLbz4DUShc0u6evIvFVv36SGIQ== X-Received: by 2002:a62:a50d:: with SMTP id v13-v6mr25492225pfm.18.1539767128611; Wed, 17 Oct 2018 02:05:28 -0700 (PDT) Received: from development.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id j25-v6sm19507407pff.116.2018.10.17.02.05.26 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 17 Oct 2018 02:05:28 -0700 (PDT) Date: Wed, 17 Oct 2018 20:05:22 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v5 2/3] fanotify: return only user requested event types in event mask Message-ID: <40d8b5664ea978a0afa85a0533053a2e2b263b0b.1539758834.git.mbobrowski@mbobrowski.org> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Modify fanotify_should_send_event() so that it now returns a mask for an event that contains ONLY flags for the event types that have been specifically requested by the user. Flags that may have been included within the event mask, but have not been explicitly requested by the user will not be present in the returned value. As an example, given the situation where a user requests events of type FAN_OPEN. Traditionally, the event mask returned within an event that occurred on a filesystem object that has been marked for monitoring and is opened, will only ever have the FAN_OPEN bit set. With the introduction of the new flags like FAN_OPEN_EXEC, and perhaps any other future event flags, there is a possibility of the returned event mask containing more than a single bit set, despite having only requested the single event type. Prior to these modifications performed to fanotify_should_send_event(), a user would have received a bundled event mask containing flags FAN_OPEN and FAN_OPEN_EXEC in the instance that a file was opened for execution via execve(), for example. This means that a user would receive event types in the returned event mask that have not been requested. This runs the possibility of breaking existing systems and causing other unforeseen issues. To mitigate this possibility, fanotify_should_send_event() has been modified to return the event mask containing ONLY event types explicitly requested by the user. This means that we will NOT report events that the user did no set a mask for, and we will NOT report events that the user has set an ignore mask for. The function name fanotify_should_send_event() has also been updated so that it's more relevant to what it has been designed to do. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index b3e92302ed84..8a49a0adab73 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -89,7 +89,13 @@ static int fanotify_get_response(struct fsnotify_group *group, return ret; } -static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, +/* + * This function returns a mask for an event that only contains the flags + * that have been specifically requested by the user. Flags that may have + * been included within the event mask, but have not been explicitly + * requested by the user, will not be present in the returned mask. + */ +static u32 fanotify_group_event_mask(struct fsnotify_iter_info *iter_info, u32 event_mask, const void *data, int data_type) { @@ -101,21 +107,21 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, pr_debug("%s: report_mask=%x mask=%x data=%p data_type=%d\n", __func__, iter_info->report_mask, event_mask, data, data_type); - /* if we don't have enough info to send an event to userspace say no */ + /* If we don't have enough info to send an event to userspace say no */ if (data_type != FSNOTIFY_EVENT_PATH) - return false; + return 0; - /* sorry, fanotify only gives a damn about files and dirs */ + /* Sorry, fanotify only gives a damn about files and dirs */ if (!d_is_reg(path->dentry) && !d_can_lookup(path->dentry)) - return false; + return 0; fsnotify_foreach_obj_type(type) { if (!fsnotify_iter_should_report_type(iter_info, type)) continue; mark = iter_info->marks[type]; /* - * if the event is for a child and this inode doesn't care about + * If the event is for a child and this inode doesn't care about * events on the child, don't send it! */ if (type == FSNOTIFY_OBJ_TYPE_INODE && @@ -129,13 +135,10 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, if (d_is_dir(path->dentry) && !