From patchwork Fri Nov 15 15:30:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876413 Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 99C8D1D514B for ; Fri, 15 Nov 2024 15:31:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684686; cv=none; b=arBe/TLsJ3SSOjMuoK8ZCURQR+WTzPVligfB51uoMzp3x1YZbVdccVIwKyqLV1mnDMnf0tsRzW18kFKZYFCN7Ye2BunPln/dfY8ZlRYAtffHweWj/aN+bmhn1Dl/vdlW2nq9H8YEqZRiihcROEypAnqraBuH7RJSr1hQPjdRG4E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684686; c=relaxed/simple; bh=e50Qfn4GCw5AIdzXYs640LPuGmdwEnwaxcQ/v4hGxAA=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=OHKlJFNoJAvj+Mx1uvGfEUtH5hV9ohcN+vaceUU7KfdFX8xT8EyjySsfUFoVz+iLTRUHTAQW0CYmwrpQd7/cl3RYvvCz0FAI6ke294qsUlEpHEckAPhRkXrjv2YDdZA7RKoiQVDh5ZWiiKqiw8AwQFfE4elrvXdzzIseEmjuCnc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=CN4yeK7t; arc=none smtp.client-ip=209.85.219.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="CN4yeK7t" Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-e38158560d4so2002530276.2 for ; Fri, 15 Nov 2024 07:31:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684683; x=1732289483; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=kR1XeBSj0UKEAyle1L8EQtWLZrkZWI4sB29nFtL0fR8=; b=CN4yeK7tk6IllvdX/x8UQxYCoUyVf0de5kGPjaw44ixDSTsNfjDkMP2OUjTIyfzYxq UWTgi688CdhA6mj6M1sKRl+DJLmWeEjovDwL7tJVVOIGPTB6M9+NGLZwnIPFQRLaiFix M9ILUP5HY1B+giopiMoMayRQ5UW0nvopv6fDtBIEAxVKMCJfClCBhL9g2IzwUvkearKF NPfWA/lPOIQA+N05jgxMp4LUGAnsWYJlQVpf1WEqi8E2FhKVbeqXsgXVA22A6hI3HH9M 173fQqo9IMtaWlkWuAz698Lo8MUIZfwOMXrkJfEOhFCNcG4GGzWOgh5ZODPlwMe5bQ/h 02OQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684683; x=1732289483; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kR1XeBSj0UKEAyle1L8EQtWLZrkZWI4sB29nFtL0fR8=; b=qfoGDdhd3Ftz9211vrqYErLoxjG8VB4+G5YK4/EWM4l3hAI1ZCO8hx0QNR8pBq1bt5 yxJbablkxwIHD3eYxcq8wLWRRvc5pBo8fjLTpTHcofwSm0QN2LT77Qo4K++J0LERoge9 Glu14++HaSGHSSpGY0PfpPvdqLqRBcigiye69vq1JGWpkVRFRlGy80/bamAPt8z4GVN+ VLtFYhuCJPSaJzv7VWu3O50SzIWFUoWnZHhB2v5lSqIDCd8/mKnLs5siPp3aNAiGIwOZ iCqrIpGNuGbfPjCKxjVCeMqcUz2v94/RIHM/jkbFdab174JxnzkA5opVny9h1aeCpQz2 iFwg== X-Forwarded-Encrypted: i=1; AJvYcCWfL+UJbrNQ8JmeeNHPaMbz0ni9nLtwjvx/KdDva2nJpMKi83vazrZGQijU5ESglW+/X4xHHnhb0TwH7evy@vger.kernel.org X-Gm-Message-State: AOJu0YyzKjcON8jxdQJ+Q6Z8yIJBDvXEGx3m1cA0CIGBGylLTj/TWKG3 fOzHjQayR405pp4UEKvzgDk3u+xOd0V/gePWOQzGIkYTA3RyJlmqKlVmJP4Yuoo= X-Google-Smtp-Source: AGHT+IGBdJCygNHz6DEBCdeiVRgK2IumpYj4jyGOaPbgCKPpYL6CnPz3nA2B5qY78/GCUuIzkqAI7g== X-Received: by 2002:a05:6902:2b86:b0:e30:e1f3:2aab with SMTP id 3f1490d57ef6-e38263a1b87mr2546246276.39.1731684683163; Fri, 15 Nov 2024 07:31:23 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e38152fe65dsm991511276.35.2024.11.15.07.31.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:22 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 01/19] fs: get rid of __FMODE_NONOTIFY kludge Date: Fri, 15 Nov 2024 10:30:14 -0500 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Al Viro All it takes to get rid of the __FMODE_NONOTIFY kludge is switching fanotify from anon_inode_getfd() to anon_inode_getfile_fmode() and adding a dentry_open_fmode() helper to be used by fanotify on the other path. That's it - no more weird shit in OPEN_FMODE(), etc. Suggested-by: Al Viro Link: https://lore.kernel.org/linux-fsdevel/20241113043003.GH3387508@ZenIV/ Signed-off-by: Amir Goldstein --- fs/fcntl.c | 4 ++-- fs/notify/fanotify/fanotify_user.c | 25 ++++++++++++++++--------- fs/open.c | 23 +++++++++++++++++++---- include/linux/fs.h | 6 +++--- include/uapi/asm-generic/fcntl.h | 1 - 5 files changed, 40 insertions(+), 19 deletions(-) diff --git a/fs/fcntl.c b/fs/fcntl.c index ac77dd912412..88db23aa864a 100644 --- a/fs/fcntl.c +++ b/fs/fcntl.c @@ -1155,10 +1155,10 @@ static int __init fcntl_init(void) * Exceptions: O_NONBLOCK is a two bit define on parisc; O_NDELAY * is defined as O_NONBLOCK on some platforms and not on others. */ - BUILD_BUG_ON(21 - 1 /* for O_RDONLY being 0 */ != + BUILD_BUG_ON(20 - 1 /* for O_RDONLY being 0 */ != HWEIGHT32( (VALID_OPEN_FLAGS & ~(O_NONBLOCK | O_NDELAY)) | - __FMODE_EXEC | __FMODE_NONOTIFY)); + __FMODE_EXEC)); fasync_cache = kmem_cache_create("fasync_cache", sizeof(struct fasync_struct), 0, diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 2d85c71717d6..919ff59cb802 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -100,8 +100,7 @@ static void __init fanotify_sysctls_init(void) * * Internal and external open flags are stored together in field f_flags of * struct file. Only external open flags shall be allowed in event_f_flags. - * Internal flags like FMODE_NONOTIFY, FMODE_EXEC, FMODE_NOCMTIME shall be - * excluded. + * Internal flags like FMODE_EXEC shall be excluded. */ #define FANOTIFY_INIT_ALL_EVENT_F_BITS ( \ O_ACCMODE | O_APPEND | O_NONBLOCK | \ @@ -258,12 +257,11 @@ static int create_fd(struct fsnotify_group *group, const struct path *path, return client_fd; /* - * we need a new file handle for the userspace program so it can read even if it was - * originally opened O_WRONLY. + * We provide an fd for the userspace program, so it could access the + * file without generating fanotify events itself. */ - new_file = dentry_open(path, - group->fanotify_data.f_flags | __FMODE_NONOTIFY, - current_cred()); + new_file = dentry_open_nonotify(path, group->fanotify_data.f_flags, + current_cred()); if (IS_ERR(new_file)) { put_unused_fd(client_fd); client_fd = PTR_ERR(new_file); @@ -1409,6 +1407,7 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) unsigned int fid_mode = flags & FANOTIFY_FID_BITS; unsigned int class = flags & FANOTIFY_CLASS_BITS; unsigned int internal_flags = 0; + struct file *file; pr_debug("%s: flags=%x event_f_flags=%x\n", __func__, flags, event_f_flags); @@ -1477,7 +1476,7 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) (!(fid_mode & FAN_REPORT_NAME) || !(fid_mode & FAN_REPORT_FID))) return -EINVAL; - f_flags = O_RDWR | __FMODE_NONOTIFY; + f_flags = O_RDWR; if (flags & FAN_CLOEXEC) f_flags |= O_CLOEXEC; if (flags & FAN_NONBLOCK) @@ -1555,10 +1554,18 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) goto out_destroy_group; } - fd = anon_inode_getfd("[fanotify]", &fanotify_fops, group, f_flags); + fd = get_unused_fd_flags(f_flags); if (fd < 0) goto out_destroy_group; + file = anon_inode_getfile_fmode("[fanotify]", &fanotify_fops, group, + f_flags, FMODE_NONOTIFY); + if (IS_ERR(file)) { + fd = PTR_ERR(file); + put_unused_fd(fd); + goto out_destroy_group; + } + fd_install(fd, file); return fd; out_destroy_group: diff --git a/fs/open.c b/fs/open.c index e6911101fe71..c3490286092e 100644 --- a/fs/open.c +++ b/fs/open.c @@ -1105,6 +1105,23 @@ struct file *dentry_open(const struct path *path, int flags, } EXPORT_SYMBOL(dentry_open); +struct file *dentry_open_nonotify(const struct path *path, int flags, + const struct cred *cred) +{ + struct file *f = alloc_empty_file(flags, cred); + if (!IS_ERR(f)) { + int error; + + f->f_mode |= FMODE_NONOTIFY; + error = vfs_open(path, f); + if (error) { + fput(f); + f = ERR_PTR(error); + } + } + return f; +} + /** * dentry_create - Create and open a file * @path: path to create @@ -1202,7 +1219,7 @@ inline struct open_how build_open_how(int flags, umode_t mode) inline int build_open_flags(const struct open_how *how, struct open_flags *op) { u64 flags = how->flags; - u64 strip = __FMODE_NONOTIFY | O_CLOEXEC; + u64 strip = O_CLOEXEC; int lookup_flags = 0; int acc_mode = ACC_MODE(flags); @@ -1210,9 +1227,7 @@ inline int build_open_flags(const struct open_how *how, struct open_flags *op) "struct open_flags doesn't yet handle flags > 32 bits"); /* - * Strip flags that either shouldn't be set by userspace like - * FMODE_NONOTIFY or that aren't relevant in determining struct - * open_flags like O_CLOEXEC. + * Strip flags that aren't relevant in determining struct open_flags. */ flags &= ~strip; diff --git a/include/linux/fs.h b/include/linux/fs.h index 9c13222362f5..23bd058576b1 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2750,6 +2750,8 @@ static inline struct file *file_open_root_mnt(struct vfsmount *mnt, } struct file *dentry_open(const struct path *path, int flags, const struct cred *creds); +struct file *dentry_open_nonotify(const struct path *path, int flags, + const struct cred *cred); struct file *dentry_create(const struct path *path, int flags, umode_t mode, const struct cred *cred); struct path *backing_file_user_path(struct file *f); @@ -3706,11 +3708,9 @@ struct ctl_table; int __init list_bdev_fs_names(char *buf, size_t size); #define __FMODE_EXEC ((__force int) FMODE_EXEC) -#define __FMODE_NONOTIFY ((__force int) FMODE_NONOTIFY) #define ACC_MODE(x) ("\004\002\006\006"[(x)&O_ACCMODE]) -#define OPEN_FMODE(flag) ((__force fmode_t)(((flag + 1) & O_ACCMODE) | \ - (flag & __FMODE_NONOTIFY))) +#define OPEN_FMODE(flag) ((__force fmode_t)(((flag + 1) & O_ACCMODE))) static inline bool is_sxid(umode_t mode) { diff --git a/include/uapi/asm-generic/fcntl.h b/include/uapi/asm-generic/fcntl.h index 80f37a0d40d7..613475285643 100644 --- a/include/uapi/asm-generic/fcntl.h +++ b/include/uapi/asm-generic/fcntl.h @@ -6,7 +6,6 @@ /* * FMODE_EXEC is 0x20 - * FMODE_NONOTIFY is 0x4000000 * These cannot be used by userspace O_* until internal and external open * flags are split. * -Eric Paris From patchwork Fri Nov 15 15:30:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876414 Received: from mail-yw1-f177.google.com (mail-yw1-f177.google.com [209.85.128.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2980A1CF5E2 for ; Fri, 15 Nov 2024 15:31:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684687; cv=none; b=l1frglem1nOSTPzUW22BOrhdTVExzZFXEUGVRwiVyX/Ye4Z+XsBNE0rmH4S1IxaYsPBnTROQ9SOdSxR/oWc1/hDfI0R+984ScMSuGm5vou6yxBNQvKc+2VmgunavdxUsTHQ8lxJTewUDWUkGKsqG1lAtwoLyQ9D/g+3t2RS5Q38= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684687; c=relaxed/simple; bh=JByGqE+7zI1PkwzTHs3XXvSyjr5uNafvFWqg8yGYuSA=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bgMigQpzIRcaD0mF/W6Y10q0UHNfycHLmZxUBiFhNS2y6lG6Z11dl15ZjSnTcSGoOFWKhUcCqaIhJ2T/yctf7Yp8o0eqsDAaxH7S3OUBhll3oMvQu8Z8B/tYyfevTy83E3hXQUyw7+lMyGBV1MBZOPJayeIIzTRNEhv1Y6NQywo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=spA1OglA; arc=none smtp.client-ip=209.85.128.