From patchwork Thu Jul 25 18:19:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742075 Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com [209.85.222.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A45120DC4 for ; Thu, 25 Jul 2024 18:20:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931609; cv=none; b=ObA1qTCvgUxk2/Aaeye4fVCDz/4ss5qeox9S7GYjWA9a6sq+gslegt/FAC5Hw4dzDw5Q/INw13xze8R0pggI6o0ZwJTc9Jo5Q6xRmMh34IMjZ3t5eRNQpkrmrvk/DTeuUEVqu7zmjeAeBs3VVQ31GNG+EWDlp5jYhMBDUgNUr7Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931609; c=relaxed/simple; bh=pphRo5cAIY6sXyWotHh3OYUODOC3SG0MiMZJ8lGUQvU=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uJuTo4c4iclyutEgDc874p6zyrCZOC6d6/RoDdwuXHVqbccEvDlbXKpJrBaZxAXM/dvFz8RZLoQtO1fWhiCfPlNDS5ReRmu4oGRbP6M9TQzRqy+gGoUDU5LXJ9dQM6q8C/xjQL/6Q+RUokQ0dPFRMcqBAio1TQM14p77tTprsFc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=lusWgJQ8; arc=none smtp.client-ip=209.85.222.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="lusWgJQ8" Received: by mail-qk1-f178.google.com with SMTP id af79cd13be357-79ef72bb8c8so53928985a.2 for ; Thu, 25 Jul 2024 11:20:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931606; x=1722536406; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DV/bmBiugHCOGdiwdB7fAnf5wKaKZzTHXbldMI40hCY=; b=lusWgJQ8G5EkyqV4Kpdqc3ZKtn9kh5xweWYW0lPNyRUVTb/VVtm99q2eb6MFJrL3ZY cDKzB+ysV8cncqvezsgdsHxj177sihvffGaGDD5JjfD/TRVjb+5zDVkeKfrytHYB/NEa +lLPM4Mu0rjy+x8+NF8mpi3a9EKk0UMCJ8U+RwMFGf5qOJxW8dGDh0iSSUdbVWqtNQPg Q2zwk4pulYjq8oTVvHo4W3X1S2QPMtUv5YOxrsD6ZAtqsxLCDzJLSULitUByjPgpXTuW UV9XXeu50yzN0JdNE57bOCKvWwvfYwPYKHO7QrIQqOPB6Ul4xHW0n4+ITN7Da0LPq4Hc e7YA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931606; x=1722536406; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DV/bmBiugHCOGdiwdB7fAnf5wKaKZzTHXbldMI40hCY=; b=ZaAgLDS9pYRmSAJqAxH9GHldbSLTadmXbcK0+tG8tDIaoxhO8BV+INXbhOfr6xPe2P zcHYRPKmUfI4Wcuhjz9TUCiUTZHE8maW+cs6gpXjavxRJAc7O2blzyPMZMNF4MXfjqZT BzhMUc062XEWRCByGFU9o7u+fBRzOHCwOw/RUE/ohXlOFm/ioq5d6UDsSNX4L6VUgTPV vYWupQZyUfrwPy+dFvuy9DSDIahBHbi5S9FZ0DfozLc0NKjl65Un8mRMkXRvryF88BdO 42mlgx+4E4FVbQIcWeLU2uuF45DC3umCPv5PrirIvT/ca8LxMmnp2Dwkd55+GqsmknLE xcOg== X-Forwarded-Encrypted: i=1; AJvYcCWm5/h9RNPC9PbiKxWLzuFU9VgjMZR5r2Fgs+ImxPNDi1MpKFZ3xPq4Lx9rlTJCP6ukRFrj27Armm3UbsWfGP2LUljpT71WAzf+6ksVuw== X-Gm-Message-State: AOJu0Yyfq3Dn4NppU+r/65jQEyXfQ+FEVIssVNZ67kDv8i62WnBmJgEW RqMeUIRcmqxyNWMKHni6f4l4HF7qyYBZ+rlMCxwFt8KrqJuTx01QZ68AAVdxSgU= X-Google-Smtp-Source: AGHT+IELXQ7B9+k1ZTU3Sizt0MYEBuUZnUCAaAMBn1YvGurbHD8m1hnaNkZOSGg5HBUpEJNFO8frnQ== X-Received: by 2002:a05:620a:4041:b0:79c:9431:f71a with SMTP id af79cd13be357-7a1d7e1415fmr366916985a.11.1721931606257; Thu, 25 Jul 2024 11:20:06 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a1d74354ebsm107200485a.95.2024.07.25.11.20.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:05 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 01/10] fanotify: don't skip extra event info if no info_mode is set Date: Thu, 25 Jul 2024 14:19:38 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Previously we would only include optional information if you requested it via an FAN_ flag at fanotify_init time (FAN_REPORT_FID for example). However this isn't necessary as the event length is encoded in the metadata, and if the user doesn't want to consume the information they don't have to. With the PRE_ACCESS events we will always generate range information, so drop this check in order to allow this extra information to be exported without needing to have another flag. Signed-off-by: Josef Bacik --- fs/notify/fanotify/fanotify_user.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 9ec313e9f6e1..2e2fba8a9d20 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -160,9 +160,6 @@ static size_t fanotify_event_len(unsigned int info_mode, int fh_len; int dot_len = 0; - if (!info_mode) - return event_len; - if (fanotify_is_error_event(event->mask)) event_len += FANOTIFY_ERROR_INFO_LEN; @@ -740,12 +737,10 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group, if (fanotify_is_perm_event(event->mask)) FANOTIFY_PERM(event)->fd = fd; - if (info_mode) { - ret = copy_info_records_to_user(event, info, info_mode, pidfd, - buf, count); - if (ret < 0) - goto out_close_fd; - } + ret = copy_info_records_to_user(event, info, info_mode, pidfd, + buf, count); + if (ret < 0) + goto out_close_fd; if (f) fd_install(fd, f); From patchwork Thu Jul 25 18:19:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742076 Received: from mail-qt1-f179.google.com (mail-qt1-f179.google.com [209.85.160.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B2CA4210FB for ; Thu, 25 Jul 2024 18:20:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931610; cv=none; b=C3ZCmf/rlh62+61DuN/nMc3/+xTcVREhRwIJy0+DVsOiRclMmG1CQtPALyBEbfHlTNB6tF51bFSTLS+r7ww2BdjSdvK0BnshSFTB30jzBjLr/yjpuaxr6FvNQwMnYXNUc3Sa6LiHEbDbkH6qc6NZqFavYBQ06z9ovcf1lPFO6Pg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931610; c=relaxed/simple; bh=cvmt9CUFxnJqv+g71TV+PJxoVCsc6QSwoCbYSWpnLso=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=itPZkWjYnz+lv+X1iiVqVn0PauNrYs82tb9uoZGxyMAlyvBR5dnPRpfyqp/W2qcMDndZHUdFMkOXVOzT5n2WJN4jwj3Sz7Y9YbkN8cnt7n+N+9TLTDmf15+WZtCJ+vD02u0dGScm7lAfCo1dD9vjjf4cl2vg9m4tEsgEOaTuZek= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=fXYbX5AG; arc=none smtp.client-ip=209.85.160.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="fXYbX5AG" Received: by mail-qt1-f179.google.com with SMTP id d75a77b69052e-447e1eb0117so6105701cf.3 for ; Thu, 25 Jul 2024 11:20:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931607; x=1722536407; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NegxmTyyNJaofiUGlr7NnyeZp7kMSUr0JaDHxYkqFn8=; b=fXYbX5AG6VRZGpIKMbw41ZLr0GkRtRhOpIwE5g6oTgEHIV0Ec5XMVMtMreCxUtM3Jo MNNZ4/YEApZwO9tPRvBRZBtCaeFJzKnSb9mmwsEHuTxSFeSDJ38bma/atbx+jbTNbQ1Z a4QhnSoydZ/4MKRQnv8QKN1WNmYxZt2EpsNr3NPBm9svO3e8Mu6XweCzvLTNQtYqh71o /4Ze8N/HMuV/Qy0BlOIe86Do998f+cKZoMDph/KqLhK3psyO07JZ9zlt/+UJbfBCIcIh ez1yAjeLxaw7eXD8cExWUsaWCYXFnXCc4Z1wj5jiz0bAuYpVrJ3IpE41FVPS34/QFmkK 2Tog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931607; x=1722536407; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NegxmTyyNJaofiUGlr7NnyeZp7kMSUr0JaDHxYkqFn8=; b=ePqScSfaN0GXehvCLytzjiqTDuePwfzXDLlLbcizKr+kh1Yvpm3qlHI6yywixFExTr id5fdY6j5Qpb8Qmtq4VnPEF4oD+RMLP1wrP7MqUpaVXJPJJ3rK5eMFGU1OytUYlYditW O7QzMIn+SrB84c0pCm90XrQ6RVfB3RkDOKfEb+2wniEacd+oKwmHr5f80gB2iGDYlv3H vH2mjZEPMCIInS5bbLkLsKP0kVIupFdmELAnRDqKUmawl4gqzOaZAe2U+1wDBNtxWnur Q4Aul3r5GsisMP24VZAkK/lHRWV2J0rnhTWWT0L3k53LuKIpj9Q+z7qTLsboCf99XJVd LZiQ== X-Forwarded-Encrypted: i=1; AJvYcCW9/81a6Q8oSxMg6/Mxc4E4dFiSl6rPAzdWArssnrCrlivzFePVos+5HMvtIW9mI14DBwVljo6C/AWes79BH0k1arbhYoUjspsoYLqQGA== X-Gm-Message-State: AOJu0Yz0pJI3vjkqAuaU2X5ppw/AS1m6ENdRJInlw1g1KdmDiAu8gkqf 45uxIKEeZnGaRkRatPNW+Sljw2eBUFbl+T4gY7Ar86DAi9YwixQj3d7rcXtpsdA= X-Google-Smtp-Source: AGHT+IG+qFu+xHZjvF4GRjRqCzPXkPm/TDWqBObxw/C0v3WX7HXpS8f/KobFZCtDD2Zh09sbPZJrrQ== X-Received: by 2002:a05:6214:2267:b0:6b5:44e4:eb3f with SMTP id 6a1803df08f44-6bb40878e9cmr34635086d6.47.1721931607353; Thu, 25 Jul 2024 11:20:07 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6bb3facabbcsm9508226d6.117.2024.07.25.11.20.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:06 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 02/10] fsnotify: introduce pre-content permission event Date: Thu, 25 Jul 2024 14:19:39 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein The new FS_PRE_ACCESS permission event is similar to FS_ACCESS_PERM, but it meant for a different use case of filling file content before access to a file range, so it has slightly different semantics. Generate FS_PRE_ACCESS/FS_ACCESS_PERM as two seperate events, same as we did for FS_OPEN_PERM/FS_OPEN_EXEC_PERM. FS_PRE_MODIFY is a new permission event, with similar semantics as FS_PRE_ACCESS, which is called before a file is modified. FS_ACCESS_PERM is reported also on blockdev and pipes, but the new pre-content events are only reported for regular files and dirs. The pre-content events are meant to be used by hierarchical storage managers that want to fill the content of files on first access. Signed-off-by: Amir Goldstein --- fs/notify/fsnotify.c | 2 +- include/linux/fsnotify.h | 27 ++++++++++++++++++++++++--- include/linux/fsnotify_backend.h | 13 +++++++++++-- security/selinux/hooks.c | 3 ++- 4 files changed, 38 insertions(+), 7 deletions(-) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index 272c8a1dab3c..1ca4a8da7f29 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -621,7 +621,7 @@ static __init int fsnotify_init(void) { int ret; - BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 23); + BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 25); ret = init_srcu_struct(&fsnotify_mark_srcu); if (ret) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 278620e063ab..028ce807805a 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -133,12 +133,13 @@ static inline int fsnotify_file(struct file *file, __u32 mask) #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS /* - * fsnotify_file_area_perm - permission hook before access to file range + * fsnotify_file_area_perm - permission hook before access/modify of file range */ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, const loff_t *ppos, size_t count) { - __u32 fsnotify_mask = FS_ACCESS_PERM; + struct inode *inode = file_inode(file); + __u32 fsnotify_mask; /* * filesystem may be modified in the context of permission events @@ -147,7 +148,27 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, */ lockdep_assert_once(file_write_not_started(file)); - if (!