@@ -96,11 +96,12 @@ static bool fanotify_should_send_event(struct fsnotify_mark *inode_mark,
{
__u32 marks_mask, marks_ignored_mask;
const struct path *path = data;
+ struct vfsmount *mark_mnt = inode_mark ? inode_mark->mnt : NULL;
struct dentry *dentry = path->dentry;
- pr_debug("%s: inode_mark=%p vfsmnt_mark=%p mask=%x"
+ pr_debug("%s: inode_mark=%p vfsmnt_mark=%p mark_mnt=%p mask=%x"
" data_type=%d\n", __func__, inode_mark, vfsmnt_mark,
- event_mask, data_type);
+ mark_mnt, event_mask, data_type);
/* if we don't have enough info to send an event to userspace say no */
if (data_type != FSNOTIFY_EVENT_PATH &&
@@ -145,6 +146,14 @@ static bool fanotify_should_send_event(struct fsnotify_mark *inode_mark,
~marks_ignored_mask))
return false;
+ /*
+ * Only interesetd in dentry events visible from the mount
+ * from which the root watch was added
+ */
+ if (mark_mnt && mark_mnt->mnt_root != dentry &&
+ d_ancestor(mark_mnt->mnt_root, dentry) == NULL)
+ return false;
+
return true;
}
When adding a super block root watch from a mount point that is not mounted on the root of the file system, filter out events on file system objects that happen outside this mount point directory (on non decendant objects). This is not like FAN_MARK_MOUNT which filters only events that happened on the mount of the mark. All events on file system objects are reported as long as these objects are accessible from the mark mount point. Signed-off-by: Amir Goldstein <amir73il@gmail.com> --- fs/notify/fanotify/fanotify.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-)