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="spA1OglA" Received: by mail-yw1-f177.google.com with SMTP id 00721157ae682-6e3cdbc25a0so21871217b3.2 for ; Fri, 15 Nov 2024 07:31:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684685; x=1732289485; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=kj8DHbC84OPYXlyGqV3jogaZDMjK7DzZOpBQs/P23MY=; b=spA1OglAOwba3VqMXr+8pAXS4f4LNZSslouXRx8nWBn1zcOE/UQ6ueXuIq5ZqUPiOH X7lFkeUKaHqJsJtdPWu+qfbL9FohL6PmYSqWsr3yyVmsH0cqNTEbK8K79FlSaTffW61K ISLaQXTl0ECB/Rs+7C3H2j8JZQrWhPzCUe9wwo7zHnhP1Cb0aOOc3DhKH8sjlJhNASv+ 876KfM/OdKMJjLkgU9GsKB7G4PPxgDX0S/mcSdJ+yMYUUeBiNrLw0UlfQGWDEYvU2Ly+ kMJfMQPsRQeW0BxopI0X8N59ae7AC5PO1whTxU7yGUhjeLpd6z05p+YTKKSLuy9Gwes8 /0JQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684685; x=1732289485; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kj8DHbC84OPYXlyGqV3jogaZDMjK7DzZOpBQs/P23MY=; b=N4l46izD5vgl0B0SgxtSudkNPAGQXug2K07bYyVTa8B1W5pzd7DuBwIifpF+Rd3T1e Kq4u4xsQBht66qiEK2MFjXe2feTjZ7Drya0MMsySR6PqRl3YjYl+4jcsHMEm8iN8NfSr 9JLWGx/S7Mn3xRCzsKrCELWzNhUqveOPS2OOgkKvWBDERI0VMHsv4kTtYfAo7UIIn7/M spKX6OjbqPCwJxgS4kePCC7YmP/j2NtYlxQgoaO4qqZIDCmXDDLhdz6E/qzrOmrPqwDv 7O85Y9Vqa6UMMdXLM90XpDV09jMpR5099cQnWjMUs0Oe6nMTjY1uJGJ28Wm/OChgo5ck dMJA== X-Forwarded-Encrypted: i=1; AJvYcCWYCL6iq7wkeGNAS+m8kv1MoVOgh0YJDmRNjksZdIh8z8vlrF9+q8npeKRrphHPmFChiwbVxkv+Ss1KXilR@vger.kernel.org X-Gm-Message-State: AOJu0Yx8+FBIoteenA/Qjct/nqOvctL3pprAuQw/8/FHcyllxwCqQyKk hkQzaZ6ijL+n+LB9g/QEH63Vr3uaIhk3B9VZf0Xi8f/oMe0AkM8OsNZbb/J/ZMM= X-Google-Smtp-Source: AGHT+IH8WmaESCVDYemYdBxVVvrkUDwhBuFm4p8CVuem1Xk6vUMMQWpt5yAHUnnmjhKyVYoAl9xVug== X-Received: by 2002:a05:690c:46c4:b0:6ea:ebba:3059 with SMTP id 00721157ae682-6ee558d9384mr37985407b3.0.1731684684910; Fri, 15 Nov 2024 07:31:24 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee44413490sm7666367b3.95.2024.11.15.07.31.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:24 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 02/19] fsnotify: opt-in for permission events at file open time Date: Fri, 15 Nov 2024 10:30:15 -0500 Message-ID: <5ea5f8e283d1edb55aa79c35187bfe344056af14.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Legacy inotify/fanotify listeners can add watches for events on inode, parent or mount and expect to get events (e.g. FS_MODIFY) on files that were already open at the time of setting up the watches. fanotify permission events are typically used by Anti-malware sofware, that is watching the entire mount and it is not common to have more that one Anti-malware engine installed on a system. To reduce the overhead of the fsnotify_file_perm() hooks on every file access, relax the semantics of the legacy FAN_ACCESS_PERM event to generate events only if there were *any* permission event listeners on the filesystem at the time that the file was opened. The new semantic is implemented by extending the FMODE_NONOTIFY bit into two FMODE_NONOTIFY_* bits, that are used to store a mode for which of the events types to report. This is going to apply to the new fanotify pre-content events in order to reduce the cost of the new pre-content event vfs hooks. Suggested-by: Linus Torvalds Link: https://lore.kernel.org/linux-fsdevel/CAHk-=wj8L=mtcRTi=NECHMGfZQgXOp_uix1YVh04fEmrKaMnXA@mail.gmail.com/ Signed-off-by: Amir Goldstein --- fs/open.c | 8 ++++- include/linux/fs.h | 35 ++++++++++++++++--- include/linux/fsnotify.h | 72 +++++++++++++++++++++++++++++++--------- 3 files changed, 93 insertions(+), 22 deletions(-) diff --git a/fs/open.c b/fs/open.c index c3490286092e..1a9483872e1f 100644 --- a/fs/open.c +++ b/fs/open.c @@ -901,7 +901,7 @@ static int do_dentry_open(struct file *f, f->f_sb_err = file_sample_sb_err(f); if (unlikely(f->f_flags & O_PATH)) { - f->f_mode = FMODE_PATH | FMODE_OPENED; + f->f_mode = FMODE_PATH | FMODE_OPENED | FMODE_NONOTIFY; f->f_op = &empty_fops; return 0; } @@ -929,6 +929,12 @@ static int do_dentry_open(struct file *f, if (error) goto cleanup_all; + /* + * Set FMODE_NONOTIFY_* bits according to existing permission watches. + * If FMODE_NONOTIFY was already set for an fanotify fd, this doesn't + * change anything. + */ + file_set_fsnotify_mode(f); error = fsnotify_open_perm(f); if (error) goto cleanup_all; diff --git a/include/linux/fs.h b/include/linux/fs.h index 23bd058576b1..8e5c783013d2 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -173,13 +173,14 @@ typedef int (dio_iodone_t)(struct kiocb *iocb, loff_t offset, #define FMODE_NOREUSE ((__force fmode_t)(1 << 23)) -/* FMODE_* bit 24 */ - /* File is embedded in backing_file object */ -#define FMODE_BACKING ((__force fmode_t)(1 << 25)) +#define FMODE_BACKING ((__force fmode_t)(1 << 24)) -/* File was opened by fanotify and shouldn't generate fanotify events */ -#define FMODE_NONOTIFY ((__force fmode_t)(1 << 26)) +/* File shouldn't generate fanotify pre-content events */ +#define FMODE_NONOTIFY_HSM ((__force fmode_t)(1 << 25)) + +/* File shouldn't generate fanotify permission events */ +#define FMODE_NONOTIFY_PERM ((__force fmode_t)(1 << 26)) /* File is capable of returning -EAGAIN if I/O will block */ #define FMODE_NOWAIT ((__force fmode_t)(1 << 27)) @@ -190,6 +191,30 @@ typedef int (dio_iodone_t)(struct kiocb *iocb, loff_t offset, /* File does not contribute to nr_files count */ #define FMODE_NOACCOUNT ((__force fmode_t)(1 << 29)) +/* + * The two FMODE_NONOTIFY_ bits used together have a special meaning of + * not reporting any events at all including non-permission events. + * These are the possible values of FMODE_FSNOTIFY(f->f_mode) and their meaning: + * + * FMODE_NONOTIFY_HSM - suppress only pre-content events. + * FMODE_NONOTIFY_PERM - suppress permission (incl. pre-content) events. + * FMODE_NONOTIFY - suppress all (incl. non-permission) events. + */ +#define FMODE_FSNOTIFY_MASK \ + (FMODE_NONOTIFY_HSM | FMODE_NONOTIFY_PERM) +#define FMODE_NONOTIFY FMODE_FSNOTIFY_MASK +#define FMODE_FSNOTIFY(mode) \ + ((mode) & FMODE_FSNOTIFY_MASK) + +#define FMODE_FSNOTIFY_NONE(mode) \ + (FMODE_FSNOTIFY(mode) == FMODE_NONOTIFY) +#define FMODE_FSNOTIFY_NORMAL(mode) \ + (FMODE_FSNOTIFY(mode) == FMODE_NONOTIFY_PERM) +#define FMODE_FSNOTIFY_PERM(mode) \ + (!((mode) & FMODE_NONOTIFY_PERM)) +#define FMODE_FSNOTIFY_HSM(mode) \ + (FMODE_FSNOTIFY(mode) == 0) + /* * Attribute flags. These should be or-ed together to figure out what * has been changed! diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 278620e063ab..54ec97366d7c 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -108,38 +108,68 @@ static inline void fsnotify_dentry(struct dentry *dentry, __u32 mask) fsnotify_parent(dentry, mask, dentry, FSNOTIFY_EVENT_DENTRY); } +static inline int fsnotify_path(const struct path *path, __u32 mask) +{ + return fsnotify_parent(path->dentry, mask, path, FSNOTIFY_EVENT_PATH); +} + static inline int fsnotify_file(struct file *file, __u32 mask) { - const struct path *path; - /* * FMODE_NONOTIFY are fds generated by fanotify itself which should not * generate new events. We also don't want to generate events for * FMODE_PATH fds (involves open & close events) as they are just * handle creation / destruction events and not "real" file events. */ - if (file->f_mode & (FMODE_NONOTIFY | FMODE_PATH)) + if (FMODE_FSNOTIFY_NONE(file->f_mode)) return 0; - path = &file->f_path; - /* Permission events require group prio >= FSNOTIFY_PRIO_CONTENT */ - if (mask & ALL_FSNOTIFY_PERM_EVENTS && - !fsnotify_sb_has_priority_watchers(path->dentry->d_sb, - FSNOTIFY_PRIO_CONTENT)) - return 0; - - return fsnotify_parent(path->dentry, mask, path, FSNOTIFY_EVENT_PATH); + return fsnotify_path(&file->f_path, mask); } #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS +/* + * At open time we check fsnotify_sb_has_priority_watchers() and set the + * FMODE_NONOTIFY_ mode bits accordignly. + * Later, fsnotify permission hooks do not check if there are permission event + * watches, but that there were permission event watches at open time. + */ +static void file_set_fsnotify_mode(struct file *file) +{ + struct super_block *sb = file->f_path.dentry->d_sb; + + /* Is it a file opened by fanotify? */ + if (FMODE_FSNOTIFY_NONE(file->f_mode)) + return; + + /* + * Permission events is a super set of pre-content events, so if there + * are no permission event watchers, there are also no pre-content event + * watchers and this is implied from the single FMODE_NONOTIFY_PERM bit. + */ + if (likely(!fsnotify_sb_has_priority_watchers(sb, + FSNOTIFY_PRIO_CONTENT))) { + file->f_mode |= FMODE_NONOTIFY_PERM; + return; + } + + /* + * FMODE_NONOTIFY_HSM bit means there are permission event watchers, but + * no pre-content event watchers. + */ + if (likely(!fsnotify_sb_has_priority_watchers(sb, + FSNOTIFY_PRIO_PRE_CONTENT))) { + file->f_mode |= FMODE_NONOTIFY_HSM; + return; + } +} + /* * fsnotify_file_area_perm - permission hook before access to file range */ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, const loff_t *ppos, size_t count) { - __u32 fsnotify_mask = FS_ACCESS_PERM; - /* * filesystem may be modified in the context of permission events * (e.g. by HSM filling a file on access), so sb freeze protection @@ -150,7 +180,10 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, if (!