From patchwork Thu Nov 21 11:22:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kara X-Patchwork-Id: 13881884 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0B60BD6ED09 for ; Thu, 21 Nov 2024 11:23:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 84CD76B009B; Thu, 21 Nov 2024 06:22:33 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4DB8D6B0096; Thu, 21 Nov 2024 06:22:33 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A8B306B009E; Thu, 21 Nov 2024 06:22:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id B4D1D6B009B for ; Thu, 21 Nov 2024 06:22:31 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 600FA1C76F7 for ; Thu, 21 Nov 2024 11:22:31 +0000 (UTC) X-FDA: 82809860406.17.7DB1783 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) by imf06.hostedemail.com (Postfix) with ESMTP id D8FB9180008 for ; Thu, 21 Nov 2024 11:21:51 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=eCmHv8r3; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=5Dtmztll; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=eCmHv8r3; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=5Dtmztll; dmarc=none; spf=pass (imf06.hostedemail.com: domain of jack@suse.cz designates 195.135.223.130 as permitted sender) smtp.mailfrom=jack@suse.cz ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1732187963; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=YU9Pc9qcIxrQz85DFItqT96oWpVuHLXL0dks/6lN+sU=; b=wRmi6QPCmlR+VHQN8yq6QmxPD65hgTNbm37c4cyjCrZ/3jkZ4mnaqGKhDFdJjKS763LWcL 2JCXb37GqWnkZKelpEnZqrUDo2CwNIUUR9yMNdbtfsQQ3fCL48pMvOvM2w2hrcVlIdHTzd edFbg1R+V3FXan/uEv3/FPkl6y/5QZs= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=eCmHv8r3; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=5Dtmztll; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=eCmHv8r3; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=5Dtmztll; dmarc=none; spf=pass (imf06.hostedemail.com: domain of jack@suse.cz designates 195.135.223.130 as permitted sender) smtp.mailfrom=jack@suse.cz ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1732187963; a=rsa-sha256; cv=none; b=dQxOX6iGhnE2oas8MQfIORXdS+hS64ovJwy64khMFaxK7gdyQW//0RaT+gIRTCvN2dfFwP 0L0oOt1WW4CLB8if7HTr4Uvhc+T+9tw9Y1tI3k7lv3zCvOxT1VVQ2CWWZruGWN/YyUCFOE ij1R8Np55lp/eh5RDAIrE1dSMcDy6gg= Received: from imap1.dmz-prg2.suse.org (unknown [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 912B821A04; Thu, 21 Nov 2024 11:22:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1732188144; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YU9Pc9qcIxrQz85DFItqT96oWpVuHLXL0dks/6lN+sU=; b=eCmHv8r36Z3hf5P7d7ctjcMAvraq6gGBU2yS0zAOh5JeVWviix/FnS7Wr9WFY2TYwCdxtM tUcwmXlKrD1AR5hOaEJb4bKQ+Z3TO4DSgPMc+hzfXrgCamz0K0O77qt8cby/ouX4oe1d1D MoG3NY+7P0nG0MyFy5XLMcNh7pMV5Pg= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1732188144; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YU9Pc9qcIxrQz85DFItqT96oWpVuHLXL0dks/6lN+sU=; b=5DtmztllraO7cb1oMFszD2Yf5e8ahNu0/GLCd23yaNiFmUocrwGP0KoyJfFDotZGfXCcgx PQAYYt29CxpW8bDA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1732188144; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YU9Pc9qcIxrQz85DFItqT96oWpVuHLXL0dks/6lN+sU=; b=eCmHv8r36Z3hf5P7d7ctjcMAvraq6gGBU2yS0zAOh5JeVWviix/FnS7Wr9WFY2TYwCdxtM tUcwmXlKrD1AR5hOaEJb4bKQ+Z3TO4DSgPMc+hzfXrgCamz0K0O77qt8cby/ouX4oe1d1D MoG3NY+7P0nG0MyFy5XLMcNh7pMV5Pg= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1732188144; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YU9Pc9qcIxrQz85DFItqT96oWpVuHLXL0dks/6lN+sU=; b=5DtmztllraO7cb1oMFszD2Yf5e8ahNu0/GLCd23yaNiFmUocrwGP0KoyJfFDotZGfXCcgx PQAYYt29CxpW8bDA== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 8059B13AC3; Thu, 21 Nov 2024 11:22:24 