(perm_mask & MAY_READ)) + /* + * Generate FS_PRE_ACCESS/FS_ACCESS_PERM as two seperate events. + */ + if (perm_mask & MAY_READ) { + int ret = fsnotify_file(file, FS_ACCESS_PERM); + + if (ret) + return ret; + } + + /* + * Pre-content events are only reported for regular files and dirs. + */ + if (!S_ISDIR(inode->i_mode) && !S_ISREG(inode->i_mode)) + return 0; + + if (perm_mask & MAY_WRITE) + fsnotify_mask = FS_PRE_MODIFY; + else if (perm_mask & MAY_READ) + fsnotify_mask = FS_PRE_ACCESS; + else return 0; return fsnotify_file(file, fsnotify_mask); diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 8be029bc50b1..21e72b837ec5 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -56,6 +56,9 @@ #define FS_ACCESS_PERM 0x00020000 /* access event in a permissions hook */ #define FS_OPEN_EXEC_PERM 0x00040000 /* open/exec event in a permission hook */ +#define FS_PRE_ACCESS 0x00100000 /* Pre-content access hook */ +#define FS_PRE_MODIFY 0x00200000 /* Pre-content modify hook */ + /* * Set on inode mark that cares about things that happen to its children. * Always set for dnotify and inotify. @@ -77,8 +80,14 @@ */ #define ALL_FSNOTIFY_DIRENT_EVENTS (FS_CREATE | FS_DELETE | FS_MOVE | FS_RENAME) -#define ALL_FSNOTIFY_PERM_EVENTS (FS_OPEN_PERM | FS_ACCESS_PERM | \ - FS_OPEN_EXEC_PERM) +/* Content events can be used to inspect file content */ +#define FSNOTIFY_CONTENT_PERM_EVENTS (FS_OPEN_PERM | FS_OPEN_EXEC_PERM | \ + FS_ACCESS_PERM) +/* Pre-content events can be used to fill file content */ +#define FSNOTIFY_PRE_CONTENT_EVENTS (FS_PRE_ACCESS | FS_PRE_MODIFY) + +#define ALL_FSNOTIFY_PERM_EVENTS (FSNOTIFY_CONTENT_PERM_EVENTS | \ + FSNOTIFY_PRE_CONTENT_EVENTS) /* * This is a list of all events that may get sent to a parent that is watching diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 55c78c318ccd..2997edf3e7cd 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3406,7 +3406,8 @@ static int selinux_path_notify(const struct path *path, u64 mask, perm |= FILE__WATCH_WITH_PERM; /* watches on read-like events need the file:watch_reads permission */ - if (mask & (FS_ACCESS | FS_ACCESS_PERM | FS_CLOSE_NOWRITE)) + if (mask & (FS_ACCESS | FS_ACCESS_PERM | FS_PRE_ACCESS | + FS_CLOSE_NOWRITE)) perm |= FILE__WATCH_READS; return path_has_perm(current_cred(), path, perm); From patchwork Thu Jul 25 18:19:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742077 Received: from mail-qv1-f48.google.com (mail-qv1-f48.google.com [209.85.219.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 80DA52C6AF for ; Thu, 25 Jul 2024 18:20:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931611; cv=none; b=IH/xym6IHmaxmWBvinn8Tf35wLLpPrfjGnGjGoD0mgPxmmB7eLpRJLkryqHxeOPT+f2bXBaXq9cE1qWon2y9380MEEdv+jN746bfGmdwd5pm2/lftkpT620WmNq+gXr4cfWdsvqGhWOlLwRlqmeNK9HQ33sxrnWQaOI1X+gI5nw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931611; c=relaxed/simple; bh=2q12dkxaS6jdsO0ZX8aKRcWpRxg++ZfB49vQCSIBovo=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QC0yB38wC62GS15B1ydS6amGIuQ9r7gZBRcTd/B+Y4X/eGuMmO47OlnyTxDstPGAhXqOwI686+0H3EBr8XvAzTpz5VQ2QXYwTm+6m4K/0EbG+ULjgwl49LqX0mGZKkIWX7sQoLmZmPVH5Zoi9ktyk5U/tfviH6S1cjQC7pBtt5M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=yvZQyzd1; arc=none smtp.client-ip=209.85.219.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="yvZQyzd1" Received: by mail-qv1-f48.google.com with SMTP id 6a1803df08f44-6b7aed340daso8335576d6.3 for ; Thu, 25 Jul 2024 11:20:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931608; x=1722536408; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=sFrDVuPu4/h/LKzVqtml7n9Q6NeN61sPKHdlckX8IzY=; b=yvZQyzd1g/TiGylLSRxrHzjUxGObNXpi9DMyh2EK79ao6gHexzqjPE1+XN2Tu/AIT4 UtTViCjuTfcelm+Jm3VM+1whAgIXlv3SqlrnCgjCQg5+iT2ItXn6x74bf1KejbRzVt+n tNgTS57rxAZiuM6w+jpya1lCL3tFhVjj+yAOY7vYw+vicUIzDPLvYnuXlG6HHl2P/JHg xiXWj1bG9U5SdubiMHPrR7uGJUd3YdqUnt6rKSRcXFfgQrrv02ZW10vdsxtPolcIZOLh 8+cYER1iX59rJBZdRuc0vgYQvTnw565UCCQ+THJEtqMx335T6lFi8uaNsgdxFQKN4FCg FxNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931608; x=1722536408; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sFrDVuPu4/h/LKzVqtml7n9Q6NeN61sPKHdlckX8IzY=; b=i3FJzTRPJf/JZ6t9JG4Q6RuKrUunH/MVwe1w79dJXFrpgVUp5N9xb2snySvjiV0FiD ZtJybBAKSN7BD48A+g8DalhrfpmTikgkSf7qY3sv6bEDSuF0PGqjFHYzXZSg0PXIKn2J tCTCrwWP42mIG6DwRWuZeju9i4AlwULh6m7IjA4H/h7TfyoyVuJwZD65298zA8uIzcne nXc5FgXm7RI8zZBWq1olqEIIWRriFJT30hyFmz9uAWsgN1wiF8xY1fWLv9rUXfgyaTfU VtpakebEy5vke8RfHsMb5gp3MCY4stQChNS5EpGQTXujg4LUXwB8jpJnWd3OhDEABysz /55Q== X-Forwarded-Encrypted: i=1; AJvYcCVLk5868jBgNXm7lqyiQorw0/MYKsyNd4eF/tejQA4WTuMF74PhH+dx45igA8F2daElunqe+aw1ox8Ujc6oCCJeG6qCyzk+ZLmCnfP1xg== X-Gm-Message-State: AOJu0YwPt3QCiGkkVdVRFkuS+46+AoS56oUyB6EPry0Ujv2STPWXNvPp c5aC16RRlVbJWfEOMP4tQQukVxfPK6Zb6sj9KTgDABHidCrF+O9AcOLZiTe4LRo= X-Google-Smtp-Source: AGHT+IGVxHU1enxjhA8FWGninJI7PsY9Ay6HOvxLlJOAphJxhxy2M1Mx7BA32agODRR58D5p4qyK2Q== X-Received: by 2002:a05:6214:627:b0:6b8:6f42:69dc with SMTP id 6a1803df08f44-6bb3cabe9ffmr48073076d6.39.1721931608422; Thu, 25 Jul 2024 11:20:08 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6bb3f8f9e11sm9519376d6.48.2024.07.25.11.20.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:08 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 03/10] fsnotify: generate pre-content permission event on open Date: Thu, 25 Jul 2024 14:19:40 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein FS_PRE_ACCESS or FS_PRE_MODIFY will be generated on open depending on file open mode. The pre-content event will be generated in addition to FS_OPEN_PERM, but without sb_writers held and after file was truncated in case file was opened with O_CREAT and/or O_TRUNC. The event will have a range info of (0..0) to provide an opportunity to fill entire file content on open. Signed-off-by: Amir Goldstein --- fs/namei.c | 9 +++++++++ include/linux/fsnotify.h | 10 +++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/fs/namei.c b/fs/namei.c index 3a4c40e12f78..c16487e3742d 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -3735,6 +3735,15 @@ static int do_open(struct nameidata *nd, } if (do_truncate) mnt_drop_write(nd->path.mnt); + + /* + * This permission hook is different than fsnotify_open_perm() hook. + * This is a pre-content hook that is called without sb_writers held + * and after the file was truncated. + */ + if (!error) + error = fsnotify_file_perm(file, MAY_OPEN); + return error; } diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 028ce807805a..4103dd797477 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -168,6 +168,10 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, fsnotify_mask = FS_PRE_MODIFY; else if (perm_mask & MAY_READ) fsnotify_mask = FS_PRE_ACCESS; + else if (perm_mask & MAY_OPEN && file->f_mode & FMODE_WRITER) + fsnotify_mask = FS_PRE_MODIFY; + else if (perm_mask & MAY_OPEN) + fsnotify_mask = FS_PRE_ACCESS; else return 0; @@ -176,10 +180,14 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, /* * fsnotify_file_perm - permission hook before file access + * + * Called from read()/write() with perm_mas MAY_READ/MAY_WRITE. + * Called from open() with MAY_OPEN in addition to fsnotify_open_perm(), + * but without sb_writers held and after the file was truncated. */ static inline int fsnotify_file_perm(struct file *file, int perm_mask) { - return fsnotify_file_area_perm(file, perm_mask, NULL, 0); + return fsnotify_file_area_perm(file, perm_mask, &file->f_pos, 0); } /* From patchwork Thu Jul 25 18:19:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742078 Received: from mail-qk1-f170.google.com (mail-qk1-f170.google.com [209.85.222.