(perm_mask & MAY_READ)) return 0; - return fsnotify_file(file, fsnotify_mask); + if (likely(file->f_mode & FMODE_NONOTIFY_PERM)) + return 0; + + return fsnotify_path(&file->f_path, FS_ACCESS_PERM); } /* @@ -168,16 +201,23 @@ static inline int fsnotify_open_perm(struct file *file) { int ret; + if (likely(!FMODE_FSNOTIFY_PERM(file->f_mode))) + return 0; + if (file->f_flags & __FMODE_EXEC) { - ret = fsnotify_file(file, FS_OPEN_EXEC_PERM); + ret = fsnotify_path(&file->f_path, FS_OPEN_EXEC_PERM); if (ret) return ret; } - return fsnotify_file(file, FS_OPEN_PERM); + return fsnotify_path(&file->f_path, FS_OPEN_PERM); } #else +static inline void file_set_fsnotify_mode(struct file *file) +{ +} + static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, const loff_t *ppos, size_t count) { From patchwork Fri Nov 15 15:30:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876415 Received: from mail-yw1-f180.google.com (mail-yw1-f180.google.com [209.85.128.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B63911D90C8 for ; Fri, 15 Nov 2024 15:31:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684689; cv=none; b=OhRlYzQmvFbjGQOHOENeuKwLiEaKgsIocCSWod82fLWQiMve706CAj4rWgCnnlBYTKptpOMA0y+v/pSIcC5Q3CvCeg6JyN2aHQWX4kH3cBYZnx/B99JL+Wi55Z/WYJhYeGrlHxox/SXP5owy3lT2H45ILhN5iFdyYmO1wjPoSOo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684689; c=relaxed/simple; bh=1WvRI87ybBbAcRK4/nzciaftKH4dEBSZtNpGXoA1brQ=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=WtBgF/2/77IW1WvCBINVDp1gEcDRAf4S0AWZEUCOZAfe9PQ9dfVfYygbdf1tF5PYj22Uy65oUb5L31VA7Kzz5CyykNn0X4SRbfojGevGJkL6dhFqVKxM2MpYqrR5UpAz5BRfkp7YmebUqT6yrrSOaxINokSCNIQdryACI7KfsJI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=VIyJgfSQ; arc=none smtp.client-ip=209.85.128.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="VIyJgfSQ" Received: by mail-yw1-f180.google.com with SMTP id 00721157ae682-6e9ed5e57a7so7411157b3.1 for ; Fri, 15 Nov 2024 07:31:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684687; x=1732289487; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6KY5fZdmP1liuAXJOZsCM4eyAqIeREr5VHEr0FLOlUs=; b=VIyJgfSQlJ+bCg3XvlzOVViRahBohsRFHMwnA0vz9NW+pb6S0n7FZ1d28SMLJcYuHo cmY5OIS06ACrwzf/WRB8Gwv+IxV7hA20qTAqC7YDTMpOM464Hzd9xBbHLhxpsB3oXvrG 2qeM9gWOg/R25WtfxgE0UCiNORyH/y88FXkPRnIrwdKpQI7zvtJOuHUHbQE99jgxC7DG m+BPKhA0ZkDbl3epVEij07Z0V/n71K57tdyZSbPatfQit/Csjn0phFmj8WiQnfCjvDf1 ShaUzPLSopL9Ws8cuss69a1skXcLV1hLHwyWh6X+Bp4OjEhuXkVCMF+5gr8Y9LIC6oer 6k5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684687; x=1732289487; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6KY5fZdmP1liuAXJOZsCM4eyAqIeREr5VHEr0FLOlUs=; b=v1WdgKRhoWRDXlcaXV4Wp0T9LLG/xF/iLaNQfEyy9ci2PTu28+Zxt0SvaKM9lCwwNk GI3sKY+nSd1yCrL2NDGllwHsbhbZ2j/8EFSCzZnYmhM/bblAbR/ArozFt9Wyg5kccX6/ r92pa9kYJOXY7Beg7CW3YXuWCi3nQ2b/dVcUwbnR7EWH/xyDEZZuwYlx4FuEjpbX4nWY Rpkk/V4sYG7q0JTA43kpbqZj3+HECOsCJim+UwHuP9uml82vjHcnbYTs7JuLy6xgTBpZ 3cGAGpGVgBIz1S15f4L9myJkDhlteFeAeBb22bEtp+vPqOTfsFdIB+amwu2FEdqPQsrv YMbQ== X-Forwarded-Encrypted: i=1; AJvYcCUeuHfS46enfG4xVEryr1kO3HcceXIYVZFmu6ZA581fYmnaRhr3kgDsW4FMHuqJDnCBmF+GsLOVSKPUGC1k@vger.kernel.org X-Gm-Message-State: AOJu0YwC2v8rQzhaAoKv7JTj8l73XfqRzcIt/YGpTbum2mte/lYu2v75 m4knw05HxKHdMU1jLiKbzy8bM9B3nFHyhaWpp6n7FRUPUCf/YqUiQ+QCNg6tb1k= X-Google-Smtp-Source: AGHT+IHdSr7sIuKVmbedcInH94EUveWdRZ8jZfw4hoXsU2FWCk1ayn1ufjs9+AX7MxAWuqGyDVgHDQ== X-Received: by 2002:a05:690c:360b:b0:6ea:34b1:62e3 with SMTP id 00721157ae682-6ee55a2f60cmr35106257b3.7.1731684686563; Fri, 15 Nov 2024 07:31:26 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee44070647sm7648387b3.53.2024.11.15.07.31.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:25 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 03/19] fsnotify: add helper to check if file is actually being watched Date: Fri, 15 Nov 2024 10:30:16 -0500 Message-ID: <2ddcc9f8d1fde48d085318a6b5a889289d8871d8.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein So far, we set FMODE_NONOTIFY_ flags at open time if we know that there are no permission event watchers at all on the filesystem, but lack of FMODE_NONOTIFY_ flags does not mean that the file is actually watched. To make the flags more accurate we add a helper that checks if the file's inode, mount, sb or parent are being watched for a set of events. This is going to be used for setting FMODE_NONOTIFY_HSM only when the specific file is actually watched for pre-content events. Signed-off-by: Amir Goldstein --- fs/notify/fsnotify.c | 36 +++++++++++++++++++++++++------- include/linux/fsnotify_backend.h | 7 +++++++ 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index f976949d2634..33576a848a9f 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -193,16 +193,38 @@ static bool fsnotify_event_needs_parent(struct inode *inode, __u32 mnt_mask, return mask & marks_mask; } -/* Are there any inode/mount/sb objects that are interested in this event? */ -static inline bool fsnotify_object_watched(struct inode *inode, __u32 mnt_mask, - __u32 mask) +/* Are there any inode/mount/sb objects that watch for these events? */ +static inline __u32 fsnotify_object_watched(struct inode *inode, __u32 mnt_mask, + __u32 events_mask) { __u32 marks_mask = READ_ONCE(inode->i_fsnotify_mask) | mnt_mask | READ_ONCE(inode->i_sb->s_fsnotify_mask); - return mask & marks_mask & ALL_FSNOTIFY_EVENTS; + return events_mask & marks_mask; } +/* Are there any inode/mount/sb/parent objects that watch for these events? */ +__u32 fsnotify_file_object_watched(struct file *file, __u32 events_mask) +{ + struct dentry *dentry = file->f_path.dentry; + struct dentry *parent; + __u32 marks_mask, mnt_mask = + READ_ONCE(real_mount(file->f_path.mnt)->mnt_fsnotify_mask); + + marks_mask = fsnotify_object_watched(d_inode(dentry), mnt_mask, + events_mask); + + if (likely(!(dentry->d_flags & DCACHE_FSNOTIFY_PARENT_WATCHED))) + return marks_mask; + + parent = dget_parent(dentry); + marks_mask |= fsnotify_inode_watches_children(d_inode(parent)); + dput(parent); + + return marks_mask & events_mask; +} +EXPORT_SYMBOL_GPL(fsnotify_file_object_watched); + /* * Notify this dentry's parent about a child's events with child name info * if parent is watching or if inode/sb/mount are interested in events with @@ -221,7 +243,7 @@ int __fsnotify_parent(struct dentry *dentry, __u32 mask, const void *data, struct dentry *parent; bool parent_watched = dentry->d_flags & DCACHE_FSNOTIFY_PARENT_WATCHED; bool parent_needed, parent_interested; - __u32 p_mask; + __u32 p_mask, test_mask = mask & ALL_FSNOTIFY_EVENTS; struct inode *p_inode = NULL; struct name_snapshot name; struct qstr *file_name = NULL; @@ -229,7 +251,7 @@ int __fsnotify_parent(struct dentry *dentry, __u32 mask, const void *data, /* Optimize the likely case of nobody watching this path */ if (likely(!parent_watched && - !fsnotify_object_watched(inode, mnt_mask, mask))) + !fsnotify_object_watched(inode, mnt_mask, test_mask))) return 0; parent = NULL; @@ -248,7 +270,7 @@ int __fsnotify_parent(struct dentry *dentry, __u32 mask, const void *data, * Include parent/name in notification either if some notification * groups require parent info or the parent is interested in this event. */ - parent_interested = mask & p_mask & ALL_FSNOTIFY_EVENTS; + parent_interested = p_mask & test_mask; if (parent_needed || parent_interested) { /* When notifying parent, child should be passed as data */ WARN_ON_ONCE(inode != fsnotify_data_inode(data, data_type)); diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 3ecf7768e577..99d81c3c11d7 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -855,8 +855,15 @@ static inline void fsnotify_init_event(struct fsnotify_event *event) INIT_LIST_HEAD(&event->list); } +__u32 fsnotify_file_object_watched(struct file *file, __u32 mask); + #else +static inline __u32 fsnotify_file_object_watched(struct file *file, __u32 mask) +{ + return 0; +} + static inline int fsnotify(__u32 mask, const void *data, int data_type, struct inode *dir, const struct qstr *name, struct inode *inode, u32 cookie) From patchwork Fri Nov 15 15:30:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876416 Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5D121D7E21 for ; Fri, 15 Nov 2024 15:31:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684691; cv=none; b=huuOph2MueiM0Z++IHgWO4y6lMCd4oP9jCMqQJuTeRB1Bf9QRViRhGrvbkOJmkaAzULgdri4SCYeC2WO/XNT9s1NMr+JkKhctsSoSDuiq69roKHYFNt3U7ksr6ILIZ5mElL512NUbF/Fvtri+pmPaEfHk7GhzAWJNnOsYF7j9Hs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684691; c=relaxed/simple; bh=lJOFXxVHcZLI+SjVd+0f1jV7QzcPV4Ai9MyZQsFymWc=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FMzGb+y43jGFv9ftNz179CuFeeCgq49zZEPmR2LydNTAy7X9ucYnIf6KPyoue9vmUU1OJ6gU5mAiFSdO+kXGj6uWt7M63MisWIxrDeUvZip3y3yB1AJRj33H4Np+CP8j7WEwiJ/CnRveUTN0VG3S2m4eJN2Fn1ipMh2czIC9ARo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=WgCxMT83; arc=none smtp.client-ip=209.85.219.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="WgCxMT83" Received: by mail-yb1-f173.google.com with SMTP id 3f1490d57ef6-e381cbdd03cso1493185276.1 for ; Fri, 15 Nov 2024 07:31:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684688; x=1732289488; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=5jVczlJ/TW6EECuU4gj9yYFP++VZ/oJUqPiY9P+PdPU=; b=WgCxMT83OJndjUPd1bpnut4k1njFzRSZT+45Xv3MOuEfIXNhQ8xGLPxT0GqdDQHzNP 3FAWKaE95mHY8cUM+/Z5QrkWB0K2NYjSpt+ynKmwctxgJinxlfalSnXxa8fOhVKxfb/r tf9/isOH+Yy4aOI396zxw1OlUitAZJj1uMr/FmQMmtcFWRgeXhdZF1/+5AnF88+K0ilc MC9tIpVfjIx/NdV9UCRqJaDktOuFLyAn5ypGjSbY6Kzd8xez0CWvSR9ZXhOdtDojIykm hIY+HUEro6Ry3Z00n1ne4KcwAg4GG0CxfnafkIR/PjPfO5G+FTo/yMRJ4Yjgj1LodC5Q NxSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684688; x=1732289488; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5jVczlJ/TW6EECuU4gj9yYFP++VZ/oJUqPiY9P+PdPU=; b=leMCS48bVgBW5VxMa7k8E4Ibho8T56ycTk4PteItU5MJuvd5DCosU7IiC0NCi/oCnk 3oPl8NwYeZvtDCVRYqRHce3LEsJX6VX4FjUoWoUtC+Au7bk+90f3VG+T1w1akD9dLYZh OKq9+zAabew16lHYaGgVODUl3YkXZv/oUN1Pq7RLDJWwqxaFFsRJr0Fnps1AYkjhP7g8 OffaeEz6R+Z0s2YwkQoHXPt2Qw1EztyA2TkIK0VHkdPGDEjPpI//dhsAudxo2lL8v308 2u0U6HLCRsACz47H/9vdigb3FnD6ORfG49XjbQlZjNEsglaTFs9LQgS+nDacfM4JgD4p 0r+g== X-Forwarded-Encrypted: i=1; AJvYcCVmvOPzpXeXmdu0tkDKwsr2tpQ/jQmTdG1t8qCQqqMZdp6sOgJy2tMXhc/MqP/AE9ijKE1ot4bTnoLps+Od@vger.kernel.org X-Gm-Message-State: AOJu0Yy5sE6MxqZgQVMK8frtLgMLHVI9c8FHFK25XlK+dMQ2SFstkHUG U+oKzDhu97PsZ0FKd1RKFOVLd3rawXqnJl+lmDeW+XVdL8bLbxgTy2O0O4+IW4A= X-Google-Smtp-Source: AGHT+IEWEdrPnRli1gv+jVnLYsORdUcuZyTi/FsZKRBYcdcM64Io8ydfsi1gmscyy1vF3dAQcsDh6w== X-Received: by 2002:a05:690c:4c02:b0:6ea:2ac4:9df6 with SMTP id 00721157ae682-6ee55bbade0mr37073597b3.3.1731684688405; Fri, 15 Nov 2024 07:31:28 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee4449516asm7602087b3.124.2024.11.15.07.31.