(marks_mask & FS_ISDIR & ~marks_ignored_mask)) - return false; - - if (event_mask & FANOTIFY_OUTGOING_EVENTS & - marks_mask & ~marks_ignored_mask) - return true; + return 0; - return false; + return event_mask & FANOTIFY_OUTGOING_EVENTS & marks_mask & + ~marks_ignored_mask; } struct fanotify_event_info *fanotify_alloc_event(struct fsnotify_group *group, @@ -211,7 +214,8 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 11); - if (!fanotify_should_send_event(iter_info, mask, data, data_type)) + mask = fanotify_group_event_mask(iter_info, mask, data, data_type); + if (!mask) return 0; pr_debug("%s: group=%p inode=%p mask=%x\n", __func__, group, inode, From patchwork Wed Oct 17 09:05:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10645145 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0C94413A4 for ; Wed, 17 Oct 2018 09:05:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F2B9D2AC39 for ; Wed, 17 Oct 2018 09:05:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E6F8C2AC40; Wed, 17 Oct 2018 09:05:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5C8EA2AC39 for ; Wed, 17 Oct 2018 09:05:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727014AbeJQRA2 (ORCPT ); Wed, 17 Oct 2018 13:00:28 -0400 Received: from mail-pf1-f196.google.com ([209.85.210.196]:40728 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726958AbeJQRA1 (ORCPT ); Wed, 17 Oct 2018 13:00:27 -0400 Received: by mail-pf1-f196.google.com with SMTP id g21-v6so5876818pfi.7 for ; Wed, 17 Oct 2018 02:05:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=Yv9iNZKS/s/73gKapWoyCNbTMxhJPZ/KVEMMNxr7HCo=; b=aW1bVoBL5SPIJD0C2Pcsv7rTP9M814wJzv7TBRgF0JDCVDT7ap3a5nZMeXz40jSDqu ro2LPT0rM2mQTTPIECzdth7RVXM7pWN6NN1gYPoy/tzWrqMGdpERaQYGrT4ZZ5ckbU+1 5AAZ9fwgIerrlpcIBCNB+b8k1jeb7uAFNOFKMb3uTQig3bvVicStlNl3jT0NLcgc+Rut wIA09ogYxjv474XXcWwtIK2BcBRtguDn3IU9pq4vua62D8MsBPSAQmJi91bfyx1MrjzI o3MXGBGXTbHq59kxRq9utWenMlSnaz0DbjYkoCNOnnwq3jKMuRZY1TkkCIOXcaJKyZdC U6Ig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=Yv9iNZKS/s/73gKapWoyCNbTMxhJPZ/KVEMMNxr7HCo=; b=HX58Up3f3R1vnlnqTBMnuR2vAgIft9gGL+sR/+OInOo8S5gNs3kK9XvRo0eEn2qpQN yU0hYeIkrxd0iIWl7uV5KKN6lt7x0P/Dp7h3GWUUezr8y5jiikjjcjM7g9qN+JqMlg+4 saKHHmcn7QLH9N5aSJbX9hB2AJYSq4OQM0wsxmWoxVzTlYroJeyXN3Z4R/2URFMc/kGK auJSWNUJxdtzAGIWctPlKDhqYSuyRg7kiWwqLOJPTdDEzTJZC2LgHHZz89qACgiHBPRl YWf8IVhZWFpt75dubVk8V5Xq66hIltYBcD4M9qXPIb/4f0fixCoIbMmwltM+OX/Hv4Gf YZ3Q== X-Gm-Message-State: ABuFfojU9ZiOhpOlst3YH9WDGrtZ4TYbY/WR3yx5zvtdzm0bdIwPwUx2 h5LNN1+0GHQmEo+C0IxioDoJ X-Google-Smtp-Source: ACcGV620xVOxixJvYqUsLDQvc67vozhvXvWW61CTqlM0Yt0hwRdnCsptbVv1N4AAE3GSDspQ+3L2ZQ== X-Received: by 2002:a62:f909:: with SMTP id o9-v6mr25810441pfh.160.1539767143243; Wed, 17 Oct 2018 02:05:43 -0700 (PDT) Received: from development.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id z14-v6sm28569150pfi.4.2018.10.17.02.05.40 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 17 Oct 2018 02:05:42 -0700 (PDT) Date: Wed, 17 Oct 2018 20:05:37 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v5 3/3] fanotify: introduce new event type FAN_OPEN_EXEC_PERM Message-ID: <3cd20de9fcf1ffa3044b5e48d21a91f280094cf1.1539758834.git.mbobrowski@mbobrowski.org> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP A new event type FAN_OPEN_EXEC_PERM has been defined. This allows users to receive and grant access to files that are intending to be opened for execution. Events of FAN_OPEN_EXEC_PERM type will be generated when a file has been opened by using either execve(), execveat() or uselib() system calls. This acts in the same manor as previous permission event types, meaning that an access response is required from the application to permit further operations on the file. This feature is implemented within the fsnotify_perm() hook by setting FAN_OPEN_EXEC_PERM event type if __FMODE_EXEC is set within file->f_flags. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fsnotify.c | 2 +- include/linux/fanotify.h | 3 ++- include/linux/fsnotify.h | 10 ++++++---- include/linux/fsnotify_backend.h | 7 ++++--- include/uapi/linux/fanotify.h | 1 + 6 files changed, 16 insertions(+), 10 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 8a49a0adab73..a427daf8d117 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -211,8 +211,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(FAN_ACCESS_PERM != FS_ACCESS_PERM); BUILD_BUG_ON(FAN_ONDIR != FS_ISDIR); BUILD_BUG_ON(FAN_OPEN_EXEC != FS_OPEN_EXEC); + BUILD_BUG_ON(FAN_OPEN_EXEC_PERM != FS_OPEN_EXEC_PERM); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 11); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 12); mask = fanotify_group_event_mask(iter_info, mask, data, data_type); if (!mask) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index 051e5fc0dba1..40ed97aede29 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -402,7 +402,7 @@ static __init int fsnotify_init(void) { int ret; - BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 24); + BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 25); ret = init_srcu_struct(&fsnotify_mark_srcu); if (ret) diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index 0e07d23b6c17..614943153596 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -42,7 +42,8 @@ FAN_CLOSE | FAN_OPEN | FAN_OPEN_EXEC) /* Events that require a permission response from user */ -#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM) +#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM | \ + FAN_OPEN_EXEC_PERM) /* Extra flags that may be reported with event or control handling of events */ #define FANOTIFY_EVENT_FLAGS (FAN_EVENT_ON_CHILD | FAN_ONDIR) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 1fe5ac93b252..6fb8d1fcfeaf 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -38,12 +38,14 @@ static inline int fsnotify_perm(struct file *file, int mask) return 0; if (!(mask & (MAY_READ | MAY_OPEN))) return 0; - if (mask & MAY_OPEN) + if (mask & MAY_OPEN) { fsnotify_mask = FS_OPEN_PERM; - else if (mask & MAY_READ) + + if (file->f_flags & __FMODE_EXEC) + fsnotify_mask |= FS_OPEN_EXEC_PERM; + } else if (mask & MAY_READ) { fsnotify_mask = FS_ACCESS_PERM; - else - BUG(); + } ret = fsnotify_parent(path, NULL, fsnotify_mask); if (ret) diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 329ac6684326..96616651220c 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -44,8 +44,9 @@ #define FS_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ #define FS_IN_IGNORED 0x00008000 /* last inotify event here */ -#define FS_OPEN_PERM 0x00010000 /* open event in an permission hook */ +#define FS_OPEN_PERM 0x00010000 /* open event in a permission hook */ #define FS_ACCESS_PERM 0x00020000 /* access event in a permissions hook */ +#define FS_OPEN_EXEC_PERM 0x00040000 /* open/exec in a permission hook */ #define FS_EXCL_UNLINK 0x04000000 /* do not send events if object is unlinked */ #define FS_ISDIR 0x40000000 /* event occurred against dir */ @@ -64,7 +65,7 @@ FS_CLOSE_WRITE | FS_CLOSE_NOWRITE | FS_OPEN |\ FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE |\ FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM |\ - FS_OPEN_EXEC) + FS_OPEN_EXEC | FS_OPEN_EXEC_PERM) #define FS_MOVE (FS_MOVED_FROM | FS_MOVED_TO) @@ -77,7 +78,7 @@ FS_DELETE | FS_DELETE_SELF | FS_MOVE_SELF | \ FS_UNMOUNT | FS_Q_OVERFLOW | FS_IN_IGNORED | \ FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME |\ - FS_OPEN_EXEC) + FS_OPEN_EXEC | FS_OPEN_EXEC_PERM) /* Extra flags that may be reported with event or control handling of events */ #define ALL_FSNOTIFY_FLAGS (FS_EXCL_UNLINK | FS_ISDIR | FS_IN_ONESHOT | \ diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index da278f11ab29..e2df10c61cb1 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -16,6 +16,7 @@ #define FAN_OPEN_PERM 0x00010000 /* File open in perm check */ #define FAN_ACCESS_PERM 0x00020000 /* File accessed in perm check */ +#define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ #define FAN_ONDIR 0x40000000 /* event occurred against dir */