From patchwork Wed Nov 7 11:16:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10672193 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BCC2B15E9 for ; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A9F112AC94 for ; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9D8FB2AC97; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 26A5C2AC94 for ; Wed, 7 Nov 2018 11:16:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726660AbeKGUqu (ORCPT ); Wed, 7 Nov 2018 15:46:50 -0500 Received: from mail-pl1-f194.google.com ([209.85.214.194]:41246 "EHLO mail-pl1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726248AbeKGUqt (ORCPT ); Wed, 7 Nov 2018 15:46:49 -0500 Received: by mail-pl1-f194.google.com with SMTP id p16-v6so7738071plr.8 for ; Wed, 07 Nov 2018 03:16:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=N/s5x49GP+MYQYSkplo/ifLb5L5w7ZbBVZ1oqb/zBVw=; b=ue5OAVwWnyLZ2ol1xk92BnmIxl0pxAME32NYEbApMv8V7K9FLlUxrir6ora4aiq47r x4XV7+6lTgvYbpAte8UoWBq/fHNOQr0hnm7d8M3bCkuuHMQIWSrIHnugHarfjwe86vgx yoWyA3t9FFM51Ji6UNdbOfBzKyeqOjsoKBL4o+qv6K72bD4feOsOadUCNlrrFS4V6iQA PZZr2kJfy2Jp4AjLuVQjQFbsT8BV8ivEcIvpGfZSLMjhgkuPd/7XwY4R6Z3ijYO7HBii x+3vPQUs82Q3RP8CS4ZZhdL6urO0lP+CTiZhHrI4tO7SOZTITpWYEclvMgPdevzW1ZvV BurA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=N/s5x49GP+MYQYSkplo/ifLb5L5w7ZbBVZ1oqb/zBVw=; b=QCJtejkn/44ewxXaAhooPrsIGmSQz7qAy4l+w/dA/Pw5PPD6+VrtnwEVwLW0QnSIrG U7+4HQW4wXHYHWIKd3sJPTbvFLltNUez66id59ZhfgugHg0Hkl4if7RG92R5yWmsUNB1 5NFaPGa1/sXUaPRU87GzkJpHCEEiHMT9Wiye92jw9LRPBT802FN544gfVXV6ZxXm7pkr mwVoOGXNcGCj0ohG+WtKvXRsKLaMPuwhckipzaIqbK1/pHklAxRhf42l8wBR9+Mzymin VZ+oNYwkxPyyN2yXP7dnZcevt6hbb6EaVvgfLfEULJmp9bC3ouDPHqYMqjlZuFBKoj/2 Cs/Q== X-Gm-Message-State: AGRZ1gKuIgEItVa/lTeSbmMVkfwOPk1IM5W9BSGC6wehs28+5mXZk+UD ZyN060PENpvws5fagphdfaXp X-Google-Smtp-Source: AJdET5cT0UWlBELc4yZ01USPpQSK4HWGt2pYhjV9GOv5My0TIEDJc3m+ni09dVLg1gyL/N5nx7ImnQ== X-Received: by 2002:a17:902:4d45:: with SMTP id o5-v6mr1474445plh.335.1541589414260; Wed, 07 Nov 2018 03:16:54 -0800 (PST) Received: from workstation.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id t64-v6sm401283pfd.127.2018.11.07.03.16.51 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 07 Nov 2018 03:16:53 -0800 (PST) Date: Wed, 7 Nov 2018 22:16:48 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v6 1/4] fanotify: return only user requested event types in event mask Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Modify fanotify_should_send_event() so that it now returns a mask for an event that contains ONLY flags for the event types that have been specifically requested by the user. Flags that may have been included within the event mask, but have not been explicitly requested by the user will not be present in the returned value. As an example, given the situation where a user requests events of type FAN_OPEN. Traditionally, the event mask returned within an event that occurred on a filesystem object that has been marked for monitoring and is opened, will only ever have the FAN_OPEN bit set. With the introduction of the new flags like FAN_OPEN_EXEC, and perhaps any other future event flags, there is a possibility of the returned event mask containing more than a single bit set, despite having only requested the single event type. Prior to these modifications performed to fanotify_should_send_event(), a user would have received a bundled event mask containing