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:27 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 04/19] fanotify: don't skip extra event info if no info_mode is set Date: Fri, 15 Nov 2024 10:30:17 -0500 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Previously we would only include optional information if you requested it via an FAN_ flag at fanotify_init time (FAN_REPORT_FID for example). However this isn't necessary as the event length is encoded in the metadata, and if the user doesn't want to consume the information they don't have to. With the PRE_ACCESS events we will always generate range information, so drop this check in order to allow this extra information to be exported without needing to have another flag. Signed-off-by: Josef Bacik --- fs/notify/fanotify/fanotify_user.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 919ff59cb802..8fca5ec442e4 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -158,9 +158,6 @@ static size_t fanotify_event_len(unsigned int info_mode, int fh_len; int dot_len = 0; - if (!info_mode) - return event_len; - if (fanotify_is_error_event(event->mask)) event_len += FANOTIFY_ERROR_INFO_LEN; @@ -754,12 +751,10 @@ static ssize_t copy_event_to_user(struct fsnotify_group *group, buf += FAN_EVENT_METADATA_LEN; count -= FAN_EVENT_METADATA_LEN; - if (info_mode) { - ret = copy_info_records_to_user(event, info, info_mode, pidfd, - buf, count); - if (ret < 0) - goto out_close_fd; - } + ret = copy_info_records_to_user(event, info, info_mode, pidfd, + buf, count); + if (ret < 0) + goto out_close_fd; if (f) fd_install(fd, f); From patchwork Fri Nov 15 15:30:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876417 Received: from mail-yb1-f182.google.com (mail-yb1-f182.google.com [209.85.219.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 60DE51E2604 for ; Fri, 15 Nov 2024 15:31:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684692; cv=none; b=WHOMMrY8RazAdTDNQ7o7hz/Cu3wdoNP9F9LvXIbeA55+su6YVcY9STG2HGf/gKUnvCcxe35Ufqe91nxLE3AsGs5tG57PK74aRQ4k/Dj+Hp+iaFOL4udUqlQIUh+rXZnJS9RmBRHVH77MJEZXR3rzuP5eaGsT3W3QTLYZuaMoc/0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684692; c=relaxed/simple; bh=wJBpuZKjarBs8HwRCSHfMpMBiZ+HVYWNz5ARDhZnhyo=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gLCX3aG7YH8fuUAbwJapoxAYKAfHEZZg476a94yNM+kC7plTpqpMInOvBl6DdHhqHX8UCwLYmfjbv3+OhmT0JRPGjdIlbF31Hlth8jZlbHHi3cQUurRweJyzbecLQAI8JFJUpTnmYUSeLPqQoDqjulUcyx2O1p3dzA22ypjJk38= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=ltJm4dKN; arc=none smtp.client-ip=209.85.219.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="ltJm4dKN" Received: by mail-yb1-f182.google.com with SMTP id 3f1490d57ef6-e3873c7c9b4so429009276.3 for ; Fri, 15 Nov 2024 07:31:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684690; x=1732289490; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=QSuoTi14zhdgmEJ2e8nj/BNpHIFoytvzNxhl/LStwJg=; b=ltJm4dKN44k/k08PR0/CGybK2VVIX2kgtAvtGVdKxXOof0zdjAHzaz4D5TomciJi+a NQi3E6Zco0D2BGe7U2dsZYDEEKhijFYBd4tDcGekI+lKEMDd0OEAe+PtXs/4U8TjF7/h rFqKYEfBr/YpxdtjFPWlc2V1tH8UQzF9YmFoaW4YU531apdjKdTZWUwWuSkUVgNPr3t+ mGDGeJE3RByQiBqPc6aijx2deqAqQXMBkiAGMgfrQf+0lnlm3EITbvHrH05lWvp6nNgL OZNqg7B6+VK3fqgIJZZlg6noXXHlvb08j3XNkqbTHbYIIWTTZI/K/3aTlwjePjCXU78o uc4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684690; x=1732289490; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QSuoTi14zhdgmEJ2e8nj/BNpHIFoytvzNxhl/LStwJg=; b=eGI5rmGmnnlbRICsysBUmXw+ocEoi8Yn6D3ld7BqfWX+eUPClwXDgpZkflDPbhGz11 oITccppyw65nok1Mo4I9I6czn5o6hLVTjcG/UnfGp1eUHJOXy9m/uCmF7nZBPuT1Ryoj AQPqPoHRH6b1Rb4aZ3o321DAVLhPoJYa9/gCkRdiCq2idzRA1Rgsc6Uj4t2YYk3RPZjY GxDEp+kF6gOJZRQlX0Vp9CZ7lj917ewwOizMch8IvV+d7iddEqif4yPb6AH5Wrcuuzkk tBVKB4lnAfxXbA71p34iMVIWTQdItSc1UQMnOYh3fwZOZibRnXwW8jFzyExfEsujxjSr ilbw== X-Forwarded-Encrypted: i=1; AJvYcCVox3DbKGsSLaMLgu+wqdJbZcDH2YD+gBqFDUazYb01zv0z+c50vSOEGPpwdcrXbu1MCthbiUBNluIAvQf0@vger.kernel.org X-Gm-Message-State: AOJu0Yxq3Wk/zbSJTECY03ZSK/DXtPM1Er6te5maWjAHEfHkO6jBA0B1 wEsulcH4e2PgFDuMeSeNYuZmEn8tIOS+ielT2VkbzVy7Z8FhXOW+nrWlrRpruuEEaubQjlD9lWi e X-Google-Smtp-Source: AGHT+IHJEyVOG62NvWa9d1qggTtMCjzt+EKNCXFckK971VFGqKmUTAI/9H3Oo1mgh59gFKizdUDdeA== X-Received: by 2002:a05:6902:1242:b0:e35:e173:3341 with SMTP id 3f1490d57ef6-e3825bdd813mr3265588276.0.1731684690002; Fri, 15 Nov 2024 07:31:30 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e38152c61d4sm989132276.5.2024.11.15.07.31.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:29 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 05/19] fanotify: rename a misnamed constant Date: Fri, 15 Nov 2024 10:30:18 -0500 Message-ID: <8776ab90fe538225aeb561c560296bafd16b97c4.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein FANOTIFY_PIDFD_INFO_HDR_LEN is not the length of the header. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify_user.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 8fca5ec442e4..456cc3e92c88 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -117,7 +117,7 @@ struct kmem_cache *fanotify_perm_event_cachep __ro_after_init; #define FANOTIFY_EVENT_ALIGN 4 #define FANOTIFY_FID_INFO_HDR_LEN \ (sizeof(struct fanotify_event_info_fid) + sizeof(struct file_handle)) -#define FANOTIFY_PIDFD_INFO_HDR_LEN \ +#define FANOTIFY_PIDFD_INFO_LEN \ sizeof(struct fanotify_event_info_pidfd) #define FANOTIFY_ERROR_INFO_LEN \ (sizeof(struct fanotify_event_info_error)) @@ -172,14 +172,14 @@ static size_t fanotify_event_len(unsigned int info_mode, dot_len = 1; } - if (info_mode & FAN_REPORT_PIDFD) - event_len += FANOTIFY_PIDFD_INFO_HDR_LEN; - if (fanotify_event_has_object_fh(event)) { fh_len = fanotify_event_object_fh_len(event); event_len += fanotify_fid_info_len(fh_len, dot_len); } + if (info_mode & FAN_REPORT_PIDFD) + event_len += FANOTIFY_PIDFD_INFO_LEN; + return event_len; } @@ -501,7 +501,7 @@ static int copy_pidfd_info_to_user(int pidfd, size_t count) { struct fanotify_event_info_pidfd info = { }; - size_t info_len = FANOTIFY_PIDFD_INFO_HDR_LEN; + size_t info_len = FANOTIFY_PIDFD_INFO_LEN; if (WARN_ON_ONCE(info_len > count)) return -EFAULT; From patchwork Fri Nov 15 15:30:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876418 Received: from mail-yb1-f179.google.com (mail-yb1-f179.google.com [209.85.219.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C85441E260C for ; Fri, 15 Nov 2024 15:31:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684694; cv=none; b=OYn7XPz5Rgor3RvXu20wDNNzMuOhd5GjPviAX2gzv+gLe/jZwjH6NhaTYi6OXffcSZi0uCnS8U/FueUYJP9jRjBnD2XIgp5CnNXj5hEYqSrHf360elKb1s8IJHtuP/IHfcMnyOn8P92+yExulSHM1lUx7YhV/41Bmpcu1yfey8g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684694; c=relaxed/simple; bh=6M2usmJQkSj6QxVwbWiMg28e+rwVNQY/NgVhiKLrG4Y=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FioqhaoFNmbohXHV2z/rutYluIH2DtqZIO0zm8unNzmzSX0Us7QRmvVFkOWFdW6KhMRce2EodKVTyYKWpCzLa2AFlsm2TGFRwXHTT//QKF1Y5H9oCp0po8AIopyoTZCGrpVlfZ+KAxnY6GLbuX9uT6vM9uBMgt7U6KZHDQ7DsmM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=uKQ/P9Pu; arc=none smtp.client-ip=209.85.219.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="uKQ/P9Pu" Received: by mail-yb1-f179.google.com with SMTP id 3f1490d57ef6-e38193093a7so1569182276.0 for ; Fri, 15 Nov 2024 07:31:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684692; x=1732289492; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZU0dZL52CuS55HBpnlFc9Ffg6kvih/VgFXFf1fJzIbE=; b=uKQ/P9PuFqn2v7/y0fPda/iahcVOvKuurxOPKOGMxz9eSY4nXNQDVsnvDGU2Ec8mjZ v89OE1RLsZdFLxGDqwUJktUi8JyMhBAkBylNKxz/f250qEWPWI31Yap7XI9JWr5W28Nn A+lur0VaWwtsm+zcVfUrp7E8nIwdQK9/g/9M1d3v+XDOB4oHPKT3BFokosAtiAj5ZvWr SbSYUgLs8vEpzWW1WUbOqwOfC1zktamhOQuDGWodGqjORQmXMoxvtDoSID4YA9fKlEwW XUAT9ZuW5tqUDv6tzOGdWM9A6S2AmccWeMvZczUHR1fWVk++64ofO1Id/eIiMg2BHMEK TC4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684692; x=1732289492; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZU0dZL52CuS55HBpnlFc9Ffg6kvih/VgFXFf1fJzIbE=; b=iBKogP5HpvxGkGp2EJpgZKAZ7Ohz3E7DG/lQsIcmpyD2jT/P+YgfE2YCQN/t7jYVw+ gFBygHMuzTnfL4XPJgaKKJvWr0Ua4sOx4o/Djh88Y5JGuv4HjY1ENpblpgbRCkZsT3J3 40CKiufg6Kq6xt1hWLff77B7/et0Q0pi3Vs9EM/1Ut5iamD3ZHjGnRwGaYb4HOvt7cuh cGER+0xmBufXukxJzgCYYWsBuGgfPBdthClFs+mBgdXfNb6DVaQF8MLIxcPQWl1q3qjR oPqmP8V9B3fskxl04lkMTl3NzNqB/ZyicB135xJlOsc5cqZssJusFVwIw9Cf1CXKlt3m f4ag== X-Forwarded-Encrypted: i=1; AJvYcCU7bEVUnPI8n4pxNH5FZtHapPv3YjoJ+99cpRue8wJUprZ7ixA4ujyF6spIbu+m0yPvqQcKKckq/zV139QG@vger.kernel.org X-Gm-Message-State: AOJu0YwdtgVyJme61ZRJR5w1dlT0CD8IGWQ4zTDKqokQF+iohZ6gp3vT iOuwH4gQp3XBPOSpH9B6gqvYchrm32B4iGJV9eEOAmOUSNThEAxvpHhvHRNvHOc= X-Google-Smtp-Source: AGHT+IGL1oUEZJ3rWhtkHzcHN//l4Kwa6WIU+uMQ5VnS4NxAxx6XDhapJjpe9N68qs8G4gEKoRwuyw== X-Received: by 2002:a05:6902:1825:b0:e28:fa51:634a with SMTP id 3f1490d57ef6-e382615f44fmr2204741276.31.1731684691641; Fri, 15 Nov 2024 07:31:31 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e38152caccdsm1011626276.14.2024.11.15.07.31.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:30 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 06/19] fanotify: reserve event bit of deprecated FAN_DIR_MODIFY Date: Fri, 15 Nov 2024 10:30:19 -0500 Message-ID: <632d9f80428e2e7a6b6a8ccc2925d87c92bbb518.