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A15739AD5 for ; Thu, 25 Jul 2024 18:20:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931612; cv=none; b=jx2luKVVgDwtvozNF/+m9FWv31RtPe0QyqWVbevn/TLBCnaoRfAxgXSdjlpPiIFKVpPwJ3L/rq1bn1S0I67WeqWwh5MoAipSyObjFQCVu7693pCQLQ/V0AiLRBvsZXlXuD9tehGfRv28pF05ytsZ0+cec3xmndFQbr8XJ3XUdoc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931612; c=relaxed/simple; bh=QOr35ssa++1Iuprgp6CfldvWfU+bHv7I3X1QP4/Cwg4=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VagLxPQxAPVizPyn2/gbaOHCxr/Kplnj4nkhayiCi8Q18rqnlrxE/I2HmErEaH0OC7tX14s2Er4J5IeYnVJ4EeSHKZntFtedJLo+8JyP4z24wVr5o4Bi5bT5bPWYOogMxURd6msV/B9BUC88Uxss3ErF4SK82vNdK6hVE1pwKDM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=b452Xo1u; arc=none smtp.client-ip=209.85.222.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="b452Xo1u" Received: by mail-qk1-f170.google.com with SMTP id af79cd13be357-7a1d42da3e9so76587585a.1 for ; Thu, 25 Jul 2024 11:20:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931609; x=1722536409; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=YXPKXz6eDlk4Ai3ljW6PFwpaOryeRwoJGw5M2aaSDLI=; b=b452Xo1uXOXnG2xBuw11n3uXtTF5nz/2VOzrFfJwFw5zNUTJkZ/UNv51srvpii+fBy 80DkOXluBfLcQOeDULmcGTk8UGARbvtO9rNXwRiOCTQVxHASvVbjV+AI5doRCUZXrk4A 9lhzYMKxmNuzznoHG3sbNfKHGXhYtxjzZkdIJj6obLTA1HxKMhRdy1qftGxDzKw09pSL xos0rBvMljvZKIdwaZynOuGkzRgZKt8V9gu0vrnAtKv76VhRtCzhV1DPZczCNpP85is1 anySsVECamvkFXzL5e15H5LuRSXqwfZUGnTWImviP7OlWkbLlIuR/ARw+Fd1vDTNOnj+ fIVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931609; x=1722536409; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YXPKXz6eDlk4Ai3ljW6PFwpaOryeRwoJGw5M2aaSDLI=; b=U7QtD8DqdUUL1IYUkT1NQeM/15J+xryLj23ob6NuZMFo1A+7IQz11v87BqDEbBCJ+x 84lddI9Dq9zcLmvU3m1wW5knGfREOcnXRWiqJ5cXoXK3I5LuX4cpV9Kj9u6WhvU5Q60R +peA/uoeK9G9/PWpQmdWXMs5uJ7P3opATgwZ6ZQoaVLBgEStnSHoq5qjv3wxoAIBhj9X WKtCHFClVJFO4uPKUVEYcbXToC5Xu6gb3dX5RXwUVZRgOF06V7ngZX5ALejoCIIKCbNP 7XDvYPtZGjUeaT4ETovbPwX2jbfZRuYH56gCP3Zi4bVLkRFlEnz3SDf4lMeNvxAbCyS1 gFlw== X-Forwarded-Encrypted: i=1; AJvYcCUaNqsiK9Vq58piR7PrSC7C86IqJYMczd7O0Qcf1Jy3y4wB5pmAI/Mo7R4CqEuUvpB2eq/DTCJrk5cUBDM7mLvte5mbRifkMSRcwJaD1Q== X-Gm-Message-State: AOJu0YzoT7GRU5PssJLz5MY8tJRWwQePygf7fdWHH6dN3k3KGt8pTlbj xoh2s+JbHyah5IpRQmt84ClQAIB1S5tPVMxc7l95Vq8+BK3RtsFZf599j+6FPeD06omRi7r23HL P X-Google-Smtp-Source: AGHT+IHnXeZsLhRN5PXsEeQnLlir4lj8ZKPVCNOpse4e/UiCVplidYf+FhyxrXCrhZyS9FqbRlVJWw== X-Received: by 2002:a05:620a:470f:b0:79f:726:e2d2 with SMTP id af79cd13be357-7a1d44d3099mr483214785a.36.1721931609557; Thu, 25 Jul 2024 11:20:09 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a1d7398234sm107960385a.17.2024.07.25.11.20.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:09 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 04/10] fanotify: introduce FAN_PRE_ACCESS permission event Date: Thu, 25 Jul 2024 14:19:41 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Similar to FAN_ACCESS_PERM permission event, but it is only allowed with class FAN_CLASS_PRE_CONTENT and only allowed on regular files are dirs. Unlike FAN_ACCESS_PERM, it is safe to write to the file being accessed in the context of the event handler. This pre-content event is meant to be used by hierarchical storage managers that want to fill the content of files on first read access. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fanotify/fanotify_user.c | 17 ++++++++++++++--- include/linux/fanotify.h | 14 ++++++++++---- include/uapi/linux/fanotify.h | 2 ++ 4 files changed, 28 insertions(+), 8 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 224bccaab4cc..7dac8e4486df 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -910,8 +910,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, u32 mask, BUILD_BUG_ON(FAN_OPEN_EXEC_PERM != FS_OPEN_EXEC_PERM); BUILD_BUG_ON(FAN_FS_ERROR != FS_ERROR); BUILD_BUG_ON(FAN_RENAME != FS_RENAME); + BUILD_BUG_ON(FAN_PRE_ACCESS != FS_PRE_ACCESS); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 21); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 22); mask = fanotify_group_event_mask(group, iter_info, &match_mask, mask, data, data_type, dir); diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 2e2fba8a9d20..c294849e474f 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -1628,6 +1628,7 @@ static int fanotify_events_supported(struct fsnotify_group *group, unsigned int flags) { unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; + bool is_dir = d_is_dir(path->dentry); /* Strict validation of events in non-dir inode mask with v5.17+ APIs */ bool strict_dir_events = FAN_GROUP_FLAG(group, FAN_REPORT_TARGET_FID) || (mask & FAN_RENAME) || @@ -1665,9 +1666,15 @@ static int fanotify_events_supported(struct fsnotify_group *group, * but because we always allowed it, error only when using new APIs. */ if (strict_dir_events && mark_type == FAN_MARK_INODE && - !d_is_dir(path->dentry) && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) + !is_dir && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) return -ENOTDIR; + /* Pre-content events are only supported on regular files and dirs */ + if (mask & FANOTIFY_PRE_CONTENT_EVENTS) { + if (!is_dir && !d_is_reg(path->dentry)) + return -EINVAL; + } + return 0; } @@ -1769,11 +1776,15 @@ static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask, goto fput_and_out; /* - * Permission events require minimum priority FAN_CLASS_CONTENT. + * Permission events are not allowed for FAN_CLASS_NOTIF. + * Pre-content permission events are not allowed for FAN_CLASS_CONTENT. */ ret = -EINVAL; if (mask & FANOTIFY_PERM_EVENTS && - group->priority < FSNOTIFY_PRIO_CONTENT) + group->priority == FSNOTIFY_PRIO_NORMAL) + goto fput_and_out; + else if (mask & FANOTIFY_PRE_CONTENT_EVENTS && + group->priority == FSNOTIFY_PRIO_CONTENT) goto fput_and_out; if (mask & FAN_FS_ERROR && diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index 4f1c4f603118..5c811baf44d2 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -88,6 +88,16 @@ #define FANOTIFY_DIRENT_EVENTS (FAN_MOVE | FAN_CREATE | FAN_DELETE | \ FAN_RENAME) +/* Content events can be used to inspect file content */ +#define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \ + FAN_ACCESS_PERM) +/* Pre-content events can be used to fill file content */ +#define FANOTIFY_PRE_CONTENT_EVENTS (FAN_PRE_ACCESS) + +/* Events that require a permission response from user */ +#define FANOTIFY_PERM_EVENTS (FANOTIFY_CONTENT_PERM_EVENTS | \ + FANOTIFY_PRE_CONTENT_EVENTS) + /* Events that can be reported with event->fd */ #define FANOTIFY_FD_EVENTS (FANOTIFY_PATH_EVENTS | FANOTIFY_PERM_EVENTS) @@ -103,10 +113,6 @@ FANOTIFY_INODE_EVENTS | \ FANOTIFY_ERROR_EVENTS) -/* Events that require a permission response from user */ -#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM | \ - FAN_OPEN_EXEC_PERM) - /* Extra flags that may be reported with event or control handling of events */ #define FANOTIFY_EVENT_FLAGS (FAN_EVENT_ON_CHILD | FAN_ONDIR) diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index a37de58ca571..3ae43867d318 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -26,6 +26,8 @@ #define FAN_ACCESS_PERM 0x00020000 /* File accessed in perm check */ #define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ +#define FAN_PRE_ACCESS 0x00100000 /* Pre-content access hook */ + #define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */ #define FAN_RENAME 0x10000000 /* File was renamed */ From patchwork Thu Jul 25 18:19:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742079 Received: from mail-qv1-f53.google.com (mail-qv1-f53.google.com [209.85.219.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C716E3CF4F for ; Thu, 25 Jul 2024 18:20:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931613; cv=none; b=Dq/re1+yGdIoMyEjRiuUjybMJJtyxCcRyXZVcAv/ry+xQEFVWNsHxfjVIR4gA3YpEWhgRTnZBuxgb4zUDdFlnt0LVmnoldeOm/9m2ZEOjaFqkS916tCng8u3mvoWUroox0TFfdDZWetA55wPjLqSh4P+E73TQ4YyguR6k70BLpo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931613; c=relaxed/simple; bh=5hCtfwwGaSoo88/6uirww/Vl/AinbUzAT+AAAqH51Y0=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qX+9clVxN6doVesUD1KmDBv9oPJL9gcrz61pnFNdTf2S8sNSrdnp6LwD89dQZ834r7yjUi01vLiK1lvyLk70OOTxZ1DzDOtvpsI8eiEzrj0MSowdlVtc3/IA2QqiVCHDVRhW6KVFZCj1Xd5o4o+pUaLQf2v5rXCq6lcigFBrStM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=KySHjUhV; arc=none smtp.client-ip=209.85.219.