flags FAN_OPEN and FAN_OPEN_EXEC in the instance that a file was opened for execution via execve(), for example. This means that a user would receive event types in the returned event mask that have not been requested. This runs the possibility of breaking existing systems and causing other unforeseen issues. To mitigate this possibility, fanotify_should_send_event() has been modified to return the event mask containing ONLY event types explicitly requested by the user. This means that we will NOT report events that the user did no set a mask for, and we will NOT report events that the user has set an ignore mask for. The function name fanotify_should_send_event() has also been updated so that it's more relevant to what it has been designed to do. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index e08a6647267b..0a09950317dd 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -89,7 +89,13 @@ static int fanotify_get_response(struct fsnotify_group *group, return ret; } -static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, +/* + * This function returns a mask for an event that only contains the flags + * that have been specifically requested by the user. Flags that may have + * been included within the event mask, but have not been explicitly + * requested by the user, will not be present in the returned mask. + */ +static u32 fanotify_group_event_mask(struct fsnotify_iter_info *iter_info, u32 event_mask, const void *data, int data_type) { @@ -101,14 +107,14 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, pr_debug("%s: report_mask=%x mask=%x data=%p data_type=%d\n", __func__, iter_info->report_mask, event_mask, data, data_type); - /* if we don't have enough info to send an event to userspace say no */ + /* If we don't have enough info to send an event to userspace say no */ if (data_type != FSNOTIFY_EVENT_PATH) - return false; + return 0; - /* sorry, fanotify only gives a damn about files and dirs */ + /* Sorry, fanotify only gives a damn about files and dirs */ if (!d_is_reg(path->dentry) && !d_can_lookup(path->dentry)) - return false; + return 0; fsnotify_foreach_obj_type(type) { if (!fsnotify_iter_should_report_type(iter_info, type)) @@ -131,11 +137,7 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, !(marks_mask & FS_ISDIR & ~marks_ignored_mask)) return false; - if (event_mask & FANOTIFY_OUTGOING_EVENTS & - marks_mask & ~marks_ignored_mask) - return true; - - return false; + return event_mask & FANOTIFY_OUTGOING_EVENTS & marks_mask; } struct fanotify_event_info *fanotify_alloc_event(struct fsnotify_group *group, @@ -210,7 +212,8 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 10); - if (!fanotify_should_send_event(iter_info, mask, data, data_type)) + mask = fanotify_group_event_mask(iter_info, mask, data, data_type); + if (!mask) return 0; pr_debug("%s: group=%p inode=%p mask=%x\n", __func__, group, inode, From patchwork Wed Nov 7 11:17:12 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10672195 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4573815E9 for ; Wed, 7 Nov 2018 11:17:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 321E52AC94 for ; Wed, 7 Nov 2018 11:17:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 25D0D2AC97; Wed, 7 Nov 2018 11:17:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 46CE72AC94 for ; Wed, 7 Nov 2018 11:17:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728515AbeKGUrP (ORCPT ); Wed, 7 Nov 2018 15:47:15 -0500 Received: from mail-pl1-f193.google.com ([209.85.214.193]:34633 "EHLO mail-pl1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726725AbeKGUrO (ORCPT ); Wed, 7 Nov 2018 15:47:14 -0500 Received: by mail-pl1-f193.google.com with SMTP id f12-v6so6554431plo.1 for ; Wed, 07 Nov 2018 03:17:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=XDyCxfjF3w5yHwwTkSxmacJGsa4U+f92DzlHFgtFtmA=; b=VGskKsJxG2CQGxkI6fJ88XfuYxTcgQSXG7AMEyusHQjr31NWSHPbKcICRoK/1xNxTO 6htLUhFBouKz86F4j6l5zAobtMM1RruaDrgrVQywi5i6Q/3gL4FRoFNJ2oChG5/dkXxV 9oziXuYg+ahg8HkujDFoXKEiMgNOiYR/E7jyaTd5FwPJYgKjKeP8/pp8/pg7G7Hnjn+Z SiFritiicMFOFqmqNL6Zz/CChAf6/qKKFzTeqHmW+7O14bxKgme0dB5i/X8WFRjb7cUa 4l0rqeodhopUWPe4RxbtdrHWJmtzWCZCHO0sYn9rDkyFN3H2gm4Q05R+VlT+ZrUHKRr5 RfOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=XDyCxfjF3w5yHwwTkSxmacJGsa4U+f92DzlHFgtFtmA=; b=V4zUhgz/qjgMBsQPQwEFSLm5lDOvoOiB4YYL0l9rsiM8gn0VS5wQzlYek7Gz5wCapu +XN5s8NGTXBr7+6P1TsoQlInm8d3VhBZXM23SfLNCJFGA/ft6FxjdSQaMaJo6iYz6mWf U9rYctL+WKLaKcgDT9tBtIODz/90jIl5qvwjmEMlOJXTdNrevOrHYrKOBTeoQOKR1DBe FDyP6ywzIuxjN3NabkcRvsvAwjMUELe81fcibnjEvsUybIonMZVQ7Rl3z+rJanlg8XIx IiS8wV8NVvngUrmp9hlS1vsokKj/vdwujZg4DYe4qVLRx+8FokOGDnC93x7qMdHpKANH Ez+g== X-Gm-Message-State: AGRZ1gI+rni/ywK37M3HbLdiA3ZteLD0QGJjg8oOIeMQjFPoSsUfSajg dYC2+kFNXiuTDij7llvG09wT X-Google-Smtp-Source: AJdET5cgKlu95UnQtLeY1dg4RZ90K2kf/vffzsGZBg1Kz2CHqFbnW+KFmW3GNdoCb9P7KOUipUSpkg== X-Received: by 2002:a17:902:8ec1:: with SMTP id x1-v6mr728808plo.130.1541589438574; Wed, 07 Nov 2018 03:17:18 -0800 (PST) Received: from workstation.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id y123-v6sm362600pfg.140.2018.11.07.03.17.16 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 07 Nov 2018 03:17:18 -0800 (PST) Date: Wed, 7 Nov 2018 22:17:12 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v6 2/4] fanotify: introduce new event mask FAN_OPEN_EXEC Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP A new event mask FAN_OPEN_EXEC has been defined so that users have the ability to receive events specifically when a file has been opened with the intent to be executed. Events of FAN_OPEN_EXEC type will be generated when a file has been opened using either execve(), execveat() or uselib() system calls. The feature is implemented within fsnotify_open() by generating the FAN_OPEN_EXEC event type if __FMODE_EXEC is set within file->f_flags. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fsnotify.c | 2 +- include/linux/fanotify.h | 2 +- include/linux/fsnotify.h | 2 ++ include/linux/fsnotify_backend.h | 7 +++++-- include/uapi/linux/fanotify.h | 1 + 6 files changed, 12 insertions(+), 5 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 0a09950317dd..e30f3a1d9699 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -209,8 +209,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(FAN_OPEN_PERM != FS_OPEN_PERM); BUILD_BUG_ON(FAN_ACCESS_PERM != FS_ACCESS_PERM); BUILD_BUG_ON(FAN_ONDIR != FS_ISDIR); + BUILD_BUG_ON(FAN_OPEN_EXEC != FS_OPEN_EXEC); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 10); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 11); mask = fanotify_group_event_mask(iter_info, mask, data, data_type); if (!mask) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index d2c34900ae05..b3f58f36a0ab 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -401,7 +401,7 @@ static __init int fsnotify_init(void) { int ret; - BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 23); + BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 24); ret = init_srcu_struct(&fsnotify_mark_srcu); if (ret) diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index a5a60691e48b..c521e4264f2b 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -37,7 +37,7 @@ /* Events that user can request to be notified on */ #define FANOTIFY_EVENTS (FAN_ACCESS | FAN_MODIFY | \ - FAN_CLOSE | FAN_OPEN) + FAN_CLOSE | FAN_OPEN | FAN_OPEN_EXEC) /* Events that require a permission response from user */ #define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index fd1ce10553bf..1fe5ac93b252 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -215,6 +215,8 @@ static inline void fsnotify_open(struct file *file) if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; + if (file->f_flags & __FMODE_EXEC) + mask |= FS_OPEN_EXEC; fsnotify_parent(path, NULL, mask); fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 135b973e44d1..39d94e62a836 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -38,6 +38,7 @@ #define FS_DELETE 0x00000200 /* Subfile was deleted */ #define FS_DELETE_SELF 0x00000400 /* Self was deleted */ #define FS_MOVE_SELF 0x00000800 /* Self was moved */ +#define FS_OPEN_EXEC 0x00001000 /* File was opened for exec */ #define FS_UNMOUNT 0x00002000 /* inode on umount fs */ #define FS_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ @@ -62,7 +63,8 @@ #define FS_EVENTS_POSS_ON_CHILD (FS_ACCESS | FS_MODIFY | FS_ATTRIB |\ FS_CLOSE_WRITE | FS_CLOSE_NOWRITE | FS_OPEN |\ FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE |\ - FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM) + FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM | \ + FS_OPEN_EXEC) #define FS_MOVE (FS_MOVED_FROM | FS_MOVED_TO) @@ -74,7 +76,8 @@ FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE | \ FS_DELETE | FS_DELETE_SELF | FS_MOVE_SELF | \ FS_UNMOUNT | FS_Q_OVERFLOW | FS_IN_IGNORED | \ - FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME) + FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME | \ + FS_OPEN_EXEC) /* Extra flags that may be reported with event or control handling of events */ #define ALL_FSNOTIFY_FLAGS (FS_EXCL_UNLINK | FS_ISDIR | FS_IN_ONESHOT | \ diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index b86740d1c50a..d9664fbc905b 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -10,6 +10,7 @@ #define FAN_CLOSE_WRITE 0x00000008 /* Writtable file closed */ #define FAN_CLOSE_NOWRITE 0x00000010 /* Unwrittable file closed */ #define FAN_OPEN 0x00000020 /* File was opened */ +#define FAN_OPEN_EXEC 0x00001000 /* File was opened for exec */ #define FAN_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ From patchwork Wed Nov 7 11:17:50 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10672197 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2BD3C14D6 for ; Wed, 7 Nov 2018 11:17:59 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1908F2ACB6 for ; Wed, 7 Nov 2018 11:17:59 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0BB482ACCA; Wed, 7 Nov 2018 11:17:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 601172AC94 for ; Wed, 7 Nov 2018 11:17:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728431AbeKGUrw (ORCPT ); Wed, 7 Nov 2018 15:47:52 -0500 Received: from mail-pf1-f195.google.com ([209.85.210.195]:41858 