diff mbox series

[05/10] fanotify: introduce FAN_PRE_MODIFY permission event

Message ID e58775009d8df15b5513fab5ac112f0dac53e427.1721931241.git.josef@toxicpanda.com (mailing list archive)
State New
Headers show
Series fanotify: add pre-content hooks | expand

Commit Message

Josef Bacik July 25, 2024, 6:19 p.m. UTC 
From: Amir Goldstein <amir73il@gmail.com>

Generate FAN_PRE_MODIFY permission event from fsnotify_file_perm()
pre-write hook to notify fanotify listeners on an intent to make
modification to a file.

Like FAN_PRE_ACCESS, it is only allowed with FAN_CLASS_PRE_CONTENT
and unlike FAN_MODIFY, it is only allowed on regular files.

Like FAN_PRE_ACCESS, it is generated without sb_start_write() held,
so it is safe for to perform filesystem modifications in the the
context of event handler.

This pre-content event is meant to be used by hierarchical storage
managers that want to fill the content of files on first write access.

Signed-off-by: Amir Goldstein <amir73il@gmail.com>
---
 fs/notify/fanotify/fanotify.c      | 3 ++-
 fs/notify/fanotify/fanotify_user.c | 2 ++
 include/linux/fanotify.h           | 3 ++-
 include/uapi/linux/fanotify.h      | 1 +
 4 files changed, 7 insertions(+), 2 deletions(-)

Comments

Jan Kara Aug. 1, 2024, 5:09 p.m. UTC | #1 
On Thu 25-07-24 14:19:42, Josef Bacik wrote:
> From: Amir Goldstein <amir73il@gmail.com>
> 
> Generate FAN_PRE_MODIFY permission event from fsnotify_file_perm()
> pre-write hook to notify fanotify listeners on an intent to make
> modification to a file.
> 
> Like FAN_PRE_ACCESS, it is only allowed with FAN_CLASS_PRE_CONTENT
> and unlike FAN_MODIFY, it is only allowed on regular files.
> 
> Like FAN_PRE_ACCESS, it is generated without sb_start_write() held,
> so it is safe for to perform filesystem modifications in the the
		^^^ seems superfluous			   ^^^ twice "the"

> context of event handler.
...
> diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
> index 5c811baf44d2..ae6cb2688d52 100644
> --- a/include/linux/fanotify.h
> +++ b/include/linux/fanotify.h
> @@ -92,7 +92,8 @@
>  #define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \
>  				      FAN_ACCESS_PERM)
>  /* Pre-content events can be used to fill file content */
> -#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS)
> +#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS | FAN_PRE_MODIFY)
> +#define FANOTIFY_PRE_MODIFY_EVENTS   (FAN_PRE_MODIFY)

I didn't find FANOTIFY_PRE_MODIFY_EVENTS used anywhere?

								Honza
Amir Goldstein Aug. 3, 2024, 4:55 p.m. UTC | #2 
On Thu, Aug 1, 2024 at 7:09 PM Jan Kara <jack@suse.cz> wrote:
>
> On Thu 25-07-24 14:19:42, Josef Bacik wrote:
> > From: Amir Goldstein <amir73il@gmail.com>
> >
> > Generate FAN_PRE_MODIFY permission event from fsnotify_file_perm()
> > pre-write hook to notify fanotify listeners on an intent to make
> > modification to a file.
> >
> > Like FAN_PRE_ACCESS, it is only allowed with FAN_CLASS_PRE_CONTENT
> > and unlike FAN_MODIFY, it is only allowed on regular files.
> >
> > Like FAN_PRE_ACCESS, it is generated without sb_start_write() held,
> > so it is safe for to perform filesystem modifications in the the
>                 ^^^ seems superfluous                      ^^^ twice "the"
>
> > context of event handler.
> ...
> > diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
> > index 5c811baf44d2..ae6cb2688d52 100644
> > --- a/include/linux/fanotify.h
> > +++ b/include/linux/fanotify.h
> > @@ -92,7 +92,8 @@
> >  #define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \
> >                                     FAN_ACCESS_PERM)
> >  /* Pre-content events can be used to fill file content */
> > -#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS)
> > +#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS | FAN_PRE_MODIFY)
> > +#define FANOTIFY_PRE_MODIFY_EVENTS   (FAN_PRE_MODIFY)
>
> I didn't find FANOTIFY_PRE_MODIFY_EVENTS used anywhere?