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="KySHjUhV" Received: by mail-qv1-f53.google.com with SMTP id 6a1803df08f44-6b796667348so11240776d6.0 for ; Thu, 25 Jul 2024 11:20:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931611; x=1722536411; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=G97TFAwqloOhjsDe+3X1WdwF/WXcuX5oC+tX+23Kxis=; b=KySHjUhVE6RXemX8wo3O0lH6aoCNAYPrAID8UW8UfJrv2MxhKZ02qnNiETxe8vxcff Np/+bn2o8Q0e5+YCRlB9/MHcXqfuSmmvbo8MUxw1/bB2NdwcAZ3sfrq5xHM9Numfi9eF gpBpeQNAGHswMWoihc0kGkAKUlAk79NWTfPYO+qDLKzTdMEK5zNNYzkcJXO/ccT8Q+HD BnV/vnvlOCZcVFcviMnfjbp9Ch/k1HxmO9Gspkfowq//fhrPAqqsK3VW78jzwUkvuYcF MpMIFJRp7ay4kZOmnCalTR9s98VI5Hpb8RFDGhPc+cKGTajJq2BQVMGy+G1BHeTBhoMk k6hA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931611; x=1722536411; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=G97TFAwqloOhjsDe+3X1WdwF/WXcuX5oC+tX+23Kxis=; b=AKy+RXdkJ0WuwwNn+wyA4WFDKZWJXbl2ajv9DNo6WAUJWtuaeAcRiL0jWSwN8J6d8M ODz81QCklJlouxJDKfkGxd/zAOyF9kpdZ8Dd7PaP8+Nwumg4R4s2YrKhuZSWdoq2dbNa nna9xyJK+gTo4MP6I05je4g57mf1UDZVDgKnvyFawBBZM5bW/jN3hlgq8Or+qt8/ulod RxylgQ8f1+K4ePzJ/68XcmNLVAZ1rbP78cTSW0kfTDBoTdmxn2PFfNgkdKgl2Vp4ikrh thnI2gfKU9DAaQvAbJH0I4+Jd1yDAY6240TmJdHzxzAZd/vESt+1yXesUdl7WCbtABsI mqeA== X-Forwarded-Encrypted: i=1; AJvYcCW9E/Qs5mNgv0S4XWZmmBuoOMjGVkw07Hf1JPX+hqttqu2b1Ngn+FjHb3y2WRGF6bH4H6qU7FU8BY9DAIRmAM5mDhOxOT9BPwG3sxVHrg== X-Gm-Message-State: AOJu0Yx6BGt7JVdxJyBmbow1ElunJzuMp3724uDt2y702H76A3ocwpba EvEdl1rKk8PPD4Rr3ctGYdJ0sPFmejTb8WSXLN72PqLY4RjTlZKHoSMvkM/l4YUXShAhVzJAylc z X-Google-Smtp-Source: AGHT+IH2VK7Y8cUkh8TyBhm/VkNN+ntYBvXHX+8xnpNRFdN6GuhSJ0NP2zK6+UogEATDzHSdlDd29A== X-Received: by 2002:ad4:41c4:0:b0:6ad:84aa:2956 with SMTP id 6a1803df08f44-6b9914b0d01mr98431336d6.13.1721931610706; Thu, 25 Jul 2024 11:20:10 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6bb3f8d8269sm9525256d6.20.2024.07.25.11.20.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:10 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 05/10] fanotify: introduce FAN_PRE_MODIFY permission event Date: Thu, 25 Jul 2024 14:19:42 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Generate FAN_PRE_MODIFY permission event from fsnotify_file_perm() pre-write hook to notify fanotify listeners on an intent to make modification to a file. Like FAN_PRE_ACCESS, it is only allowed with FAN_CLASS_PRE_CONTENT and unlike FAN_MODIFY, it is only allowed on regular files. Like FAN_PRE_ACCESS, it is generated without sb_start_write() held, so it is safe for to perform filesystem modifications in the the context of event handler. This pre-content event is meant to be used by hierarchical storage managers that want to fill the content of files on first write access. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fanotify/fanotify_user.c | 2 ++ include/linux/fanotify.h | 3 ++- include/uapi/linux/fanotify.h | 1 + 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 7dac8e4486df..b163594843f5 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -911,8 +911,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, u32 mask, BUILD_BUG_ON(FAN_FS_ERROR != FS_ERROR); BUILD_BUG_ON(FAN_RENAME != FS_RENAME); BUILD_BUG_ON(FAN_PRE_ACCESS != FS_PRE_ACCESS); + BUILD_BUG_ON(FAN_PRE_MODIFY != FS_PRE_MODIFY); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 22); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 23); mask = fanotify_group_event_mask(group, iter_info, &match_mask, mask, data, data_type, dir); diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index c294849e474f..3a7101544f30 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -1673,6 +1673,8 @@ static int fanotify_events_supported(struct fsnotify_group *group, if (mask & FANOTIFY_PRE_CONTENT_EVENTS) { if (!is_dir && !d_is_reg(path->dentry)) return -EINVAL; + if (is_dir && mask & FAN_PRE_MODIFY) + return -EISDIR; } return 0; diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index 5c811baf44d2..ae6cb2688d52 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -92,7 +92,8 @@ #define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \ FAN_ACCESS_PERM) /* Pre-content events can be used to fill file content */ -#define FANOTIFY_PRE_CONTENT_EVENTS (FAN_PRE_ACCESS) +#define FANOTIFY_PRE_CONTENT_EVENTS (FAN_PRE_ACCESS | FAN_PRE_MODIFY) +#define FANOTIFY_PRE_MODIFY_EVENTS (FAN_PRE_MODIFY) /* Events that require a permission response from user */ #define FANOTIFY_PERM_EVENTS (FANOTIFY_CONTENT_PERM_EVENTS | \ diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 3ae43867d318..c8dacedf73b9 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -27,6 +27,7 @@ #define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ #define FAN_PRE_ACCESS 0x00100000 /* Pre-content access hook */ +#define FAN_PRE_MODIFY 0x00200000 /* Pre-content modify hook */ #define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */ From patchwork Thu Jul 25 18:19:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742080 Received: from mail-oi1-f175.google.com (mail-oi1-f175.google.com [209.85.167.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E77D647A5D for ; Thu, 25 Jul 2024 18:20:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.175 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931614; cv=none; b=lbrFsgL7m1kEIIaueyLIR0kAJ98j6im4jcpVb8eZFZPyU5nQsHmRqgGO2Q+O/qC1bljfBCBq4OMtQ+pgY1WtD5dfcaA9incVqs7bryG6PQK35xmo5O8NjzPJdNeC+TBUXW+njhQQRomhn9d7GagGSj8JU1V4hqIrvinJpbr53q0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931614; c=relaxed/simple; bh=QfFAJZi1ijKokWhReW3YGetgRDfXXCQw2sw1ONMQWlI=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QfJJP6n06E5fZzwPeD9h8hrnawanmysiK0YU6rbu2rQ90RQXOqXdUai1peefwfpiO2hkaMGQ9dF7+dSKhwdu8gUqBhdv/5qlAXn81QGaw/glmSAqyeft0wfhKqbyQwWsNff7GTMFCPoFhC9AFGFNWIZqAdpP+KxKCmqBakWi0yc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=BBvJChRY; arc=none smtp.client-ip=209.85.167.175 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="BBvJChRY" Received: by mail-oi1-f175.google.com with SMTP id 5614622812f47-3db18c4927bso97897b6e.1 for ; Thu, 25 Jul 2024 11:20:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931612; x=1722536412; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=G4z1UMQB2Cf15fcbZ6nTMxNOadcHl0cZubflIeRAG14=; b=BBvJChRYtQZLINVkeCALtJeMvpqgHH3EkoRDm/REpZh+DWr7a8T81ukKvJO20iwF4l 3I2XydP4Neyo16PMP5d8f2oYE/y8vKwLtM/WnTac8ndmdcvAeEpHLUESilt0pXzAvSCL G/HvTp0nWm05dJPdJmZpB083PzTC8uAc1jvhWVuQ9qo5D1z761zE2hEGneGbpLuPXclO HOXCp7hTJZ+Hh87rYZmQ6i1Nyle6P812fawcb+TlE0l7xoHgeummXFQYOjA7IqcV+qBr dFQwU20o8VSxsyqQ2uKs1/85yCi8FyRFocdjw/wScAsI8hKm0TMx9YsP23Z8YKiVyOPU 3wXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931612; x=1722536412; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=G4z1UMQB2Cf15fcbZ6nTMxNOadcHl0cZubflIeRAG14=; b=vtpC3T8xFkpZsGysYUh/kUAq/UFIR/Wg12EPPlNSOvc675RMoK16eQc+5oRdJp3F1L tDMKdHyIejIEubON6SaArTMpmgalK+ARlYLd3BQHM2tRMWenliXQd+X/RQblJ1rU0rDD Y8Rm6F5/cE2wIZ1HV3djkLTW+JwQP69iGqUzy6TcwMHC7gmhUEl6MWpM4Yhi0dh6a/L5 U0aZKZtVFwpAYNmF1gvxOI5nE/hbvUFqlkNhh9y2ng+6+VUhIbhoqyNIx6u1t5Jv6R+p Jw9TgheHqGwcOa3x6bW/iC2+SVxFT1lkkjie3jPcGywrH75tAeXLfmi1195dwBp3VXrP rCpg== X-Forwarded-Encrypted: i=1; AJvYcCWGoEnoh09HD+TLxYKZnR9xqFC8sOnmUBW1wenxFy0Da4yehe6j20wmKLrfxaCIdeXAbQOeqywipv6Lylg2SXyucgIr9V9pOBSuA9/jbw== X-Gm-Message-State: AOJu0YzMeZ2OAIFDGoxNdfHThvEZunjq/sC4COne71QL53D7hzcLpGuS /NrX/Wrs3qfSQ5emZv1KcGlMoslNneN3SzLzrcrsUcFXShs4YRy13qjzbARREsI= X-Google-Smtp-Source: AGHT+IE1rSPn0WJ6xw6tftc8EPxW3z+Hgj0ZMTT8ZyQce9xpWrheqFTpVBOEFesJk3MbDM0JIU592A== X-Received: by 2002:a05:6808:23c2:b0:3d5:61d9:fac1 with SMTP id 5614622812f47-3db14214d9dmr3169261b6e.46.1721931611924; Thu, 25 Jul 2024 11:20:11 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-44fe840c096sm8373531cf.79.2024.07.25.11.20.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:11 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 06/10] fanotify: pass optional file access range in pre-content event Date: Thu, 25 Jul 2024 14:19:43 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein We would like to add file range information to pre-content events. Pass a struct file_range with optional offset and length to event handler along with pre-content permission event. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 12 ++++++++++-- fs/notify/fanotify/fanotify.h | 2 ++ include/linux/fsnotify.h | 17 ++++++++++++++++- include/linux/fsnotify_backend.h | 32 ++++++++++++++++++++++++++++++++ 4 files changed, 60 insertions(+), 3 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index b163594843f5..8fa439bd47d6 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -549,9 +549,13 @@ static struct fanotify_event *fanotify_alloc_path_event(const struct path *path, return &pevent->fae; } -static struct fanotify_event *fanotify_alloc_perm_event(const struct path *path, +static struct fanotify_event *fanotify_alloc_perm_event(const void *data, + int data_type, gfp_t gfp) { + const struct path *path = fsnotify_data_path(data, data_type); + const struct file_range *range = + fsnotify_data_file_range(data, data_type); struct fanotify_perm_event *pevent; pevent = kmem_cache_alloc(fanotify_perm_event_cachep, gfp); @@ -565,6 +569,10 @@ static struct fanotify_event *fanotify_alloc_perm_event(const struct path *path, pevent->hdr.len = 0; pevent->state = FAN_EVENT_INIT; pevent->path = *path; + if (range) { + pevent->ppos = range->ppos; + pevent->count = range->count; + } path_get(path); return &pevent->fae; @@ -802,7 +810,7 @@ static struct fanotify_event *fanotify_alloc_event( old_memcg = set_active_memcg(group->memcg); if (fanotify_is_perm_event(mask)) { - event = fanotify_alloc_perm_event(path, gfp); + event = fanotify_alloc_perm_event(data, data_type, gfp); } else if (fanotify_is_error_event(mask)) { event = fanotify_alloc_error_event(group, fsid, data, data_type, &hash); diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h index e5ab33cae6a7..93598b7d5952 100644 --- a/fs/notify/fanotify/fanotify.h +++ b/fs/notify/fanotify/fanotify.h @@ -425,6 +425,8 @@ FANOTIFY_PE(struct fanotify_event *event) struct fanotify_perm_event { struct fanotify_event fae; struct path path; + const loff_t *ppos; /* optional file range info */ + size_t count; u32 response; /* userspace answer to the event */ unsigned short state; /* state of the event */ int fd; /* fd we passed to userspace for this event */ diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 4103dd797477..3c558c76bd5d 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -132,6 +132,21 @@ static inline int fsnotify_file(struct file *file, __u32 mask) } #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS +static inline int fsnotify_file_range(struct file *file, __u32 mask, + const loff_t *ppos, size_t count) +{ + struct file_range range; + + if (file->f_mode & FMODE_NONOTIFY) + return 0; + + range.path = &file->f_path; + range.ppos = ppos; + range.count = count; + return fsnotify_parent(range.path->dentry, mask, &range, + FSNOTIFY_EVENT_FILE_RANGE); +} + /* * fsnotify_file_area_perm - permission hook before access/modify of file range */ @@ -175,7 +190,7 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, else return 0; - return fsnotify_file(file, fsnotify_mask); + return fsnotify_file_range(file, fsnotify_mask, ppos, count); } /* diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 21e72b837ec5..36c3d18cc40a 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -298,6 +298,7 @@ static inline void fsnotify_group_assert_locked(struct fsnotify_group *group) /* When calling fsnotify tell it if the data is a path or inode */ enum fsnotify_data_type { FSNOTIFY_EVENT_NONE, + FSNOTIFY_EVENT_FILE_RANGE, FSNOTIFY_EVENT_PATH, FSNOTIFY_EVENT_INODE, FSNOTIFY_EVENT_DENTRY, @@ -310,6 +311,17 @@ struct fs_error_report { struct super_block *sb; }; +struct file_range { + const struct path *path; + const loff_t *ppos; + size_t count; +}; + +static inline const struct path *file_range_path(const struct file_range *range) +{ + return range->path; +} + static inline struct inode *fsnotify_data_inode(const void *data, int data_type) { switch (data_type) { @@ -319,6 +331,8 @@ static inline struct inode *fsnotify_data_inode(const void *data, int data_type) return d_inode(data); case FSNOTIFY_EVENT_PATH: return d_inode(((const struct path *)data)->dentry); + case FSNOTIFY_EVENT_FILE_RANGE: + return d_inode(file_range_path(data)->dentry); case FSNOTIFY_EVENT_ERROR: return ((struct fs_error_report *)data)->inode; default: @@ -334,6 +348,8 @@ static inline struct dentry *fsnotify_data_dentry(const void *data, int data_typ return (struct dentry *)data; case FSNOTIFY_EVENT_PATH: return ((const struct path *)data)->dentry; + case FSNOTIFY_EVENT_FILE_RANGE: + return file_range_path(data)->dentry; default: return NULL; } @@ -345,6 +361,8 @@ static inline const struct path *fsnotify_data_path(const void *data, switch (data_type) { case FSNOTIFY_EVENT_PATH: return data; + case FSNOTIFY_EVENT_FILE_RANGE: + return file_range_path(data); default: return NULL; } @@ -360,6 +378,8 @@ static inline struct super_block *fsnotify_data_sb(const void *data, return ((struct dentry *)data)->d_sb; case FSNOTIFY_EVENT_PATH: return ((const struct path *)data)->dentry->d_sb; + case FSNOTIFY_EVENT_FILE_RANGE: + return file_range_path(data)->dentry->d_sb; case FSNOTIFY_EVENT_ERROR: return ((struct fs_error_report *) data)->sb; default: @@ -379,6 +399,18 @@ static inline struct fs_error_report *fsnotify_data_error_report( } } +static inline const struct file_range *fsnotify_data_file_range( + const void *data, + int data_type) +{ + switch (data_type) { + case FSNOTIFY_EVENT_FILE_RANGE: + return (struct file_range *)data; + default: + return NULL; + } +} + /* * Index to merged marks iterator array that correlates to a type of watch. * The type of watched object can be deduced from the iterator type, but not From patchwork Thu Jul 25 18:19:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742081 Received: from mail-qv1-f42.google.com (mail-qv1-f42.google.com [209.85.219.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 264BE4D131 for ; Thu, 25 Jul 2024 18:20:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931615; cv=none; b=j/Qdni9asvmUG8BRP138YArmigt2lRsCbFgV9bzCoHuBWKUVYCS+o3pGQVg7N+FGHAgFqB/6/Rcb3Dc7oWvmtiilCQEr8dcjJJIbyD4AtLHPTy+ItZA3O560AxUzUHGpKRM/9g88H6HXVc6P9fMxQh+P3nUkkBxt46QN1Bo+1f4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931615; c=relaxed/simple; bh=lM4E+0QDfWeiHiQEc8/d7xk75Z3XLq+R4ATU188GEVg=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=a4NLE9lX7KVHXRZI+hVpHzF6vVHe7gBxZTzswV963H5WdRxUCEfnyJz/oudlOkVgdN/rlsfEOjXu2DJ8W0FJM3LarCy8NBzGVXRuZub8zRSruOSDudxvm4haEj/ivWgHEFY/nkcMSDBj7m5OCsdeauruwJ02sqWmyt5BWs5Sry8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=l1uTIwj4; arc=none smtp.client-ip=209.85.219.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="l1uTIwj4" Received: by mail-qv1-f42.google.com with SMTP id 6a1803df08f44-6b798e07246so8774616d6.2 for ; Thu, 25 Jul 2024 11:20:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931613; x=1722536413; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=EjfT3NMblUo7sZTNjknqk3yM6nPmAl4UxLqtdr8jd/U=; b=l1uTIwj4WY8fy3xNo4jAI5aMBjn3QmtBe4NFPu2J5+wmXTfvd5xAfOt6lHsOaRdUrw YMkMHSOmiLvNE8dqsVMCX+G/wHe4AxV8iRl2qe069x4vJWRCKk/6iU0J5N5PDZ5XKFda XqwuWo59gq86xpG97l7W+DjRaoLBU5JGdEZ5+kaVzU+LLEOrcc8S6kGZ6mJQkjpnT656 PDx7QYMBdh04NrxI0UX8114nK54u/0uxA5fdmdr/xl6nFCrgIpXfCxlXL3cLvCyAa8BS YoIbwB0jxAIKgBXv44DNrZxYD3nPYAD8C4Zrn8bvN8SNKYXFE+j73VMlrq8yXUIJGq1O E+fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931613; x=1722536413; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EjfT3NMblUo7sZTNjknqk3yM6nPmAl4UxLqtdr8jd/U=; b=YC0BQ5zm8DZOqBKaxoiY8m3p/7zCfixhJoor+X8Dm4gKvT4NoFr4GnsFpk0uZ6NPdR +neqdATMzBD9wU7CF42wQUNK0Kna0ZYyxfeJNcllcVfL9XbEPaxo2ZYDfTVqT6z9GQbi uAD6DX5k6VZHzBS7kTGwlj9nPJPvfAB64VlKZZeKY2eL3hme5uFQYqsydH24V7q3thzr o6mM+x1Z9rKPMUSFB31f/KW4tJAvy6F8buYOVqoPx2fQIs9jZAz5oFfVGbR6oCoZoJc6 sphEa+cftEEcYY3iw0gigKDg9W6j728z9kfouwabM0dO2yUONa1my4VcfJ51SHRGJG+y Z/7g== X-Forwarded-Encrypted: i=1; AJvYcCW8ycL4HmeqqsitfjLjPtkoV1urB6z2EhhbC9ZY0p3AMJ0fmLKX1vALGC0U3009eeI7YIt3HhBTsRd4aI4DINSaXGboXlMwtyikywBN8w== X-Gm-Message-State: AOJu0Yxlzi5RaNkYstqAngVbR6DgBoQSWEcbMBn15QYgeHoxpR8LGMCX k9MAwbxJgwpurEo6LES8uxuNTSLU0j6himMQvKYLEKbhLWEh3JIXmtTFlygOmU675o4+TfyEDHo 4Fok= X-Google-Smtp-Source: AGHT+IFFfvbHF/C1laqvOMe2uYaaZuz/eC8g0YkT5+sgQOImF086WDQgk/iY58n25Las+sOth7hX6g== X-Received: by 2002:a05:6214:762:b0:6b5:4aa9:9682 with SMTP id 6a1803df08f44-6bb4085e2d3mr29316516d6.41.1721931612958; Thu, 25 Jul 2024 11:20:12 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6bb3fac47f7sm9567776d6.115.2024.07.25.11.20.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:12 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 07/10] fanotify: rename a misnamed constant Date: Thu, 25 Jul 2024 14:19:44 -0400 Message-ID: <20137566913a612692aaa0a9c79bb0345e94c26d.1721931241.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein FANOTIFY_PIDFD_INFO_HDR_LEN is not the length of the header. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify_user.