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726395AbeKGUrw (ORCPT ); Wed, 7 Nov 2018 15:47:52 -0500 Received: by mail-pf1-f195.google.com with SMTP id e22-v6so7574669pfn.8 for ; Wed, 07 Nov 2018 03:17:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=DO0ACi8fPwOn7Wo+Vq4QS6YJo6pRN++70pecsPnHqDE=; b=UzsF6GqIKljFqJRaTjNurqX45WUznZuoo++fTeEPtS7Mei5ysQVPmJa9ANIq67mBMl hNf+igmW8qVz4VI7YHv5NPSW5pDfDVm5e3aK3ELVEs3ZvHQYz7yt/OSdXhqayE/COCgw cadzqWOF7Cgas9BDxFgeGe85d+tpVeYEeXL715JtcIfkwBLYtjVoi+t3OBktLRESYuBv o2Rlp8lTZoWqKBSWU/06vMMkrvLa8V4Vj/ApMv3rZlzyQEG+u1PStQTQK4tw8pHldV3v 1EIZoVJTWorvRQhG2N7+eolX2XWxes3q/ihRRhe1T2VozsfXPFY4z8wrnmjPrRn0EWLq nAbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=DO0ACi8fPwOn7Wo+Vq4QS6YJo6pRN++70pecsPnHqDE=; b=cc2LWJulCrpi8S/FgFUwcDdhe9HTjCWvKitbmhzP6mQHv8yGDpsMjXpDg94Mx5EatP KJKRbH7RjO47pG+07LZxIAkcIC/pBQdbYD8F9CRX/88Q56FhEyD/OtJkX/xOpCSKbgJo CMJzFavjlgJI9eRhwI2oWZpyKJiy7Cq2BrtX746tuAfo30/DYo+k5SlN8zFz3HDM7OSJ WyVZpB5Wt43EIr9lWrNBV2cFpFAKzGo32nDGpWtjci+qHyRDQNQXBDzo3l34K3p19DjB d/XbhkQtbeHlWFxBvJwRYnaUix+0vBtuivKNT6RPffnT8l3GNYwOZmfvwL1z0Wqkf3bP bRQw== X-Gm-Message-State: AGRZ1gLOw4sTlLvgAb4Fai7ZrIeoVfC8J7DSf8iDx9T5reBqVWUWHpXY cDO+uxd6u4pdtymH7TDQrqIE X-Google-Smtp-Source: AJdET5fDyagkyIa0F/K6pMZaMbgqC5+XXgwgZ1TYGTk3rafpVxDim70hlvh+pI4xlv05PHW+mMYpQA== X-Received: by 2002:a63:eb0e:: with SMTP id t14mr1175374pgh.445.1541589476049; Wed, 07 Nov 2018 03:17:56 -0800 (PST) Received: from workstation.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id m12-v6sm396119pff.173.2018.11.07.03.17.53 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 07 Nov 2018 03:17:55 -0800 (PST) Date: Wed, 7 Nov 2018 22:17:50 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.kernel.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v6 3/4] fanotify: introduce new event mask FAN_OPEN_EXEC_PERM Message-ID: References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP A new event mask FAN_OPEN_EXEC_PERM has been defined. This allows users to receive events and grant acccess to files that are intending to be opened for execution. Events of FAN_OPEN_EXEC_PERM type will be generated when a file has been opened by using either execve(), execveat() or uselib() system calls. This acts in the same manner as previous permission event types, meaning that an access response is required from the application to permit any further operations on the file. This feature is implemented within the fsnotify_perm() hook by setting the FAN_OPEN_EXEC_PERM event type if __FMODE_EXEC is set within file->f_flags. Signed-off-by: Matthew Bobrowski --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fsnotify.c | 2 +- include/linux/fanotify.h | 3 ++- include/linux/fsnotify.h | 12 +++++++----- include/linux/fsnotify_backend.h | 10 ++++++---- include/uapi/linux/fanotify.h | 1 + 6 files changed, 19 insertions(+), 12 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index e30f3a1d9699..d9aa505591eb 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -210,8 +210,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, BUILD_BUG_ON(FAN_ACCESS_PERM != FS_ACCESS_PERM); BUILD_BUG_ON(FAN_ONDIR != FS_ISDIR); BUILD_BUG_ON(FAN_OPEN_EXEC != FS_OPEN_EXEC); + BUILD_BUG_ON(FAN_OPEN_EXEC_PERM != FS_OPEN_EXEC_PERM); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 11); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 12); mask = fanotify_group_event_mask(iter_info, mask, data, data_type); if (!mask) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index b3f58f36a0ab..ecf09b6243d9 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -401,7 +401,7 @@ static __init int fsnotify_init(void) { int ret; - BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 24); + BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 25); ret = init_srcu_struct(&fsnotify_mark_srcu); if (ret) diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index c521e4264f2b..9e2142795335 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -40,7 +40,8 @@ FAN_CLOSE | FAN_OPEN | FAN_OPEN_EXEC) /* Events that require a permission response from user */ -#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM) +#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM | \ + FAN_OPEN_EXEC_PERM) /* Extra flags that may be reported with event or control handling of events */ #define FANOTIFY_EVENT_FLAGS (FAN_EVENT_ON_CHILD | FAN_ONDIR) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 1fe5ac93b252..9c7b594bf540 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -26,7 +26,7 @@ static inline int fsnotify_parent(const struct path *path, struct dentry *dentry return __fsnotify_parent(path, dentry, mask); } -/* simple call site for access decisions */ +/* Simple call site for access decisions */ static inline int fsnotify_perm(struct file *file, int mask) { const struct path *path = &file->f_path; @@ -38,12 +38,14 @@ static inline int fsnotify_perm(struct file *file, int mask) return 0; if (!(mask & (MAY_READ | MAY_OPEN))) return 0; - if (mask & MAY_OPEN) + if (mask & MAY_OPEN) { fsnotify_mask = FS_OPEN_PERM; - else if (mask & MAY_READ) + + if (file->f_flags & __FMODE_EXEC) + fsnotify_mask |= FS_OPEN_EXEC_PERM; + } else if (mask & MAY_READ) { fsnotify_mask = FS_ACCESS_PERM; - else - BUG(); + } ret = fsnotify_parent(path, NULL, fsnotify_mask); if (ret) diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 39d94e62a836..150c0acb2f43 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -44,8 +44,9 @@ #define FS_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ #define FS_IN_IGNORED 0x00008000 /* last inotify event here */ -#define FS_OPEN_PERM 0x00010000 /* open event in an permission hook */ +#define FS_OPEN_PERM 0x00010000 /* open event in a permission hook */ #define FS_ACCESS_PERM 0x00020000 /* access event in a permissions hook */ +#define FS_OPEN_EXEC_PERM 0x00040000 /* open/exec event in a permission hook */ #define FS_EXCL_UNLINK 0x04000000 /* do not send events if object is unlinked */ #define FS_ISDIR 0x40000000 /* event occurred against dir */ @@ -64,11 +65,12 @@ FS_CLOSE_WRITE | FS_CLOSE_NOWRITE | FS_OPEN |\ FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE |\ FS_DELETE | FS_OPEN_PERM | FS_ACCESS_PERM | \ - FS_OPEN_EXEC) + FS_OPEN_EXEC | FS_OPEN_EXEC_PERM) #define FS_MOVE (FS_MOVED_FROM | FS_MOVED_TO) -#define ALL_FSNOTIFY_PERM_EVENTS (FS_OPEN_PERM | FS_ACCESS_PERM) +#define ALL_FSNOTIFY_PERM_EVENTS (FS_OPEN_PERM | FS_ACCESS_PERM | \ + FS_OPEN_EXEC_PERM) /* Events that can be reported to backends */ #define ALL_FSNOTIFY_EVENTS (FS_ACCESS | FS_MODIFY | FS_ATTRIB | \ @@ -77,7 +79,7 @@ FS_DELETE | FS_DELETE_SELF | FS_MOVE_SELF | \ FS_UNMOUNT | FS_Q_OVERFLOW | FS_IN_IGNORED | \ FS_OPEN_PERM | FS_ACCESS_PERM | FS_DN_RENAME | \ - FS_OPEN_EXEC) + FS_OPEN_EXEC | FS_OPEN_EXEC_PERM) /* Extra flags