Right. It is used later in the sb_write_barrier patches.
We can introduce it later if you prefer.

Thanks,
Amir.
Jan Kara Aug. 5, 2024, 11:18 a.m. UTC | #3 
On Sat 03-08-24 18:55:42, Amir Goldstein wrote:
> On Thu, Aug 1, 2024 at 7:09 PM Jan Kara <jack@suse.cz> wrote:
> >
> > On Thu 25-07-24 14:19:42, Josef Bacik wrote:
> > > From: Amir Goldstein <amir73il@gmail.com>
> > >
> > > Generate FAN_PRE_MODIFY permission event from fsnotify_file_perm()
> > > pre-write hook to notify fanotify listeners on an intent to make
> > > modification to a file.
> > >
> > > Like FAN_PRE_ACCESS, it is only allowed with FAN_CLASS_PRE_CONTENT
> > > and unlike FAN_MODIFY, it is only allowed on regular files.
> > >
> > > Like FAN_PRE_ACCESS, it is generated without sb_start_write() held,
> > > so it is safe for to perform filesystem modifications in the the
> >                 ^^^ seems superfluous                      ^^^ twice "the"
> >
> > > context of event handler.
> > ...
> > > diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
> > > index 5c811baf44d2..ae6cb2688d52 100644
> > > --- a/include/linux/fanotify.h
> > > +++ b/include/linux/fanotify.h
> > > @@ -92,7 +92,8 @@
> > >  #define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \
> > >                                     FAN_ACCESS_PERM)
> > >  /* Pre-content events can be used to fill file content */
> > > -#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS)
> > > +#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS | FAN_PRE_MODIFY)
> > > +#define FANOTIFY_PRE_MODIFY_EVENTS   (FAN_PRE_MODIFY)
> >
> > I didn't find FANOTIFY_PRE_MODIFY_EVENTS used anywhere?
> 
> Right. It is used later in the sb_write_barrier patches.
> We can introduce it later if you prefer.

If you say it eventually gets used then I'm fine with this.

								Honza
diff mbox series

Patch

diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index 7dac8e4486df..b163594843f5 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c
@@ -911,8 +911,9 @@  static int fanotify_handle_event(struct fsnotify_group *group, u32 mask,
 	BUILD_BUG_ON(FAN_FS_ERROR != FS_ERROR);
 	BUILD_BUG_ON(FAN_RENAME != FS_RENAME);
 	BUILD_BUG_ON(FAN_PRE_ACCESS != FS_PRE_ACCESS);
+	BUILD_BUG_ON(FAN_PRE_MODIFY != FS_PRE_MODIFY);
 
-	BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 22);
+	BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 23);
 
 	mask = fanotify_group_event_mask(group, iter_info, &match_mask,
 					 mask, data, data_type, dir);
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index c294849e474f..3a7101544f30 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -1673,6 +1673,8 @@  static int fanotify_events_supported(struct fsnotify_group *group,
 	if (mask & FANOTIFY_PRE_CONTENT_EVENTS) {
 		if (!is_dir && !d_is_reg(path->dentry))
 			return -EINVAL;
+		if (is_dir && mask & FAN_PRE_MODIFY)
+			return -EISDIR;
 	}
 
 	return 0;
diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
index 5c811baf44d2..ae6cb2688d52 100644
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -92,7 +92,8 @@ 
 #define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \
 				      FAN_ACCESS_PERM)
 /* Pre-content events can be used to fill file content */
-#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS)
+#define FANOTIFY_PRE_CONTENT_EVENTS  (FAN_PRE_ACCESS | FAN_PRE_MODIFY)
+#define FANOTIFY_PRE_MODIFY_EVENTS   (FAN_PRE_MODIFY)
 
 /* Events that require a permission response from user */
 #define FANOTIFY_PERM_EVENTS	(FANOTIFY_CONTENT_PERM_EVENTS | \
diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h
index 3ae43867d318..c8dacedf73b9 100644
--- a/include/uapi/linux/fanotify.h
+++ b/include/uapi/linux/fanotify.h
@@ -27,6 +27,7 @@ 
 #define FAN_OPEN_EXEC_PERM	0x00040000	/* File open/exec in perm check */
 
 #define FAN_PRE_ACCESS		0x00100000	/* Pre-content access hook */
+#define FAN_PRE_MODIFY		0x00200000	/* Pre-content modify hook */
 
 #define FAN_EVENT_ON_CHILD	0x08000000	/* Interested in child events */