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 3a7101544f30..5ece186d5c50 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -119,7 +119,7 @@ struct kmem_cache *fanotify_perm_event_cachep __ro_after_init; #define FANOTIFY_EVENT_ALIGN 4 #define FANOTIFY_FID_INFO_HDR_LEN \ (sizeof(struct fanotify_event_info_fid) + sizeof(struct file_handle)) -#define FANOTIFY_PIDFD_INFO_HDR_LEN \ +#define FANOTIFY_PIDFD_INFO_LEN \ sizeof(struct fanotify_event_info_pidfd) #define FANOTIFY_ERROR_INFO_LEN \ (sizeof(struct fanotify_event_info_error)) @@ -174,14 +174,14 @@ static size_t fanotify_event_len(unsigned int info_mode, dot_len = 1; } - if (info_mode & FAN_REPORT_PIDFD) - event_len += FANOTIFY_PIDFD_INFO_HDR_LEN; - if (fanotify_event_has_object_fh(event)) { fh_len = fanotify_event_object_fh_len(event); event_len += fanotify_fid_info_len(fh_len, dot_len); } + if (info_mode & FAN_REPORT_PIDFD) + event_len += FANOTIFY_PIDFD_INFO_LEN; + return event_len; } @@ -511,7 +511,7 @@ static int copy_pidfd_info_to_user(int pidfd, size_t count) { struct fanotify_event_info_pidfd info = { }; - size_t info_len = FANOTIFY_PIDFD_INFO_HDR_LEN; + size_t info_len = FANOTIFY_PIDFD_INFO_LEN; if (WARN_ON_ONCE(info_len > count)) return -EFAULT; From patchwork Thu Jul 25 18:19:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742082 Received: from mail-oi1-f170.google.com (mail-oi1-f170.google.com [209.85.167.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0F8CD4D8B9 for ; Thu, 25 Jul 2024 18:20:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931616; cv=none; b=Lex0BtIku0gFylW4zDyW5qjVIBKYhcPUPro42w3SL8gewj7ivcgFTRt5VRA83yaKGTXDCEokpnAKKuHDxt0707rLZE1MAb+ivNNLqLgph5FnYyWuCXtNM4m9VfcVLo1AE0C0bcQHGUwj/DWCPgNekJI8WIuheQQ+sjeIfQddR5Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931616; c=relaxed/simple; bh=qSobnib1UMqZJPqLkryISi/+C25PWWR0+lf3t+hTHxw=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=kK02dUdvohDbbjdw07rVt9e7+6VhnskjEOqPMcHuYVN4kxgZ6sCu1oWVBhB/jCu8pZcnTRn6+QOvhnvrwA0Pjc1iupMV3QJR4+6YNSl84zopeAT+r39yrhZBcrtqc6slG01qrprr91aRUNjyyg8uVtjs7K9dtYWIAv6IUFFVhuM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=ozy0VSdY; arc=none smtp.client-ip=209.85.167.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="ozy0VSdY" Received: by mail-oi1-f170.google.com with SMTP id 5614622812f47-3db145c8010so100754b6e.3 for ; Thu, 25 Jul 2024 11:20:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931614; x=1722536414; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZnJ5oPvx7cNTyoAW0ZZ+8FiB3U4eBJ+Fssv39WcDM1w=; b=ozy0VSdYH3sCLP8f/K0X6UCa91e0ANvkahas6DE7k4rb16JgKgQV+vJko0uyqhPujf 630gLk+rinHI2PPyI1Mqm4LYtTJ+yZLhI2hKVFgN3TXcN8PvTs+gFd+0mVfY00LcaFWA CGA7Ebt15RJOfms8t3hX4fKlMZuLnzEBYFcsyXsQOr6m8flNL1flOUsaNZqDmQtOOm5s uAUAxg6AnrbgIaKbkjwjnHIZylYWwVLgqUVS+QQEgwLy5bCixRhHgngMBcpQmWjuQMF3 /vnUSc/0CS6PlbEAMhK8IIBfbj7YxHgQAnpxRT4d4NSya26O/Q+PfBLWLmsu37KKw4rt 9RKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931614; x=1722536414; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZnJ5oPvx7cNTyoAW0ZZ+8FiB3U4eBJ+Fssv39WcDM1w=; b=MHYjFrYdcUy6p2Ghyq599ORUucMbPPlyyWV+x9H3MpQQj6HbyHarim/5ltvvcQiydC GN7SStS9TZHCfw7fnwpd87tZUf5L5+7zOnL2eh7EqekuM/GyJKyXeHge5Pj7ZxgD/dXJ urD0ZgmrgblsSItg43G/XUwFGhiWzRYPgXWoIhH9gOdKxlWJUXwmr+ULXpxIs9ZVa1IO pg7/Ej5TXqhalVZasbMYRaH4A5FcNDvhQjWA8+cgt7tnyHqd2NnllkF29xtk56ShgbQo +mRXzaHmDpPY4VCJb8GZj39O3ml44Ac3bsU14xM6dZIOLhW3TkPRSQymtUr7FE/taQIy anrA== X-Forwarded-Encrypted: i=1; AJvYcCU6QRKZc4cK79FSzilGIFG1+q/O3lHHtpIW1dw/Gi9Pg8dNe93Txs+f6c/XiNIyhoQKMr7C9x+moJyJyEQUCtbSQnlASkCUQH8AbmIiXA== X-Gm-Message-State: AOJu0Yy1cY/4jMa02NWE/jZV+jsSojQp8CKLM9SjECONP14JkwZipjOi nYeAY8qiDL4YdlWgQCakS54Bvarq1LLUVOrC1gRcpEPxtX16xBfwn3j9oi3S8jM= X-Google-Smtp-Source: AGHT+IHE8+T0/vdmmmbelfmNpfZh6chb7MkDBY0Q9mDeC9QHjQxcAvo9vt+Go2B3fb431p+d7hferA== X-Received: by 2002:a05:6808:1883:b0:3da:bbf9:9284 with SMTP id 5614622812f47-3db1426f00cmr2630058b6e.51.1721931614178; Thu, 25 Jul 2024 11:20:14 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-44fe820158esm8136771cf.73.2024.07.25.11.20.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:13 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 08/10] fanotify: report file range info with pre-content events Date: Thu, 25 Jul 2024 14:19:45 -0400 Message-ID: <1a378ca2df2ce30e5aecf7145223906a427d9037.1721931241.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein With group class FAN_CLASS_PRE_CONTENT, report offset and length info along with FAN_PRE_ACCESS and FAN_PRE_MODIFY permission events. This information is meant to be used by hierarchical storage managers that want to fill partial content of files on first access to range. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.h | 8 +++++++ fs/notify/fanotify/fanotify_user.c | 38 ++++++++++++++++++++++++++++++ include/uapi/linux/fanotify.h | 7 ++++++ 3 files changed, 53 insertions(+) diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h index 93598b7d5952..7f06355afa1f 100644 --- a/fs/notify/fanotify/fanotify.h +++ b/fs/notify/fanotify/fanotify.h @@ -448,6 +448,14 @@ static inline bool fanotify_is_perm_event(u32 mask) mask & FANOTIFY_PERM_EVENTS; } +static inline bool fanotify_event_has_access_range(struct fanotify_event *event) +{ + if (!(event->mask & FANOTIFY_PRE_CONTENT_EVENTS)) + return false; + + return FANOTIFY_PERM(event)->ppos; +} + static inline struct fanotify_event *FANOTIFY_E(struct fsnotify_event *fse) { return container_of(fse, struct fanotify_event, fse); diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 5ece186d5c50..c3c8b2ea80b6 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -123,6 +123,8 @@ struct kmem_cache *fanotify_perm_event_cachep __ro_after_init; sizeof(struct fanotify_event_info_pidfd) #define FANOTIFY_ERROR_INFO_LEN \ (sizeof(struct fanotify_event_info_error)) +#define FANOTIFY_RANGE_INFO_LEN \ + (sizeof(struct fanotify_event_info_range)) static int fanotify_fid_info_len(int fh_len, int name_len) { @@ -182,6 +184,9 @@ static size_t fanotify_event_len(unsigned int info_mode, if (info_mode & FAN_REPORT_PIDFD) event_len += FANOTIFY_PIDFD_INFO_LEN; + if (fanotify_event_has_access_range(event)) + event_len += FANOTIFY_RANGE_INFO_LEN; + return event_len; } @@ -526,6 +531,30 @@ static int copy_pidfd_info_to_user(int pidfd, return info_len; } +static size_t copy_range_info_to_user(struct fanotify_event *event, + char __user *buf, int count) +{ + struct fanotify_perm_event *pevent = FANOTIFY_PERM(event); + struct fanotify_event_info_range info = { }; + size_t info_len = FANOTIFY_RANGE_INFO_LEN; + + if (WARN_ON_ONCE(info_len > count)) + return -EFAULT; + + if (WARN_ON_ONCE(!pevent->ppos)) + return 0; + + info.hdr.info_type = FAN_EVENT_INFO_TYPE_RANGE; + info.hdr.len = info_len; + info.offset = *(pevent->ppos); + info.count = pevent->count; + + if (copy_to_user(buf, &info, info_len)) + return -EFAULT; + + return info_len; +} + static int copy_info_records_to_user(struct fanotify_event *event, struct fanotify_info *info, unsigned int info_mode, int pidfd, @@ -647,6 +676,15 @@ static int copy_info_records_to_user(struct fanotify_event *event, total_bytes += ret; } + if (fanotify_event_has_access_range(event)) { + ret = copy_range_info_to_user(event, buf, count); + if (ret < 0) + return ret; + buf += ret; + count -= ret; + total_bytes += ret; + } + return total_bytes; } diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index c8dacedf73b9..7c92d0f6bf71 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -145,6 +145,7 @@ struct fanotify_event_metadata { #define FAN_EVENT_INFO_TYPE_DFID 3 #define FAN_EVENT_INFO_TYPE_PIDFD 4 #define FAN_EVENT_INFO_TYPE_ERROR 5 +#define FAN_EVENT_INFO_TYPE_RANGE 6 /* Special info types for FAN_RENAME */ #define FAN_EVENT_INFO_TYPE_OLD_DFID_NAME 10 @@ -191,6 +192,12 @@ struct fanotify_event_info_error { __u32 error_count; }; +struct fanotify_event_info_range { + struct fanotify_event_info_header hdr; + __u32 count; + __u64 offset; +}; + /* * User space may need to record additional information about its decision. * The extra information type records what kind of information is included. From patchwork Thu Jul 25 18:19:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742083 Received: from mail-qt1-f182.google.com (mail-qt1-f182.google.com [209.85.160.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ACE6B29414 for ; Thu, 25 Jul 2024 18:20:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931618; cv=none; b=bPJM1lAj+e+HGtlNxouXnhqjyvYq4APPf6bVHPnXFyqlg+lOUl2/+1QGhzTNndcokJjAWFM+IYucVn52QfTObRm2wxkowcJxDgWga34VnTqhpRQlxumy/2fxEJ3yOGdBMUQL+6IdMrMqc3ORNhQCWJg69OVzpLc3yTBrqGMRkeg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931618; c=relaxed/simple; bh=kTqCTfhekdsH6P19RNTvUZFF5ZgWoXDNnnXsNdKanPo=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=pVwsulgUWn8JhXaU6IKiAlrek6T0o6m2GQoLaKEkGhOnb1/ki+rut0zA4BKRQx2H3NMoHC3xwRe9bR3LuG3Ws4ksN1wlF8myKftu+XJFDwsLgaCRgZrs4T7gtc4LM8H7KDYVWXDx/mRpiPakMpq5utKNwgNT1fZlc0miP2lRhWw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=Q625Wimb; arc=none smtp.client-ip=209.85.160.