that may be reported with event or control handling of events */ #define ALL_FSNOTIFY_FLAGS (FS_EXCL_UNLINK | FS_ISDIR | FS_IN_ONESHOT | \ diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index d9664fbc905b..909c98fcace2 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -16,6 +16,7 @@ #define FAN_OPEN_PERM 0x00010000 /* File open in perm check */ #define FAN_ACCESS_PERM 0x00020000 /* File accessed in perm check */ +#define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ #define FAN_ONDIR 0x40000000 /* event occurred against dir */ From patchwork Wed Nov 7 11:18:05 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthew Bobrowski X-Patchwork-Id: 10672199 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5A9F414D6 for ; Wed, 7 Nov 2018 11:18:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 47D822AC94 for ; Wed, 7 Nov 2018 11:18:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3BE372ACA8; Wed, 7 Nov 2018 11:18:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C91392AC94 for ; Wed, 7 Nov 2018 11:18:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730569AbeKGUsH (ORCPT ); Wed, 7 Nov 2018 15:48:07 -0500 Received: from mail-pg1-f196.google.com ([209.85.215.196]:42919 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726395AbeKGUsG (ORCPT ); Wed, 7 Nov 2018 15:48:06 -0500 Received: by mail-pg1-f196.google.com with SMTP id i4-v6so7202903pgq.9 for ; Wed, 07 Nov 2018 03:18:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mbobrowski-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=+TNCK0nndGTgj/uSe1Vm6k9ABMXiyap5XB+qP7dRT50=; b=kTT+KVkEWveqYsPLaJDMPfTrIKOXfEWz7YyPndyLJcqQhsBFdv+eBHBukvDzKbVKiQ 1JN8kQNhI5QN4NOLv0bb1eLlfcbm+jmYYPHuGROdzUPzNxeHvpVZKuHwEyknEjolhiVI R2U1A1KiRwnTiWKknP/8N5Y7iPQU7A0IUFGPvBOzHsS3aEmRD+lGXdug0DEls+GuARAu lMZ42qdyj7rkqrQ2F/Ks69HlmPukkgdqf1bvYOtmL3WYEErPyZhzwlSgi+PWAbZKI/W/ vgQm55DwKvJ36jSioVO/H/edPvJ8/zx6M9bTmA7Kpgn4d2PZObd0Z3/LR4Z+bxTw43bK Nqsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=+TNCK0nndGTgj/uSe1Vm6k9ABMXiyap5XB+qP7dRT50=; b=ssU6METnlLN7UyegjI0araifOnYihv+gyMWkZayXEeeN1GZd1ctkrNoN+wVgonWViX +rU9b1CecCiNqNzrzXMbWQuzYNAmw259WeYKX9ppIkLP8vf5fqodNbLU3ZHQM0eUEuhz sio4JtSnYxOc/gqD0iLcAuDJBSk5VR9uMuXiH7klUTE77iIflk+UgeWhTuLptADPvRLm hE2wYGxGFhJaeq0tay6mM2eUhWTuFWwxWedlSRgT+cijH3lGUWFRBXGGIHKZTc2PVYfe 8dFnru2QdmIgOarnfn+l4CaIYiE6ZJzNq0S6buhb0cbV2f0nJx56lms7wxcLpzqv4Hvu CcQg== X-Gm-Message-State: AGRZ1gJ1JAK07k1UhpuX0VmyfKnB7JJ5lLbO0y0hpbBUU8nSBAncOgiV 6oxL4B4AXcCcG/6NKA23t4u1 X-Google-Smtp-Source: AJdET5dvHoYw+3OtZqfIgv4pwvkz6DHzYEtgY8BrcjyX6DobohxdGcPveQ3rm7MdHBgpvgaNbJjhDw== X-Received: by 2002:a63:396:: with SMTP id 144mr1254764pgd.68.1541589491126; Wed, 07 Nov 2018 03:18:11 -0800 (PST) Received: from workstation.internal.lab (n114-74-18-206.sbr2.nsw.optusnet.com.au. [114.74.18.206]) by smtp.gmail.com with ESMTPSA id i189-v6sm1338885pfc.16.2018.11.07.03.18.08 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 07 Nov 2018 03:18:10 -0800 (PST) Date: Wed, 7 Nov 2018 22:18:05 +1100 From: Matthew Bobrowski To: jack@suse.cz Cc: amir73il@gmail.com, linux-api@vger.linux.org, sgrubb@redhat.com, linux-fsdevel@vger.kernel.org Subject: [PATCH v6 4/4] fsnotify: don't merge events FS_OPEN_PERM and FS_OPEN_EXEC_PERM Message-ID: <20e8e7afa5f42e6cf385277159dfd90505232897.1541587830.git.mbobrowski@mbobrowski.org> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Permission events