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id 7G9VH/AXP2c6fwAAD6G6ig (envelope-from ); Thu, 21 Nov 2024 11:22:24 +0000 Received: by quack3.suse.cz (Postfix, from userid 1000) id 1A9B2A0924; Thu, 21 Nov 2024 12:22:24 +0100 (CET) From: Jan Kara To: Cc: Amir Goldstein , Josef Bacik , brauner@kernel.org, Linus Torvalds , Al Viro , linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-ext4@vger.kernel.org, linux-mm@kvack.org, Jan Kara Subject: [PATCH 10/19] fanotify: introduce FAN_PRE_ACCESS permission event Date: Thu, 21 Nov 2024 12:22:09 +0100 Message-Id: <20241121112218.8249-11-jack@suse.cz> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20241121112218.8249-1-jack@suse.cz> References: <20241121112218.8249-1-jack@suse.cz> MIME-Version: 1.0 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: D8FB9180008 X-Stat-Signature: hbpqammtc7shbrmfn9mczecgpwbsfoch X-Rspam-User: X-HE-Tag: 1732188111-748919 X-HE-Meta: U2FsdGVkX199kaYbMZ8yKbn/ixokZMJlMMpnO76XRfsn8qAr3AamJ0abGvQGzGMEyEL9ddi3h6/zEqWKoCZdla19Bd52tXAUQVw50l5sSBWu/WOsxMvXFfPP2nNjhc4t6nWBngCEhUnD+FCMa5xwLQMOiUp/741PthToF/AJrFHpLpFmBgqDApvTXdshO1F+Yc+RYr2bgy2pMpkaeuR3yoC1x4ydVFPnrV4otK+W7XiaHocE5g/GMHie3jo6dKL0AbKt5lE6mNsDH8AqJi+hu8Pxy9OYb+LlQebMwRXb8Fm1z+S3zmCkAy0b5C6rGfGfNLgPbRf/RTHudN+qTRItp9xuXizvTpvKDu3UDd9TGxkR0wT6H30chetmfrMxm2aIiiXOra5E+RHQJn7YLMrxK41Qy1ZJ0BlYpv99kFNR1jW70nnnm5061GzxWpWB4Xys+sE8FWAPozfrRJO2ycUEtj2Ob81g5CzVKt9gUs+T0fbelkpEyqo8zEFduwcsBjWRVZPKEoS1d6+07E0gHtGcE3MJMC7CiuXI6jBrJ/S9c3CZbiNuj45ZU6gn6bWb9CQxO+8+vidaPqEMcqgpzhciEonGiNrNQB0Prn3CsIo4Tof7mTUMqo/DXyNn04KlBjmQIDiXIPnkAh+YsFEfqe/suetrZfFabpPaFbq8Gd3zBFw+E/Z6LiXAY/rnQDCYDCG5N43/m25QrLFk5V29dqx4xMpvOOMeOqREnqnby8D0NCiKiKE/TBOtm0i893j+TeZNfTT2URgoRmL6Q1yAhOd2ko+Ieu+97uRi3Xjqi0fJ79ssgFPWWqnNRET+F8BvCUeX/GdBrghByYd2SVB4Hk/RPHFSqTto+6T4perEC0xqT6jBcWKzEewcHLHgC+hevMecFwiS9x92ynj+2Yym4f8bYpWI+8AH4Ulq9Usl8ul0fo043Y3OXoZXOJyJqimdD8MX4NpY+XKwiCLrdaZpW1q 7sVE2DhF QtuJYbaE15Zd3+FcxwnPaJnbP5Ff6k6AopDEZLOy9OyCWBNJo0QNe9c5vBGOYsw5vSDuJTvDdfGXnwe6iv4zCB+s63vC5Mbi1JX4/MBYXZCKYNWTkjyc0tsgIQYfZeiyu0THQPQZiiWMhLufvtUzoYgpliLGm29sr7WQMZYQMh/Rpp7O9c7cRwNRXCyjkBR2thpxVvZ0uPkOP/w6Q8gqwtzKQzWcK4taqJV9zk4phXj8pUIJuSojTc5HqMSo481tScUyxWKQ3VrGkyfW3bDDbpQ0V+RB6FvjxeWtQ2Afl+/0mapxE4GovBdRYtvNl4JmUvdWAil5Cvt51zPvovszpYI+FEOSAx3cFbYbMBHEiTtduI9qcC29YE3LnrjmeKWFpRs2q1szeh/dTeCdPTgtaQjd60jvSWpJqEgMvTRNZS3kuyLPpS+0Ik6gEGEJGKGBTzkNHVW6pghecKWY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Amir Goldstein Similar to FAN_ACCESS_PERM permission event, but it is only allowed with class FAN_CLASS_PRE_CONTENT and only allowed on regular files and dirs. Unlike FAN_ACCESS_PERM, it is safe to write to the file being accessed in the context of the event handler. This pre-content event is meant to be used by hierarchical storage managers that want to fill the content of files on first read access. Signed-off-by: Amir Goldstein Signed-off-by: Jan Kara Link: https://patch.msgid.link/b80986f8d5b860acea2c9a73c0acd93587be5fe4.1731684329.git.josef@toxicpanda.com --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fanotify/fanotify_user.c | 22 +++++++++++++++++++--- include/linux/fanotify.h | 14 ++++++++++---- include/uapi/linux/fanotify.h | 2 ++ 4 files changed, 33 insertions(+), 8 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index c1e4ae221093..5e05410ddb9f 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -917,8 +917,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, u32 mask, BUILD_BUG_ON(FAN_OPEN_EXEC_PERM != FS_OPEN_EXEC_PERM); BUILD_BUG_ON(FAN_FS_ERROR != FS_ERROR); BUILD_BUG_ON(FAN_RENAME != FS_RENAME); + BUILD_BUG_ON(FAN_PRE_ACCESS != FS_PRE_ACCESS); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 21); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 