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Avoid reusing it, because we would like to reserve it for future FAN_PATH_MODIFY pre-content event. Signed-off-by: Amir Goldstein --- include/linux/fsnotify_backend.h | 1 + include/uapi/linux/fanotify.h | 1 + 2 files changed, 2 insertions(+) diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 99d81c3c11d7..2dc30cf637aa 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -55,6 +55,7 @@ #define FS_OPEN_PERM 0x00010000 /* open event in an permission hook */ #define FS_ACCESS_PERM 0x00020000 /* access event in a permissions hook */ #define FS_OPEN_EXEC_PERM 0x00040000 /* open/exec event in a permission hook */ +/* #define FS_DIR_MODIFY 0x00080000 */ /* Deprecated (reserved) */ /* * Set on inode mark that cares about things that happen to its children. diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 34f221d3a1b9..79072b6894f2 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -25,6 +25,7 @@ #define FAN_OPEN_PERM 0x00010000 /* File open in perm check */ #define FAN_ACCESS_PERM 0x00020000 /* File accessed in perm check */ #define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ +/* #define FAN_DIR_MODIFY 0x00080000 */ /* Deprecated (reserved) */ #define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */ From patchwork Fri Nov 15 15:30:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876419 Received: from mail-yb1-f181.google.com (mail-yb1-f181.google.com [209.85.219.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 958281D54D1 for ; Fri, 15 Nov 2024 15:31:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684697; cv=none; b=MyWMWgPdn+kQkGoS3Jzo5ml+RG/a4t8FflvHqNmb5q+orcWMUpwPn3mDm+JyVj/jUdg7acTfYNrsl8dIkmOh3OH1LH4g/k9ZzcwBa8DkrehVWMDXWmblsXO5AQUTdKvn0t02yoUjpbLedmruf+LpqxBV1vmAYLaBk6anC9vE0y8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684697; c=relaxed/simple; bh=ctuqUXStMMiL6wCBW7aZc8HS3t0BGUFKEOJvAl3AGGY=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Q9ukYefz3AdXoRD0kBIlPS+q+46RyLEo7sCDetgI2sKMWxmqN4cZh3LtYa7y4cWWmNyS20s1bwczNPY/lA5V2NluaB68O0pJ67RtFDYT01WoGMiKacEAeLzkUTCquh+3N2pTlG+vCpNdOL+HJVQwX3TS8I90AjHn1nO5dEarNmE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=T3BbY+n+; arc=none smtp.client-ip=209.85.219.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="T3BbY+n+" Received: by mail-yb1-f181.google.com with SMTP id 3f1490d57ef6-e2bd7d8aaf8so902704276.3 for ; Fri, 15 Nov 2024 07:31:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684693; x=1732289493; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MRzK4Q1A3yuX/T2NQizEcUBNaZlB/P7dkcHbBOaMevU=; b=T3BbY+n+jl+xxwNJzLGRuZGg6RiOVOkpOmuIqm9z855f7Z7pvxKgCRUM1Rz77erGKZ Ya/m6LSFSAzt/uAXD2qsK8m4hyhQxzHHsS0zFfJ/L1im4m7r1UroF7GPWaPgqmgIZCn4 KL//bW4THtd6UlHDKNgYqvEUWVKD2i/HF4Suvg6k0bt4i/YuO+pc0Ga7nk491u2MGbbM YxOg+v7gD00MQroSs0uJ1FiDO736zmr+s0vVjqYGauvDSy3eC2mmmREsB8AtATK0ZXvw ZP8i31YpCbC5tCPwxTyhAwCFVnYV9o4BNuK47TlvlDh1GsqKzDXpN0Ky78E1GqHVPeOH 7SDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684693; x=1732289493; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MRzK4Q1A3yuX/T2NQizEcUBNaZlB/P7dkcHbBOaMevU=; b=KKkbyo3/1wmC8Hgzy9jWg6I+ugcVXMepc2Rg1t+mTDaEUOmZNSFRn8ZZ4LwJakbzLZ EJDNIqAui5XuyZeGdoz3hVmlwgFao6Bp8TV+FKwCLVA7Ye0l2SfiwSwkZ3iNLm/XnU4F lvUQ34TE7VzNHZCMQq3D0olVVQ/QlBjfaEmVmeCEod0AvGqlrI79PbL2K9eoStS2CAf1 1gk3mGWMDL2xpAq1zqYUF8uNlB7j4642wfsCxjpLgf0RmeUJckcT+Ch3bJ5wp5vm9RSV ayx2hOGeL0sYik0IaP4L+rCnwg3Px6R0RMtVfeX9QKZ4Gz9jewqk6+i1YKjCiM+xGmhE yRaQ== X-Forwarded-Encrypted: i=1; AJvYcCW+YRo0MjwEfJECz0s2TBcsBfOwvcANAZGdiNyTcpgX6YIod8R2G7VvayZIAbr+2UEmhOROr4X997I0msIZ@vger.kernel.org X-Gm-Message-State: AOJu0YzKfo0dEb0Vr/GuLM969ppKP9eLqf9pCcHMOatpnliemyDCQcO1 hlW0cRmxenKztHS1pTSnqyNx9lv1z6MpOdRtiOaw8BVCMBQ13IW5cenYatx6bVA= X-Google-Smtp-Source: AGHT+IGyWRJgeIXfM96kmRgZ4BcfzpHMEUIT23gvUh5NA4jhWm1kPkotZW2CvGFTnhHweMUdUT4Lug== X-Received: by 2002:a05:6902:f84:b0:e2b:b45a:149 with SMTP id 3f1490d57ef6-e382639f2b5mr2742461276.39.1731684693281; Fri, 15 Nov 2024 07:31:33 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e38152d0248sm963707276.23.2024.11.15.07.31.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:32 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 07/19] fsnotify: introduce pre-content permission events Date: Fri, 15 Nov 2024 10:30:20 -0500 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein The new FS_PRE_ACCESS permission event is similar to FS_ACCESS_PERM, but it meant for a different use case of filling file content before access to a file range, so it has slightly different semantics. Generate FS_PRE_ACCESS/FS_ACCESS_PERM as two seperate events, so content scanners could inspect the content filled by pre-content event handler. Unlike FS_ACCESS_PERM, FS_PRE_ACCESS is also called before a file is modified by syscalls as write() and fallocate(). FS_ACCESS_PERM is reported also on blockdev and pipes, but the new pre-content events are only reported for regular files and dirs. The pre-content events are meant to be used by hierarchical storage managers that want to fill the content of files on first access. There are some specific requirements from filesystems that could be used with pre-content events, so add a flag for fs to opt-in for pre-content events explicitly before they can be used. Signed-off-by: Amir Goldstein --- fs/notify/fsnotify.c | 2 +- include/linux/fs.h | 1 + include/linux/fsnotify.h | 39 ++++++++++++++++++++++++++++---- include/linux/fsnotify_backend.h | 12 ++++++++-- security/selinux/hooks.c | 3 ++- 5 files changed, 49 insertions(+), 8 deletions(-) diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index 33576a848a9f..d128cb7dee62 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -649,7 +649,7 @@ static __init int fsnotify_init(void) { int ret; - BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 23); + BUILD_BUG_ON(HWEIGHT32(ALL_FSNOTIFY_BITS) != 24); ret = init_srcu_struct(&fsnotify_mark_srcu); if (ret) diff --git a/include/linux/fs.h b/include/linux/fs.h index 8e5c783013d2..d231f4bc12aa 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1256,6 +1256,7 @@ extern int send_sigurg(struct file *file); #define SB_I_RETIRED 0x00000800 /* superblock shouldn't be reused */ #define SB_I_NOUMASK 0x00001000 /* VFS does not apply umask */ #define SB_I_NOIDMAP 0x00002000 /* No idmapped mounts on this superblock */ +#define SB_I_ALLOW_HSM 0x00004000 /* Allow HSM events on this superblock */ /* Possible states of 'frozen' field */ enum { diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 54ec97366d7c..994d7a322369 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -134,9 +134,10 @@ static inline int fsnotify_file(struct file *file, __u32 mask) * Later, fsnotify permission hooks do not check if there are permission event * watches, but that there were permission event watches at open time. */ -static void file_set_fsnotify_mode(struct file *file) +static inline void file_set_fsnotify_mode(struct file *file) { struct super_block *sb = file->f_path.dentry->d_sb; + struct inode *inode; /* Is it a file opened by fanotify? */ if (FMODE_FSNOTIFY_NONE(file->f_mode)) @@ -162,6 +163,19 @@ static void file_set_fsnotify_mode(struct file *file) file->f_mode |= FMODE_NONOTIFY_HSM; return; } + + /* + * There are pre-content watchers in the filesystem, but are there + * pre-content watchers on this specific file? + * Pre-content events are only reported for regular files and dirs. + */ + inode = file_inode(file); + if ((!S_ISDIR(inode->i_mode) && !S_ISREG(inode->i_mode)) || + likely(!fsnotify_file_object_watched(file, + FSNOTIFY_PRE_CONTENT_EVENTS))) { + file->f_mode |= FMODE_NONOTIFY_HSM; + return; + } } /* @@ -177,12 +191,29 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, */ lockdep_assert_once(file_write_not_started(file)); + if (!(perm_mask & (MAY_READ | MAY_WRITE | MAY_ACCESS))) + return 0; + + if (likely(!FMODE_FSNOTIFY_PERM(file->f_mode))) + return 0; + + /* + * read()/write() and other types of access generate pre-content events. + */ + if (unlikely(FMODE_FSNOTIFY_HSM(file->f_mode))) { + int ret = fsnotify_path(&file->f_path, FS_PRE_ACCESS); + + if (ret) + return ret; + } + if (!(perm_mask & MAY_READ)) return 0; - if (likely(file->f_mode & FMODE_NONOTIFY_PERM)) - return 0; - + /* + * read() also generates the legacy FS_ACCESS_PERM event, so content + * scanners can inspect the content filled by pre-content event. + */ return fsnotify_path(&file->f_path, FS_ACCESS_PERM); } diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 2dc30cf637aa..33880de72ef3 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -57,6 +57,8 @@ #define FS_OPEN_EXEC_PERM 0x00040000 /* open/exec event in a permission hook */ /* #define FS_DIR_MODIFY 0x00080000 */ /* Deprecated (reserved) */ +#define FS_PRE_ACCESS 0x00100000 /* Pre-content access hook */ + /* * Set on inode mark that cares about things that happen to its children. * Always set for dnotify and inotify. @@ -78,8 +80,14 @@ */ #define ALL_FSNOTIFY_DIRENT_EVENTS (FS_CREATE | FS_DELETE | FS_MOVE | FS_RENAME) -#define ALL_FSNOTIFY_PERM_EVENTS (FS_OPEN_PERM | FS_ACCESS_PERM | \ - FS_OPEN_EXEC_PERM) +/* Content events can be used to inspect file content */ +#define FSNOTIFY_CONTENT_PERM_EVENTS (FS_OPEN_PERM | FS_OPEN_EXEC_PERM | \ + FS_ACCESS_PERM) +/* Pre-content events can be used to fill file content */ +#define FSNOTIFY_PRE_CONTENT_EVENTS (FS_PRE_ACCESS) + +#define ALL_FSNOTIFY_PERM_EVENTS (FSNOTIFY_CONTENT_PERM_EVENTS | \ + FSNOTIFY_PRE_CONTENT_EVENTS) /* * This is a list of all events that may get sent to a parent that is watching diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index fc926d3cac6e..c6f38705c715 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3404,7 +3404,8 @@ static int selinux_path_notify(const struct path *path, u64 mask, perm |= FILE__WATCH_WITH_PERM; /* watches on read-like events need the file:watch_reads permission */ - if (mask & (FS_ACCESS | FS_ACCESS_PERM | FS_CLOSE_NOWRITE)) + if (mask & (FS_ACCESS | FS_ACCESS_PERM | FS_PRE_ACCESS | + FS_CLOSE_NOWRITE)) perm |= FILE__WATCH_READS; return path_has_perm(current_cred(), path, perm); From patchwork Fri Nov 15 15:30:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876420 Received: from mail-yw1-f173.google.com (mail-yw1-f173.google.com [209.85.128.