are not to be consolidated into a single event mask. In order for this to not happen, we require additional calls to fsnotify_parent() and fsnotify() within the fsnotify_perm() when the conditon to set FS_OPEN_EXEC_PERM is evaluated to true. To simplify the code that provides this functionality a simple wrapper fsnotify_path() has been defined to keep things nice and clean. Other functions that used the same fsnotify_parent()/fsnotify() call combination have been updated to use the simplified fsnotify_path() wrapper. Signed-off-by: Matthew Bobrowski Reviewed-by: Amir Goldstein --- include/linux/fsnotify.h | 48 ++++++++++++++++++++++------------------ 1 file changed, 27 insertions(+), 21 deletions(-) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 9c7b594bf540..660ffc751352 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -26,6 +26,21 @@ static inline int fsnotify_parent(const struct path *path, struct dentry *dentry return __fsnotify_parent(path, dentry, mask); } +/* + * Simple wrapper to consolidate calls fsnotify_parent()/fsnotify() when + * an event is on a path. + */ +static inline int fsnotify_path(struct inode *inode, const struct path *path, + __u32 mask) +{ + int ret; + + ret = fsnotify_parent(path, NULL, mask); + if (ret) return ret; + + return fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); +} + /* Simple call site for access decisions */ static inline int fsnotify_perm(struct file *file, int mask) { @@ -41,17 +56,15 @@ static inline int fsnotify_perm(struct file *file, int mask) if (mask & MAY_OPEN) { fsnotify_mask = FS_OPEN_PERM; - if (file->f_flags & __FMODE_EXEC) - fsnotify_mask |= FS_OPEN_EXEC_PERM; + if (file->f_flags & __FMODE_EXEC) { + ret = fsnotify_path(inode, path, FS_OPEN_EXEC_PERM); + if (ret) return ret; + } } else if (mask & MAY_READ) { fsnotify_mask = FS_ACCESS_PERM; } - ret = fsnotify_parent(path, NULL, fsnotify_mask); - if (ret) - return ret; - - return fsnotify(inode, fsnotify_mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); + return fsnotify_path(inode, path, fsnotify_mask); } /* @@ -182,10 +195,8 @@ static inline void fsnotify_access(struct file *file) if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; - if (!(file->f_mode & FMODE_NONOTIFY)) { - fsnotify_parent(path, NULL, mask); - fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); - } + if (!(file->f_mode & FMODE_NONOTIFY)) + fsnotify_path(inode, path, mask); } /* @@ -200,10 +211,8 @@ static inline void fsnotify_modify(struct file *file) if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; - if (!(file->f_mode & FMODE_NONOTIFY)) { - fsnotify_parent(path, NULL, mask); - fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); - } + if (!(file->f_mode & FMODE_NONOTIFY)) + fsnotify_path(inode, path, mask); } /* @@ -220,8 +229,7 @@ static inline void fsnotify_open(struct file *file) if (file->f_flags & __FMODE_EXEC) mask |= FS_OPEN_EXEC; - fsnotify_parent(path, NULL, mask); - fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); + fsnotify_path(inode, path, mask); } /* @@ -237,10 +245,8 @@ static inline void fsnotify_close(struct file *file) if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; - if (!(file->f_mode & FMODE_NONOTIFY)) { - fsnotify_parent(path, NULL, mask); - fsnotify(inode, mask, path, FSNOTIFY_EVENT_PATH, NULL, 0); - } + if (!(file->f_mode & FMODE_NONOTIFY)) + fsnotify_path(inode, path, mask); } /*