22); mask = fanotify_group_event_mask(group, iter_info, &match_mask, mask, data, data_type, dir); diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 8d8afa09560b..b4dfc8f0d037 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -1646,11 +1646,23 @@ static int fanotify_events_supported(struct fsnotify_group *group, unsigned int flags) { unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; + bool is_dir = d_is_dir(path->dentry); /* Strict validation of events in non-dir inode mask with v5.17+ APIs */ bool strict_dir_events = FAN_GROUP_FLAG(group, FAN_REPORT_TARGET_FID) || (mask & FAN_RENAME) || (flags & FAN_MARK_IGNORE); + /* + * Filesystems need to opt-into pre-content evnets (a.k.a HSM) + * and they are only supported on regular files and directories. + */ + if (mask & FANOTIFY_PRE_CONTENT_EVENTS) { + if (!(path->mnt->mnt_sb->s_iflags & SB_I_ALLOW_HSM)) + return -EOPNOTSUPP; + if (!is_dir && !d_is_reg(path->dentry)) + return -EINVAL; + } + /* * Some filesystems such as 'proc' acquire unusual locks when opening * files. For them fanotify permission events have high chances of @@ -1683,7 +1695,7 @@ static int fanotify_events_supported(struct fsnotify_group *group, * but because we always allowed it, error only when using new APIs. */ if (strict_dir_events && mark_type == FAN_MARK_INODE && - !d_is_dir(path->dentry) && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) + !is_dir && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) return -ENOTDIR; return 0; @@ -1787,11 +1799,15 @@ static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask, goto fput_and_out; /* - * Permission events require minimum priority FAN_CLASS_CONTENT. + * Permission events are not allowed for FAN_CLASS_NOTIF. + * Pre-content permission events are not allowed for FAN_CLASS_CONTENT. */ ret = -EINVAL; if (mask & FANOTIFY_PERM_EVENTS && - group->priority < FSNOTIFY_PRIO_CONTENT) + group->priority == FSNOTIFY_PRIO_NORMAL) + goto fput_and_out; + else if (mask & FANOTIFY_PRE_CONTENT_EVENTS && + group->priority == FSNOTIFY_PRIO_CONTENT) goto fput_and_out; if (mask & FAN_FS_ERROR && diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index 89ff45bd6f01..c747af064d2c 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -89,6 +89,16 @@ #define FANOTIFY_DIRENT_EVENTS (FAN_MOVE | FAN_CREATE | FAN_DELETE | \ FAN_RENAME) +/* Content events can be used to inspect file content */ +#define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \ + FAN_ACCESS_PERM) +/* Pre-content events can be used to fill file content */ +#define FANOTIFY_PRE_CONTENT_EVENTS (FAN_PRE_ACCESS) + +/* Events that require a permission response from user */ +#define FANOTIFY_PERM_EVENTS (FANOTIFY_CONTENT_PERM_EVENTS | \ + FANOTIFY_PRE_CONTENT_EVENTS) + /* Events that can be reported with event->fd */ #define FANOTIFY_FD_EVENTS (FANOTIFY_PATH_EVENTS | FANOTIFY_PERM_EVENTS) @@ -104,10 +114,6 @@ FANOTIFY_INODE_EVENTS | \ FANOTIFY_ERROR_EVENTS) -/* Events that require a permission response from user */ -#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM | \ - FAN_OPEN_EXEC_PERM) - /* Extra flags that may be reported with event or control handling of events */ #define FANOTIFY_EVENT_FLAGS (FAN_EVENT_ON_CHILD | FAN_ONDIR) diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 79072b6894f2..7596168c80eb 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -27,6 +27,8 @@ #define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ /* #define FAN_DIR_MODIFY 0x00080000 */ /* Deprecated (reserved) */ +#define FAN_PRE_ACCESS 0x00100000 /* Pre-content access hook */ + #define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */ #define FAN_RENAME 0x10000000 /* File was renamed */