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="Q625Wimb" Received: by mail-qt1-f182.google.com with SMTP id d75a77b69052e-44931f038f9so20752521cf.0 for ; Thu, 25 Jul 2024 11:20:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931615; x=1722536415; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=lAb22f+5UyCJF3bHhMz1ReVnbOVGqqGo7ezLQ8nQVBI=; b=Q625Wimbaw4x8sa4hfKt0lBOs3t1nALGlfI7csnQp197RhvtJJ1EeEnhVMVdCuIpTM 9dVCynhOBTVNijMHvrAro40D8PxkG03XSx5UOSv4WDKb4cANvv5CtczFmVl2U8IRvJ8y TOWRpwq6eCfnmxvhWQL562D5VjPh8TaMf2aDhyxWMU0m3nADZUyHTKfsd0ZzOSogUflK tZ/Vz2s9C7LAN13x5nVW+Y0wq+QCHBRS5m6TqLEOnf4AU3Zh0uwxIfbEiEz+oxIkBCp+ tI89a3xjfe3+BYQT3YwE5H0Hw8AgYH/EVY4cMoLE7ngyAi+J3PmQVMIe5XtYYxHSfYUM Itmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931615; x=1722536415; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lAb22f+5UyCJF3bHhMz1ReVnbOVGqqGo7ezLQ8nQVBI=; b=o9MzAUVBXtosSVHh9Pp/5bVUHncY1QZQHlRSPcShQeNjT0cbMiGK9nkX/HnzrLl3Op 60yZr/cTgeLoAwOf6NeMkyISjshoS7E4/iXi8vrgOjmc9K8U10nvefZ6KwH+0tBSkVKp 45D2EFpC8nHmIhJ/2jW/jQ8nUocKnKmkpWvbQw5IZlnawRzsci9hfUK5qGlzR9Rg/Zko bnYXG9FitqA7TaI6GYpZ9bA269IRtqUQ1hEVcla5nRPiDBBzVtDj5ewHLGFaraWQMt89 ocbN1HiR8sE3qETyQin5d+SKVjgs82ylSyQ7fmPM/rBCMj+rL/JOPucLgzvd3xxUutBt 34CA== X-Forwarded-Encrypted: i=1; AJvYcCU56V4+8AO94osY5GKgXTTbLznmpsNKnCw+/T4EjkQnn2YPRVLJD6KCH2ZnQoGZt8h7oSNmlaT1z0kpP3coIoi4vJByEu9UYnWN7fMhnw== X-Gm-Message-State: AOJu0YwbvJ0Tx5xIgw1aFV9/wAsLg8wTRn4y1SkiBFai12/MBvY23KFl cSeXCNPcMjgNIPdfKMRkoacyXYG6c1/k7147JztdJ5/bFVLRw/LQBVoTJlE1N0o= X-Google-Smtp-Source: AGHT+IHs3NVmgivA/IDe9Fy2q1QxG+D38xIy2Eui0/57t8SISYbb9HYhUGCBJxnbx5ee2DdBfNYYjQ== X-Received: by 2002:ac8:7f88:0:b0:447:e6f9:f61c with SMTP id d75a77b69052e-44fd7b8510bmr105854151cf.22.1721931615512; Thu, 25 Jul 2024 11:20:15 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a1d744456fsm106528685a.108.2024.07.25.11.20.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:15 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 09/10] fanotify: allow to set errno in FAN_DENY permission response Date: Thu, 25 Jul 2024 14:19:46 -0400 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein With FAN_DENY response, user trying to perform the filesystem operation gets an error with errno set to EPERM. It is useful for hierarchical storage management (HSM) service to be able to deny access for reasons more diverse than EPERM, for example EAGAIN, if HSM could retry the operation later. Allow fanotify groups with priority FAN_CLASSS_PRE_CONTENT to responsd to permission events with the response value FAN_DENY_ERRNO(errno), instead of FAN_DENY to return a custom error. Limit custom error to values to some errors expected on read(2)/write(2) and open(2) of regular files. This list could be extended in the future. Userspace can test for legitimate values of FAN_DENY_ERRNO(errno) by writing a response to an fanotify group fd with a value of FAN_NOFD in the fd field of the response. The change in fanotify_response is backward compatible, because errno is written in the high 8 bits of the 32bit response field and old kernels reject respose value with high bits set. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 13 ++++++++++--- fs/notify/fanotify/fanotify_user.c | 31 +++++++++++++++++++++++++++--- include/linux/fanotify.h | 9 ++++++++- include/uapi/linux/fanotify.h | 7 +++++++ 4 files changed, 53 insertions(+), 7 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 8fa439bd47d6..48539acc32e0 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -224,7 +224,7 @@ static int fanotify_get_response(struct fsnotify_group *group, struct fanotify_perm_event *event, struct fsnotify_iter_info *iter_info) { - int ret; + int ret, errno; pr_debug("%s: group=%p event=%p\n", __func__, group, event); @@ -258,18 +258,25 @@ static int fanotify_get_response(struct fsnotify_group *group, } /* userspace responded, convert to something usable */ - switch (event->response & FANOTIFY_RESPONSE_ACCESS) { + switch (FAN_RESPONSE_ACCESS(event->response)) { case FAN_ALLOW: ret = 0; break; case FAN_DENY: + /* Check custom errno from pre-content events */ + errno = FAN_RESPONSE_ERRNO(event->response); + if (errno) { + ret = -errno; + break; + } + fallthrough; default: ret = -EPERM; } /* Check if the response should be audited */ if (event->response & FAN_AUDIT) - audit_fanotify(event->response & ~FAN_AUDIT, + audit_fanotify(FAN_RESPONSE_ACCESS(event->response), &event->audit_rule); pr_debug("%s: group=%p event=%p about to return ret=%d\n", __func__, diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index c3c8b2ea80b6..b4d810168521 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -337,11 +337,12 @@ static int process_access_response(struct fsnotify_group *group, struct fanotify_perm_event *event; int fd = response_struct->fd; u32 response = response_struct->response; + int errno = FAN_RESPONSE_ERRNO(response); int ret = info_len; struct fanotify_response_info_audit_rule friar; - pr_debug("%s: group=%p fd=%d response=%u buf=%p size=%zu\n", __func__, - group, fd, response, info, info_len); + pr_debug("%s: group=%p fd=%d response=%x errno=%d buf=%p size=%zu\n", + __func__, group, fd, response, errno, info, info_len); /* * make sure the response is valid, if invalid we do nothing and either * userspace can send a valid response or we will clean it up after the @@ -350,9 +351,33 @@ static int process_access_response(struct fsnotify_group *group, if (response & ~FANOTIFY_RESPONSE_VALID_MASK) return -EINVAL; - switch (response & FANOTIFY_RESPONSE_ACCESS) { + switch (FAN_RESPONSE_ACCESS(response)) { case FAN_ALLOW: + if (errno) + return -EINVAL; + break; case FAN_DENY: + /* Custom errno is supported only for pre-content groups */ + if (errno && group->priority != FSNOTIFY_PRIO_PRE_CONTENT) + return -EINVAL; + + /* + * Limit errno to values expected on open(2)/read(2)/write(2) + * of regular files. + */ + switch (errno) { + case 0: + case EIO: + case EPERM: + case EBUSY: + case ETXTBSY: + case EAGAIN: + case ENOSPC: + case EDQUOT: + break; + default: + return -EINVAL; + } break; default: return -EINVAL; diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index ae6cb2688d52..76d818a7d654 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -132,7 +132,14 @@ /* These masks check for invalid bits in permission responses. */ #define FANOTIFY_RESPONSE_ACCESS (FAN_ALLOW | FAN_DENY) #define FANOTIFY_RESPONSE_FLAGS (FAN_AUDIT | FAN_INFO) -#define FANOTIFY_RESPONSE_VALID_MASK (FANOTIFY_RESPONSE_ACCESS | FANOTIFY_RESPONSE_FLAGS) +#define FANOTIFY_RESPONSE_ERRNO (FAN_ERRNO_MASK << FAN_ERRNO_SHIFT) +#define FANOTIFY_RESPONSE_VALID_MASK \ + (FANOTIFY_RESPONSE_ACCESS | FANOTIFY_RESPONSE_FLAGS | \ + FANOTIFY_RESPONSE_ERRNO) + +/* errno other than EPERM can specified in upper byte of deny response */ +#define FAN_RESPONSE_ACCESS(res) ((res) & FANOTIFY_RESPONSE_ACCESS) +#define FAN_RESPONSE_ERRNO(res) ((int)((res) >> FAN_ERRNO_SHIFT)) /* Do not use these old uapi constants internally */ #undef FAN_ALL_CLASS_BITS diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 7c92d0f6bf71..2206b3ec01c9 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -233,6 +233,13 @@ struct fanotify_response_info_audit_rule { /* Legit userspace responses to a _PERM event */ #define FAN_ALLOW 0x01 #define FAN_DENY 0x02 +/* errno other than EPERM can specified in upper byte of deny response */ +#define FAN_ERRNO_BITS 8 +#define FAN_ERRNO_SHIFT (32 - FAN_ERRNO_BITS) +#define FAN_ERRNO_MASK ((1 << FAN_ERRNO_BITS) - 1) +#define FAN_DENY_ERRNO(err) \ + (FAN_DENY | ((((__u32)(err)) & FAN_ERRNO_MASK) << FAN_ERRNO_SHIFT)) + #define FAN_AUDIT 0x10 /* Bitmask to create audit record for result */ #define FAN_INFO 0x20 /* Bitmask to indicate additional information */ From patchwork Thu Jul 25 18:19:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13742084 Received: from mail-ot1-f41.google.com (mail-ot1-f41.google.com [209.85.210.