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E29BB1D5166 for ; Fri, 15 Nov 2024 15:31:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684698; cv=none; b=l5Zq6G0ktwnO99iH3x+vghrrIVPqycjm/wZYkRDo3dlyRri8wf5qXdTjgX/GK0yV1nZSHwHOxwTG/iJ84xVodQy+hZqb8/lZ8O0SmZJZUzn3MvklUyX0rycLMTo4gOUojenk1YGfsEMvsHzGcjTFDCw3usPyk772PLuTQiNWuII= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684698; c=relaxed/simple; bh=f/yiSuCioIqY8kK579CsLS9yawIIM43Iuar+nxiz9PQ=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uKNHG+IH8Ufyo/DlpkIaEHa7zu1ey/7P4k8UbW5IsMA+0wW4Xw04EwN1yVOTRvWo8wlzj9R2qnrf7Mn5uVBuhWunNolE5odSSRvmPjoErnIetnxM3g1FXToAVJ0v9StcF3OCF+E/J7jSwOR7nO7UFx1Q3tJvUWLhINcmchrmVS4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=z4KmwIq4; arc=none smtp.client-ip=209.85.128.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="z4KmwIq4" Received: by mail-yw1-f173.google.com with SMTP id 00721157ae682-6ee55cfa88cso8330837b3.3 for ; Fri, 15 Nov 2024 07:31:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684695; x=1732289495; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=HmDi22ux7vu/mgZp6ZHEvpaDEJU9ywEimHDaeGkRuI8=; b=z4KmwIq4hwer5XLF9IL9wmaoth9rNTO3q0tDxRJHEdguDdb2BLBzcrMDsG59pjl2bi DK20KemqcWfzz/0hFbYsWPleca8SR9jxidX9oCW8d3H0euQplefnKJfpOiUCwiyvYdu3 UpAQKXSDA6O6y40KzqZ21zcLzQ0QTkBdQBbv7RSXIHeUWMOshrvpPUhEhdTpPgCk6UT/ 4L5fT+o6fd0R/KMg1f5FgxhklPTcKlGHs/Aje5X1RMvjypGNLzIhvxTEGXNLF4nfDCtz f64xXFTJzVQLdApabGelJCP0TqeLvMjC3o9WNZf5Az0S9NB2EreDcGj6H/9gPthbM1nh S52w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684695; x=1732289495; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HmDi22ux7vu/mgZp6ZHEvpaDEJU9ywEimHDaeGkRuI8=; b=q+N7od1TxJxl6wP9oBthbQ0rrUfcwta5X2NESzhjJxss9t2T3u2bL/jyQh4bRih+Ur JbZYtHd00iyw8RScGXnRf0tv/TW3qtcr0qXoCBQv8c+3w+is5lFYHG3QEmgyqQvZHEaN F1XR9H/raIvt1D195cxb5xUlDVGO3IVwqaOYYyX8BDNYfptRiQfP6vnDtscRxZNkdBoW vuyuc5xWk2VuAJRVzrI4rNx8McZHv3t3qwZhyzAO33nxTiF65E0nTLqygf4Qbo2tWD2C YPJxKfbxyxOokiNQbdFvrmWidFxz7iCDKbXCqYfbvEyeyu+vCWj/dsNZu8NJGiL/GgFY wYlQ== X-Forwarded-Encrypted: i=1; AJvYcCXRNRDb++uWL9JVBdE47wvRgwx8y+Rts3WpJNyz7UPjEVUSDIJgS5R3f18X8I7h50zu1RTkuWa4QKWqH8G9@vger.kernel.org X-Gm-Message-State: AOJu0YwGGpMkx9ttYhX9Hto/UcV/E5ba0T4W/fz0sHwk2wijUBLsz6FL 6iyMSy1hnO/LmwQ4VzacDaWCveumYGmVB1ayqOz0zRoMWA923gwMFJ1lEIR3zHs= X-Google-Smtp-Source: AGHT+IHRArDyJHlTef+3JwzlBCm2e+TOdRS4anVHdo81AyQIdw4zsmIETl6tl9pEKTE/6sFxZRHk4g== X-Received: by 2002:a05:690c:490e:b0:652:5838:54ef with SMTP id 00721157ae682-6ee55cff0c8mr38839537b3.37.1731684694891; Fri, 15 Nov 2024 07:31:34 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee4444b907sm7704477b3.121.2024.11.15.07.31.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:34 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 08/19] fsnotify: pass optional file access range in pre-content event Date: Fri, 15 Nov 2024 10:30:21 -0500 Message-ID: <88eddee301231d814aede27fb4d5b41ae37c9702.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein We would like to add file range information to pre-content events. Pass a struct file_range with offset and length to event handler along with pre-content permission event. The offset and length are aligned to page size, but we may need to align them to minimum folio size for filesystems with large block size. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 11 +++++++-- fs/notify/fanotify/fanotify.h | 2 ++ fs/notify/fsnotify.c | 18 ++++++++++++++ include/linux/fsnotify.h | 4 ++-- include/linux/fsnotify_backend.h | 40 ++++++++++++++++++++++++++++++++ 5 files changed, 71 insertions(+), 4 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 24c7c5df4998..2e6ba94ec405 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -548,9 +548,13 @@ static struct fanotify_event *fanotify_alloc_path_event(const struct path *path, return &pevent->fae; } -static struct fanotify_event *fanotify_alloc_perm_event(const struct path *path, +static struct fanotify_event *fanotify_alloc_perm_event(const void *data, + int data_type, gfp_t gfp) { + const struct path *path = fsnotify_data_path(data, data_type); + const struct file_range *range = + fsnotify_data_file_range(data, data_type); struct fanotify_perm_event *pevent; pevent = kmem_cache_alloc(fanotify_perm_event_cachep, gfp); @@ -564,6 +568,9 @@ static struct fanotify_event *fanotify_alloc_perm_event(const struct path *path, pevent->hdr.len = 0; pevent->state = FAN_EVENT_INIT; pevent->path = *path; + /* NULL ppos means no range info */ + pevent->ppos = range ? &range->pos : NULL; + pevent->count = range ? range->count : 0; path_get(path); return &pevent->fae; @@ -801,7 +808,7 @@ static struct fanotify_event *fanotify_alloc_event( old_memcg = set_active_memcg(group->memcg); if (fanotify_is_perm_event(mask)) { - event = fanotify_alloc_perm_event(path, gfp); + event = fanotify_alloc_perm_event(data, data_type, gfp); } else if (fanotify_is_error_event(mask)) { event = fanotify_alloc_error_event(group, fsid, data, data_type, &hash); diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h index e5ab33cae6a7..93598b7d5952 100644 --- a/fs/notify/fanotify/fanotify.h +++ b/fs/notify/fanotify/fanotify.h @@ -425,6 +425,8 @@ FANOTIFY_PE(struct fanotify_event *event) struct fanotify_perm_event { struct fanotify_event fae; struct path path; + const loff_t *ppos; /* optional file range info */ + size_t count; u32 response; /* userspace answer to the event */ unsigned short state; /* state of the event */ int fd; /* fd we passed to userspace for this event */ diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index d128cb7dee62..538aacf990ca 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -225,6 +225,24 @@ __u32 fsnotify_file_object_watched(struct file *file, __u32 events_mask) } EXPORT_SYMBOL_GPL(fsnotify_file_object_watched); +/* Report pre-content event with optional range info */ +int fsnotify_pre_content(const struct path *path, const loff_t *ppos, + size_t count) +{ + struct file_range range; + + /* Report page aligned range only when pos is known */ + if (!ppos) + return fsnotify_path(path, FS_PRE_ACCESS); + + range.path = path; + range.pos = PAGE_ALIGN_DOWN(*ppos); + range.count = PAGE_ALIGN(*ppos + count) - range.pos; + + return fsnotify_parent(path->dentry, FS_PRE_ACCESS, &range, + FSNOTIFY_EVENT_FILE_RANGE); +} + /* * Notify this dentry's parent about a child's events with child name info * if parent is watching or if inode/sb/mount are interested in events with diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 994d7a322369..ce189b4778a5 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -201,7 +201,7 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, * read()/write() and other types of access generate pre-content events. */ if (unlikely(FMODE_FSNOTIFY_HSM(file->f_mode))) { - int ret = fsnotify_path(&file->f_path, FS_PRE_ACCESS); + int ret = fsnotify_pre_content(&file->f_path, ppos, count); if (ret) return ret; @@ -218,7 +218,7 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, } /* - * fsnotify_file_perm - permission hook before file access + * fsnotify_file_perm - permission hook before file access (unknown range) */ static inline int fsnotify_file_perm(struct file *file, int perm_mask) { diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h index 33880de72ef3..89f351193d8f 100644 --- a/include/linux/fsnotify_backend.h +++ b/include/linux/fsnotify_backend.h @@ -294,6 +294,7 @@ static inline void fsnotify_group_assert_locked(struct fsnotify_group *group) /* When calling fsnotify tell it if the data is a path or inode */ enum fsnotify_data_type { FSNOTIFY_EVENT_NONE, + FSNOTIFY_EVENT_FILE_RANGE, FSNOTIFY_EVENT_PATH, FSNOTIFY_EVENT_INODE, FSNOTIFY_EVENT_DENTRY, @@ -306,6 +307,17 @@ struct fs_error_report { struct super_block *sb; }; +struct file_range { + const struct path *path; + loff_t pos; + size_t count; +}; + +static inline const struct path *file_range_path(const struct file_range *range) +{ + return range->path; +} + static inline struct inode *fsnotify_data_inode(const void *data, int data_type) { switch (data_type) { @@ -315,6 +327,8 @@ static inline struct inode *fsnotify_data_inode(const void *data, int data_type) return d_inode(data); case FSNOTIFY_EVENT_PATH: return d_inode(((const struct path *)data)->dentry); + case FSNOTIFY_EVENT_FILE_RANGE: + return d_inode(file_range_path(data)->dentry); case FSNOTIFY_EVENT_ERROR: return ((struct fs_error_report *)data)->inode; default: @@ -330,6 +344,8 @@ static inline struct dentry *fsnotify_data_dentry(const void *data, int data_typ return (struct dentry *)data; case FSNOTIFY_EVENT_PATH: return ((const struct path *)data)->dentry; + case FSNOTIFY_EVENT_FILE_RANGE: + return file_range_path(data)->dentry; default: return NULL; } @@ -341,6 +357,8 @@ static inline const struct path *fsnotify_data_path(const void *data, switch (data_type) { case FSNOTIFY_EVENT_PATH: return data; + case FSNOTIFY_EVENT_FILE_RANGE: + return file_range_path(data); default: return NULL; } @@ -356,6 +374,8 @@ static inline struct super_block *fsnotify_data_sb(const void *data, return ((struct dentry *)data)->d_sb; case FSNOTIFY_EVENT_PATH: return ((const struct path *)data)->dentry->d_sb; + case FSNOTIFY_EVENT_FILE_RANGE: + return file_range_path(data)->dentry->d_sb; case FSNOTIFY_EVENT_ERROR: return ((struct fs_error_report *) data)->sb; default: @@ -375,6 +395,18 @@ static inline struct fs_error_report *fsnotify_data_error_report( } } +static inline const struct file_range *fsnotify_data_file_range( + const void *data, + int data_type) +{ + switch (data_type) { + case FSNOTIFY_EVENT_FILE_RANGE: + return (struct file_range *)data; + default: + return NULL; + } +} + /* * Index to merged marks iterator array that correlates to a type of watch. * The type of watched object can be deduced from the iterator type, but not @@ -865,6 +897,8 @@ static inline void fsnotify_init_event(struct fsnotify_event *event) } __u32 fsnotify_file_object_watched(struct file *file, __u32 mask); +int fsnotify_pre_content(const struct path *path, const loff_t *ppos, + size_t count); #else @@ -873,6 +907,12 @@ static inline __u32 fsnotify_file_object_watched(struct file *file, __u32 mask) return 0; } +static inline int fsnotify_pre_content(const struct path *path, + const loff_t *ppos, size_t count) +{ + return 0; +} + static inline int fsnotify(__u32 mask, const void *data, int data_type, struct inode *dir, const struct qstr *name, struct inode *inode, u32 cookie) From patchwork Fri Nov 15 15:30:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876421 Received: from mail-yw1-f169.google.com (mail-yw1-f169.google.com [209.85.128.