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 005271F959 for ; Thu, 25 Jul 2024 18:20:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931619; cv=none; b=N5DHHDSQdgZ/TOuacYuq3T9CRni4w4/f1TiuesLCIK/t2gMF/nobPYeRd5znoB8LO3NPSMpUkgkB5sjhUQR8HiCHAAkZxF9VvLMZhIi00w7oT9z2Fv9TA5iBVQ9Jo33YznNLB5B8gXtntevD9KjqwJ5polEg2DZwSJfeMPGbmLY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721931619; c=relaxed/simple; bh=g5LYCcVMbQdzidWygRiVOkC8Uc0XNUuZ7Os/Hul1tJ8=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=u4BxMNKz1alV3uogHXwx436ngOh1ELzQzssXbUvk8Ud+84v2xZISEXTlyL2XJkmf5BXvJnIkMDk0CCXmlc5QrlNkpIdmx442T7+4GS8GkEbREa9f9L/HCONiCbL+wxcVnV+OojWRK2QuNLzzeAQAPpj1j9kryzz/t/otUV8tVPc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=F9eDTA5T; arc=none smtp.client-ip=209.85.210.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="F9eDTA5T" Received: by mail-ot1-f41.google.com with SMTP id 46e09a7af769-7093472356dso120245a34.0 for ; Thu, 25 Jul 2024 11:20:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1721931617; x=1722536417; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=7tWJ2c4tr/BjcKYqRu4CB7etWtMzNUdX29DLxMzM6Sw=; b=F9eDTA5T/sAAnqvYnODQ8lNp/MuqqBgVny79avKDJPRTKJGL/BE+wSHs40okEaW04Q KHyPCQv7TePz47p55ielTa37U7mEVcTHAlyBvtjhmvWPl4h+7bZ2T7DneWSIJZwi1Oj/ o+zlfNJs4eyXCNYkNYC2W7FF5KK3yDSRaNGkIYGPX9H7r2SGHxGA+JxIC8ItmrPVizL4 jZ2jBHuT0wPK8LY93kN7O86bxhlOK0yPEzT3HS+08PQo4GGjgUrXPp2dwvpJ3BefvmkA /bafUGDtEdLjG9zsiLM92FS7oXbFi4ytAZto+GjFBSymDvzPMbjv5FCgz9UDfyU5iYwk 77wg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721931617; x=1722536417; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7tWJ2c4tr/BjcKYqRu4CB7etWtMzNUdX29DLxMzM6Sw=; b=V8QW1+064Cbx0A9DOfnYh8bSmNNFQxz5MdPUJ+ZL2IBZa9v0sGmAx9sC5ogbQzSyHn bTfMwnkgsHqynVFZdz2me1iFptdRd1vQqU8bsMg7eKkUnYDxsyyzj0jPZZ57nb7FXmn0 v9uOxJnB70L3hKOp1gOAiONMjp0uuUdEbhldDz8F1EQBfKcu8JpCZSYCc+rRMTXNWFfL 0kRX+T2rEZ1JeWeevFI5jCbh7i9B/AibPfZUmIpzpWnFHKeBuCl9pAs9ONGlHRDNCiMT BDpFAUdFv+av7UW7N2DFn2QZuCDgJ8EKp5dmBAAZMB3bew/26sTHxGGATmGDXUUR8UXI 7ezA== X-Forwarded-Encrypted: i=1; AJvYcCVLMjfIpu0VzqXjYJdafeD8GWOmqQm3W49AwX1AwGLh4Q9GTgms0D9v+cj02xIFBb+B6wwlTLDl+b/kx7HfXuW9tZwc3zeF3Ri4u2+oBg== X-Gm-Message-State: AOJu0Yz4OVhFvCGNGeNScyo9ke8bR/LGDWXwkHitN9gq52HQH5TTjxmv gEATGyzYr6Epeb+jXJ5ugrnmrJnQ1boThL9QWmobnicnuzuvVclaiRUJn0kN+k8= X-Google-Smtp-Source: AGHT+IG+t7W2iRxxfrZk/u5gp+f2w3SND7ViS3jz0N1bJUoIJi4bLPonGfje6sH5LeUoA6myPn7daA== X-Received: by 2002:a05:6830:368a:b0:703:68ad:94c1 with SMTP id 46e09a7af769-7092e76e8famr4554614a34.31.1721931616967; Thu, 25 Jul 2024 11:20:16 -0700 (PDT) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7a1d73ed346sm107452985a.68.2024.07.25.11.20.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jul 2024 11:20:16 -0700 (PDT) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org Subject: [PATCH 10/10] fsnotify: generate pre-content permission event on page fault Date: Thu, 25 Jul 2024 14:19:47 -0400 Message-ID: <1bc2855779e7ba1d80592be7d6257b43f1a91886.1721931241.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 FS_PRE_ACCESS or FS_PRE_MODIFY will be generated on page fault depending on the faulting method. This pre-content event is meant to be used by hierarchical storage managers that want to fill in the file content on first read access. Signed-off-by: Josef Bacik --- fs/notify/fsnotify.c | 13 +++++++++ include/linux/fsnotify_backend.h | 14 +++++++++ mm/filemap.c | 50 ++++++++++++++++++++++++++++---- 3 files changed, 71 insertions(+), 6 deletions(-) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index 1ca4a8da7f29..435232d46b4f 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -28,6 +28,19 @@ void __fsnotify_vfsmount_delete(struct vfsmount *mnt) fsnotify_clear_marks_by_mount(mnt); } +bool fsnotify_file_has_content_watches(struct file *file) +{ + struct inode *inode = file_inode(file); + struct super_block *sb = inode->i_sb; + struct mount *mnt = real_mount(file->f_path.mnt); + u32 mask = inode->i_fsnotify_mask; + + mask |= mnt->mnt_fsnotify_mask; + mask |= sb->s_fsnotify_mask; + + return !!(mask & FSNOTIFY_PRE_CONTENT_EVENTS); +} + /** * fsnotify_unmount_inodes - an sb is unmounting. handle any watched inodes. * @sb: superblock being unmounted. diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 36c3d18cc40a..6983fbf096b8 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -900,6 +900,15 @@ static inline void fsnotify_init_event(struct fsnotify_event *event) INIT_LIST_HEAD(&event->list); } +#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS +bool fsnotify_file_has_content_watches(struct file *file); +#else +static inline bool fsnotify_file_has_content_watches(struct file *file) +{ + return false; +} +#endif /* CONFIG_FANOTIFY_ACCESS_PERMISSIONS */ + #else static inline int fsnotify(__u32 mask, const void *data, int data_type, @@ -938,6 +947,11 @@ static inline u32 fsnotify_get_cookie(void) static inline void fsnotify_unmount_inodes(struct super_block *sb) {} +static inline bool fsnotify_file_has_content_watches(struct file *file) +{ + return false; +} + #endif /* CONFIG_FSNOTIFY */ #endif /* __KERNEL __ */ diff --git a/mm/filemap.c b/mm/filemap.c index ca8c8d889eef..cc9d7885bbe3 100644 --- a/mm/filemap.c +++ b/mm/filemap.c @@ -46,6 +46,7 @@ #include #include #include +#include #include #include #include "internal.h" @@ -3112,13 +3113,13 @@ static int lock_folio_maybe_drop_mmap(struct vm_fault *vmf, struct folio *folio, * that. If we didn't pin a file then we return NULL. The file that is * returned needs to be fput()'ed when we're done with it. */ -static struct file *do_sync_mmap_readahead(struct vm_fault *vmf) +static struct file *do_sync_mmap_readahead(struct vm_fault *vmf, + struct file *fpin) { struct file *file = vmf->vma->vm_file; struct file_ra_state *ra = &file->f_ra; struct address_space *mapping = file->f_mapping; DEFINE_READAHEAD(ractl, file, ra, mapping, vmf->pgoff); - struct file *fpin = NULL; unsigned long vm_flags = vmf->vma->vm_flags; unsigned int mmap_miss; @@ -3182,12 +3183,12 @@ static struct file *do_sync_mmap_readahead(struct vm_fault *vmf) * was pinned if we have to drop the mmap_lock in order to do IO. */ static struct file *do_async_mmap_readahead(struct vm_fault *vmf, - struct folio *folio) + struct folio *folio, + struct file *fpin) { struct file *file = vmf->vma->vm_file; struct file_ra_state *ra = &file->f_ra; DEFINE_READAHEAD(ractl, file, ra, file->f_mapping, vmf->pgoff); - struct file *fpin = NULL; unsigned int mmap_miss; /* If we don't want any read-ahead, don't bother */ @@ -3287,6 +3288,35 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) if (unlikely(index >= max_idx)) return VM_FAULT_SIGBUS; + /* + * If we have pre-content watchers then we need to generate events on + * page fault so that we can populate any data before the fault. + * + * We only do this on the first pass through, otherwise the populating + * application could potentially deadlock on the mmap lock if it tries + * to populate it with mmap. + */ + if (fault_flag_allow_retry_first(vmf->flags) && + fsnotify_file_has_content_watches(file)) { + int mask = (vmf->flags & FAULT_FLAG_WRITE) ? MAY_WRITE : MAY_READ; + loff_t pos = vmf->pgoff << PAGE_SHIFT; + + fpin = maybe_unlock_mmap_for_io(vmf, fpin); + + /* + * We can only emit the event if we did actually release the + * mmap lock. + */ + if (fpin) { + error = fsnotify_file_area_perm(fpin, mask, &pos, + PAGE_SIZE); + if (error) { + fput(fpin); + return VM_FAULT_ERROR; + } + } + } + /* * Do we have something in the page cache already? */ @@ -3297,7 +3327,7 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) * the lock. */ if (!(vmf->flags & FAULT_FLAG_TRIED)) - fpin = do_async_mmap_readahead(vmf, folio); + fpin = do_async_mmap_readahead(vmf, folio, fpin); if (unlikely(!folio_test_uptodate(folio))) { filemap_invalidate_lock_shared(mapping); mapping_locked = true; @@ -3311,7 +3341,7 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) count_vm_event(PGMAJFAULT); count_memcg_event_mm(vmf->vma->vm_mm, PGMAJFAULT); ret = VM_FAULT_MAJOR; - fpin = do_sync_mmap_readahead(vmf); + fpin = do_sync_mmap_readahead(vmf, fpin); retry_find: /* * See comment in filemap_create_folio() why we need @@ -3604,6 +3634,7 @@ vm_fault_t filemap_map_pages(struct vm_fault *vmf, struct vm_area_struct *vma = vmf->vma; struct file *file = vma->vm_file; struct address_space *mapping = file->f_mapping; + struct inode *inode = mapping->host; pgoff_t last_pgoff = start_pgoff; unsigned long addr; XA_STATE(xas, &mapping->i_pages, start_pgoff); @@ -3612,6 +3643,13 @@ vm_fault_t filemap_map_pages(struct vm_fault *vmf, unsigned long rss = 0; unsigned int nr_pages = 0, mmap_miss = 0, mmap_miss_saved, folio_type; + /* + * We are under RCU, we can't emit events here, we need to force a + * normal fault to make sure the events get sent. + */ + if (fsnotify_file_has_content_watches(file)) + return ret; + rcu_read_lock(); folio = next_uptodate_folio(&xas, mapping, end_pgoff); if (!folio)