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 384131E32C0 for ; Fri, 15 Nov 2024 15:31:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684698; cv=none; b=d9a9V3PAHVfiy6KsCsOpwDYRxFAfYGnPEW9J5mEx6SEFcS8Ize2VA43zHqgXH98TaGVonjER2kPGRTnxCBmjIKBWsYT5Lseza/w+VR3H4/gThy3lq9NFxoFF0s3Is303TM9YfHRxJkd/jMwMC49LFyDydIdbfrn0477u24vqFzQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684698; c=relaxed/simple; bh=H9nsrZEmtioQe0BKAHTXHDlGAW6hpO1KDpAnJR9Ml0E=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Ii7oLIlQf57DCqx4PPwUBlj8o/23EdgY6zJ9UQScuHdyuy0DFKsvIyiYFUKaK327RPLEXwjjw2E+cGP/ftjMH2w84Dp8bP7uuEWKo7mdBx3sIpC9aO5CMuYzG10fsm9ZH9l8ObftXRVl6uuxZ/lQ2K1hb0PcZ6T8g9b617MvEx4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=AXCiI72B; arc=none smtp.client-ip=209.85.128.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="AXCiI72B" Received: by mail-yw1-f169.google.com with SMTP id 00721157ae682-6eb0e90b729so23134777b3.1 for ; Fri, 15 Nov 2024 07:31:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684696; x=1732289496; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=fc94RDUI6NSDstxP0CCSGWYRtQ6KzVO9XtXkr+KxT+s=; b=AXCiI72BDqzMrERluzYVURX3g74nTjGCIeOuJaulp1LjjHrRNRlYxNH2YINQIIUJuX N6+jZsmmRcHoKUNZOO3c13Z47fzaXl/83sEJs/cU4HZWUpUpN/ghmXxgtmKFgT7iRjr8 dDi4I2BcYkK/jRlAvdnbkLA6uFMTAHzMHKL9UkhwNPoAenc6k5utFYaqYtGQJhE1q1X4 KR6+gKSUWedvc/EQJWpCP52KYVDLmV1y99fo1PMaP4cudinaT0A+tfj2JOazzsSO35Ge ZjerUTjcxgh+8qYl/Zcj0f1GT6M3IrghHZIpUtyF3OOrUP092bwvIAfKIk7bnR+fEdgS gPGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684696; x=1732289496; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=fc94RDUI6NSDstxP0CCSGWYRtQ6KzVO9XtXkr+KxT+s=; b=ZNtf4v2KMv4hVM8PW8N0HbCbI5iWviDvFVsVOSZF+Imu4/rjYE5vxz81aTbgqDCfKU Hl1NzLM+uLt6TYFvWTgIUYDXWOVAw9JD+ELOAHyANR3xxSmFl9lz7JY6yjOPVLD/cdMN ae2wAXamu45Chh3mxERnnF5DYr2u288RKlk5+go88G9hySPL35bQNjjHKLgz4IHKNGRy KuFFVbaScD0UeviQTHl/HbIQvY4fDBFsWlM6HHZ0Vil8g+YM6s62fIu0u1tCYteGRl/J OOdHMTK0oNDLbjWm0OK80T3y46Ug3daWyvPDZJJUvT1qz2Zc2GL0Eei39xFPbJXNKX/z ykbg== X-Forwarded-Encrypted: i=1; AJvYcCUc/7QJ/0fkM6ymsgvG9RlWV7KkL5Twmx+5i6IsMCf6qCkhzjlAZu237Ww0WuNuWbx1BgUIr5+zHrxOjpgp@vger.kernel.org X-Gm-Message-State: AOJu0YzpmY6euH1hcVibfgAzR+9FokHBgEzgrTBDUP2MmoPwTpO47USI 65cOn7XVhbqrnDDX5Wtis/c4izijAClrymYDSrgN/1wSqPSz6mKOCt3sDzVTZRQ= X-Google-Smtp-Source: AGHT+IF/6XDeCM5HdGyZ+bKpb7CwsA0grIiF+sgXOFU/Ezrvf0/YQwsV5K3Q/P9oh37dfkgoQYNabg== X-Received: by 2002:a05:690c:610f:b0:6e3:31e8:7155 with SMTP id 00721157ae682-6ee55ef7f91mr39398227b3.40.1731684696301; Fri, 15 Nov 2024 07:31:36 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee6dfe1a17sm202557b3.64.2024.11.15.07.31.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:35 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 09/19] fsnotify: generate pre-content permission event on truncate Date: Fri, 15 Nov 2024 10:30:22 -0500 Message-ID: <23af8201db6ac2efdea94f09ab067d81ba5de7a7.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Generate FS_PRE_ACCESS event before truncate, without sb_writers held. Move the security hooks also before sb_start_write() to conform with other security hooks (e.g. in write, fallocate). The event will have a range info of the page surrounding the new size to provide an opportunity to fill the conetnt at the end of file before truncating to non-page aligned size. Signed-off-by: Amir Goldstein --- fs/open.c | 31 +++++++++++++++++++++---------- include/linux/fsnotify.h | 20 ++++++++++++++++++++ 2 files changed, 41 insertions(+), 10 deletions(-) diff --git a/fs/open.c b/fs/open.c index 1a9483872e1f..d11d373dca80 100644 --- a/fs/open.c +++ b/fs/open.c @@ -81,14 +81,18 @@ long vfs_truncate(const struct path *path, loff_t length) if (!S_ISREG(inode->i_mode)) return -EINVAL; - error = mnt_want_write(path->mnt); - if (error) - goto out; - idmap = mnt_idmap(path->mnt); error = inode_permission(idmap, inode, MAY_WRITE); if (error) - goto mnt_drop_write_and_out; + return error; + + error = fsnotify_truncate_perm(path, length); + if (error) + return error; + + error = mnt_want_write(path->mnt); + if (error) + return error; error = -EPERM; if (IS_APPEND(inode)) @@ -114,7 +118,7 @@ long vfs_truncate(const struct path *path, loff_t length) put_write_access(inode); mnt_drop_write_and_out: mnt_drop_write(path->mnt); -out: + return error; } EXPORT_SYMBOL_GPL(vfs_truncate); @@ -175,11 +179,18 @@ long do_ftruncate(struct file *file, loff_t length, int small) /* Check IS_APPEND on real upper inode */ if (IS_APPEND(file_inode(file))) return -EPERM; - sb_start_write(inode->i_sb); + error = security_file_truncate(file); - if (!error) - error = do_truncate(file_mnt_idmap(file), dentry, length, - ATTR_MTIME | ATTR_CTIME, file); + if (error) + return error; + + error = fsnotify_truncate_perm(&file->f_path, length); + if (error) + return error; + + sb_start_write(inode->i_sb); + error = do_truncate(file_mnt_idmap(file), dentry, length, + ATTR_MTIME | ATTR_CTIME, file); sb_end_write(inode->i_sb); return error; diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index ce189b4778a5..08893429a818 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -217,6 +217,21 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, return fsnotify_path(&file->f_path, FS_ACCESS_PERM); } +/* + * fsnotify_truncate_perm - permission hook before file truncate + */ +static inline int fsnotify_truncate_perm(const struct path *path, loff_t length) +{ + struct inode *inode = d_inode(path->dentry); + + if (!(inode->i_sb->s_iflags & SB_I_ALLOW_HSM) || + !fsnotify_sb_has_priority_watchers(inode->i_sb, + FSNOTIFY_PRIO_PRE_CONTENT)) + return 0; + + return fsnotify_pre_content(path, &length, 0); +} + /* * fsnotify_file_perm - permission hook before file access (unknown range) */ @@ -255,6 +270,11 @@ static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, return 0; } +static inline int fsnotify_truncate_perm(const struct path *path, loff_t length) +{ + return 0; +} + static inline int fsnotify_file_perm(struct file *file, int perm_mask) { return 0; From patchwork Fri Nov 15 15:30:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876425 Received: from mail-io1-f44.google.com (mail-io1-f44.google.com [209.85.166.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A159F1D5ABF for ; Fri, 15 Nov 2024 15:31:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684712; cv=none; b=OT8hMdwXP4sBVmg/dQuxNOuoFqNZr7FwO13ANv7y6CJr7IgFO5rpxw3nYY/iCaaWD7VJFKoUZL2HcF3+vBMZA3piOx3WGaKXqoIYZm8z1r/azlJy/cUJ4jvou1b0Bj3d+/PsheFIbl7VOv5UoCioIw9BcnN1+7OBv3nNofJvQo4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684712; c=relaxed/simple; bh=mmiCP5FXX4dhY4TFju9684uZ4Gwy+6bghcevodVCHbw=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rIfeFz8YtHxMPQ/buJYAqi94mNd3xBDgoww5RS2n7PP4T9E1IiT/+qWkIfwcFemq/WJJ4osqjPywarC9JgBVbDehF1W0JWxfr89I4WH+ZI1cA26HshA3zI+EPmLe6h3zodkwjyOra5tjDm67fzpFbpM8pNXvxG/bp68S0MIKGDI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=gEgegveC; arc=none smtp.client-ip=209.85.166.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="gEgegveC" Received: by mail-io1-f44.google.com with SMTP id ca18e2360f4ac-83abcfb9f37so60832439f.1 for ; Fri, 15 Nov 2024 07:31:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684710; x=1732289510; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Ma7Y5+BFpcWgfxwOepr2mPEvJR7BrAPr6ViHq4rzmZc=; b=gEgegveCoTMMo+cZkTn7ilFJrj/mtD71bgnbu5fHQwYfUo6pV7Ss+FFEfgtuprPMGC j+/n/WWnXulblkNla3zS7w5iD+f/aH4siIOMz3kTnviiJpal4NetoVnCy0AM700FiahG Nlh59G+wvjH/9hwsmlAyaZYnFBjVjvFhWgFsVycl7EOQG9OcZbwMU7gkITR7GX0kqUtZ kK1AWpIV5ZlPYCdbireZYFvR8y0VfXXCJfYprpoSaZekIQCk/t7U81SF+xBaUUZrrXox qLIqiJ2VgnOAqZ4ROUXA1AYDMCm0Ro5f4ZG4KDL/x+vIUiFEKOEtIPp7nu2U5PWUrXvD 7nlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684710; x=1732289510; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ma7Y5+BFpcWgfxwOepr2mPEvJR7BrAPr6ViHq4rzmZc=; b=ksgcxVKy/gtYmaPqvauW33sqxH0/6L/qcrCI3HbjoSlAMdzzEnDCXKxIN1JhhB7ws/ TGNJ5v/l0vB+lsxCo/N2C7MjdQt7TatnvxE7KHalgj3PJxtlnEGScAGTA10jDZ1YXp6+ t/fJhgz/8oRyeQZ3ecfiffPqWyuBSj8Beq0mT0d+fw4QHQQSz/ymEUotKrVYVk1Ef0JX MFoHXIZtwbLb7xDPdQ87bMH5lsKU2+s8kGy39JdDJyr1oDaAjddMM4Ow+wdadZu/ScWo 2eovHth2HKBPLOsSkBD3KkcbNTsoQGy3u2md91OX86ui2jIKC40YbJgVpj8/VOAvQS2r Mzdg== X-Forwarded-Encrypted: i=1; AJvYcCUw7JWC1XpjBPzRFKe64JJ9T4+HBSG2p1Q55xXmJqnJPL5+pAKezYdyx5MyToQTuieXXaR32+jBHfagq1r6@vger.kernel.org X-Gm-Message-State: AOJu0Yzir/jCL68/nPO8A9WjNSY8uJ1LBOIQETS8XvkKG7hHfMIKi29l CngDgiZrpv1ZTr0kjy+ghh9UOXguSr5vAr9VF8zL2b006a2bWWESgMV5IUtnuuPY3gN/vBYcEeH X X-Google-Smtp-Source: AGHT+IH4KF4O/0TeALgb4lQDmEiPTFLtEsIEnnQGgceAZNppg9oa7TyTq0ub2EblRWNTki1B2uNPXQ== X-Received: by 2002:a05:6902:18ce:b0:e30:e1f3:2a9c with SMTP id 3f1490d57ef6-e3825bdd1fbmr2969338276.0.1731684697839; Fri, 15 Nov 2024 07:31:37 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e38152ab555sm1006714276.12.2024.11.15.07.31.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:37 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 10/19] fanotify: introduce FAN_PRE_ACCESS permission event Date: Fri, 15 Nov 2024 10:30:23 -0500 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein Similar to FAN_ACCESS_PERM permission event, but it is only allowed with class FAN_CLASS_PRE_CONTENT and only allowed on regular files and dirs. Unlike FAN_ACCESS_PERM, it is safe to write to the file being accessed in the context of the event handler. This pre-content event is meant to be used by hierarchical storage managers that want to fill the content of files on first read access. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 3 ++- fs/notify/fanotify/fanotify_user.c | 22 +++++++++++++++++++--- include/linux/fanotify.h | 14 ++++++++++---- include/uapi/linux/fanotify.h | 2 ++ 4 files changed, 33 insertions(+), 8 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index 2e6ba94ec405..da6c3c1c7edf 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -916,8 +916,9 @@ static int fanotify_handle_event(struct fsnotify_group *group, u32 mask, BUILD_BUG_ON(FAN_OPEN_EXEC_PERM != FS_OPEN_EXEC_PERM); BUILD_BUG_ON(FAN_FS_ERROR != FS_ERROR); BUILD_BUG_ON(FAN_RENAME != FS_RENAME); + BUILD_BUG_ON(FAN_PRE_ACCESS != FS_PRE_ACCESS); - BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 21); + BUILD_BUG_ON(HWEIGHT32(ALL_FANOTIFY_EVENT_BITS) != 22); mask = fanotify_group_event_mask(group, iter_info, &match_mask, mask, data, data_type, dir); diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 456cc3e92c88..5ea447e9e5a8 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -1640,11 +1640,23 @@ static int fanotify_events_supported(struct fsnotify_group *group, unsigned int flags) { unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; + bool is_dir = d_is_dir(path->dentry); /* Strict validation of events in non-dir inode mask with v5.17+ APIs */ bool strict_dir_events = FAN_GROUP_FLAG(group, FAN_REPORT_TARGET_FID) || (mask & FAN_RENAME) || (flags & FAN_MARK_IGNORE); + /* + * Filesystems need to opt-into pre-content evnets (a.k.a HSM) + * and they are only supported on regular files and directories. + */ + if (mask & FANOTIFY_PRE_CONTENT_EVENTS) { + if (!(path->mnt->mnt_sb->s_iflags & SB_I_ALLOW_HSM)) + return -EINVAL; + if (!is_dir && !d_is_reg(path->dentry)) + return -EINVAL; + } + /* * Some filesystems such as 'proc' acquire unusual locks when opening * files. For them fanotify permission events have high chances of @@ -1677,7 +1689,7 @@ static int fanotify_events_supported(struct fsnotify_group *group, * but because we always allowed it, error only when using new APIs. */ if (strict_dir_events && mark_type == FAN_MARK_INODE && - !d_is_dir(path->dentry) && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) + !is_dir && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) return -ENOTDIR; return 0; @@ -1778,10 +1790,14 @@ static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask, return -EPERM; /* - * Permission events require minimum priority FAN_CLASS_CONTENT. + * Permission events are not allowed for FAN_CLASS_NOTIF. + * Pre-content permission events are not allowed for FAN_CLASS_CONTENT. */ if (mask & FANOTIFY_PERM_EVENTS && - group->priority < FSNOTIFY_PRIO_CONTENT) + group->priority == FSNOTIFY_PRIO_NORMAL) + return -EINVAL; + else if (mask & FANOTIFY_PRE_CONTENT_EVENTS && + group->priority == FSNOTIFY_PRIO_CONTENT) return -EINVAL; if (mask & FAN_FS_ERROR && diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index 89ff45bd6f01..c747af064d2c 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -89,6 +89,16 @@ #define FANOTIFY_DIRENT_EVENTS (FAN_MOVE | FAN_CREATE | FAN_DELETE | \ FAN_RENAME) +/* Content events can be used to inspect file content */ +#define FANOTIFY_CONTENT_PERM_EVENTS (FAN_OPEN_PERM | FAN_OPEN_EXEC_PERM | \ + FAN_ACCESS_PERM) +/* Pre-content events can be used to fill file content */ +#define FANOTIFY_PRE_CONTENT_EVENTS (FAN_PRE_ACCESS) + +/* Events that require a permission response from user */ +#define FANOTIFY_PERM_EVENTS (FANOTIFY_CONTENT_PERM_EVENTS | \ + FANOTIFY_PRE_CONTENT_EVENTS) + /* Events that can be reported with event->fd */ #define FANOTIFY_FD_EVENTS (FANOTIFY_PATH_EVENTS | FANOTIFY_PERM_EVENTS) @@ -104,10 +114,6 @@ FANOTIFY_INODE_EVENTS | \ FANOTIFY_ERROR_EVENTS) -/* Events that require a permission response from user */ -#define FANOTIFY_PERM_EVENTS (FAN_OPEN_PERM | FAN_ACCESS_PERM | \ - FAN_OPEN_EXEC_PERM) - /* Extra flags that may be reported with event or control handling of events */ #define FANOTIFY_EVENT_FLAGS (FAN_EVENT_ON_CHILD | FAN_ONDIR) diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 79072b6894f2..7596168c80eb 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -27,6 +27,8 @@ #define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ /* #define FAN_DIR_MODIFY 0x00080000 */ /* Deprecated (reserved) */ +#define FAN_PRE_ACCESS 0x00100000 /* Pre-content access hook */ + #define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */ #define FAN_RENAME 0x10000000 /* File was renamed */ From patchwork Fri Nov 15 15:30:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876422 Received: from mail-yw1-f176.google.com (mail-yw1-f176.google.com [209.85.128.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A63D1E5727 for ; Fri, 15 Nov 2024 15:31:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684703; cv=none; b=IUqzDELoC7yKhzbPK1GsBmvMUQb+dwb07FIScDWcu7Y1z/JNe9+kgccdOwFHHDY0tKwyNSrNTokQ7gCe2zvY7bv49tfkFfcbWci4U5r4PicAAWp/jCQ6hxhtAclQoUcBAaCodOMvj9/QvQMF5vvNYLcLFEyNO6DnXmm9YJNuEKk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684703; c=relaxed/simple; bh=+vh7XYQNc0Mmotjj/me3TyhwT+zvkyytR/geptCocis=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=edf4Czbn+jEF6WyRbuCjZ8bEs55x0b9XCKr2HAbr8MJb7Y/IU+nBlMUpwqgJUuxKD5IADzlSjpZbJLfedInQNxFDleMST3pA6VHbK70iw7cdDblrIqf4Gx+n5TcKY8/8vpqKrxMCMSOyAmCO1FM9X6pPvb6ScaJDQzpHpSz4aT4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=CzPngsSg; arc=none smtp.client-ip=209.85.128.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="CzPngsSg" Received: by mail-yw1-f176.google.com with SMTP id 00721157ae682-6e9ba45d67fso20651657b3.1 for ; Fri, 15 Nov 2024 07:31:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684700; x=1732289500; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=28nbpQbjD2HwWvaUP2yIn55iQ73mbNzvgMCNeqvC6/0=; b=CzPngsSg0Ayw3cUraqYxPvvJeSwl+98SJlyONkNew3pXIGP4C+89njHXE6gH3xvyWt E98tBfyqeIMK/auuK7/I4H4DtI0vDHAOjcBJxxck45fhscVx9hz3Lula421yi+Z2oNjJ kw+dJ71JpXOFuTgi3oa7OMkGO9YnRWiq+HYhT/10Rmj9bCcdFS7+BVKIz5wqI4w3uMmp Je3TDKHj4Vb7cX9t0SPehKaslDonRsROR+SwO9qBxJSe92mqgSQBvvDb/B+lO13rR4dy o6/+Kx4fj+THDZvfe0vmDNXP1r2K95+kG/xLe2FhQFiTsUOIbifZhJrBM417v8JECcpD xZCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684700; x=1732289500; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=28nbpQbjD2HwWvaUP2yIn55iQ73mbNzvgMCNeqvC6/0=; b=rmzbLZAxx4YL14eZQBTYBtZ+K/aHszlSenTZFKkcSKx/tsflBXUPrYsqd5HyTrWeHX NXFRkLZLjcUWjsQ/4ybzeyEsscmO2fcAcrifQL4vTK9BQk40es2GiUYyleCzPT1Id13t 0gCI9vhHi1NAcx0H70NN1CIyKus2AqI0XmqSdo5C/wS0ZMMaQCtnldSCGA+Xb20LfZ5l 6ZGHEjlu+7dgsMa+CFp6a+FWE0i9/mtbFxKDpTLqBGoOUbDHjWbBrspWL2LmD0CP45uz rrpn6PysxdZ/qdVqHHbM3k2TQWe0iAOoUYvKqOKibRNnlixfHlYTUeCSIacSTElMeD2K QSiA== X-Forwarded-Encrypted: i=1; AJvYcCUCduZBd32AV1z3n4LQW5nHtd6EEl/Uc2vmeaBdxE2eXt86CPtVDsexfAhWskAnzDWXzG2UStR+5yssovHE@vger.kernel.org X-Gm-Message-State: AOJu0YzWSp4Dvs6hVlo4BJI5Z4PPiW++80iS8HKexCwd72Mmt48EWakZ XS4AMYlSSIO5XTZV09G6FpVH+j0QS/TQeTHTVyfPYp9RIEpfIk/OKKsgrFaEBSpsWTqs1SxAHht a X-Google-Smtp-Source: AGHT+IEjW291jTkKzHI4Ae+C3bnCRuhWYH/1lq2dSUG1bbeWzCUoX3SJFcI3pBBBVFezHIznGLjunA== X-Received: by 2002:a05:690c:67c9:b0:6ee:4bee:d912 with SMTP id 00721157ae682-6ee55c304afmr35158487b3.21.1731684699892; Fri, 15 Nov 2024 07:31:39 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee44413323sm7692477b3.77.2024.11.15.07.31.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:39 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 11/19] fanotify: report file range info with pre-content events Date: Fri, 15 Nov 2024 10:30:24 -0500 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein With group class FAN_CLASS_PRE_CONTENT, report offset and length info along with FAN_PRE_ACCESS pre-content events. This information is meant to be used by hierarchical storage managers that want to fill partial content of files on first access to range. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.h | 8 +++++++ fs/notify/fanotify/fanotify_user.c | 38 ++++++++++++++++++++++++++++++ include/uapi/linux/fanotify.h | 8 +++++++ 3 files changed, 54 insertions(+) diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h index 93598b7d5952..7f06355afa1f 100644 --- a/fs/notify/fanotify/fanotify.h +++ b/fs/notify/fanotify/fanotify.h @@ -448,6 +448,14 @@ static inline bool fanotify_is_perm_event(u32 mask) mask & FANOTIFY_PERM_EVENTS; } +static inline bool fanotify_event_has_access_range(struct fanotify_event *event) +{ + if (!(event->mask & FANOTIFY_PRE_CONTENT_EVENTS)) + return false; + + return FANOTIFY_PERM(event)->ppos; +} + static inline struct fanotify_event *FANOTIFY_E(struct fsnotify_event *fse) { return container_of(fse, struct fanotify_event, fse); diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 5ea447e9e5a8..c7938d9e8101 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -121,6 +121,8 @@ struct kmem_cache *fanotify_perm_event_cachep __ro_after_init; sizeof(struct fanotify_event_info_pidfd) #define FANOTIFY_ERROR_INFO_LEN \ (sizeof(struct fanotify_event_info_error)) +#define FANOTIFY_RANGE_INFO_LEN \ + (sizeof(struct fanotify_event_info_range)) static int fanotify_fid_info_len(int fh_len, int name_len) { @@ -180,6 +182,9 @@ static size_t fanotify_event_len(unsigned int info_mode, if (info_mode & FAN_REPORT_PIDFD) event_len += FANOTIFY_PIDFD_INFO_LEN; + if (fanotify_event_has_access_range(event)) + event_len += FANOTIFY_RANGE_INFO_LEN; + return event_len; } @@ -516,6 +521,30 @@ static int copy_pidfd_info_to_user(int pidfd, return info_len; } +static size_t copy_range_info_to_user(struct fanotify_event *event, + char __user *buf, int count) +{ + struct fanotify_perm_event *pevent = FANOTIFY_PERM(event); + struct fanotify_event_info_range info = { }; + size_t info_len = FANOTIFY_RANGE_INFO_LEN; + + if (WARN_ON_ONCE(info_len > count)) + return -EFAULT; + + if (WARN_ON_ONCE(!pevent->ppos)) + return -EINVAL; + + info.hdr.info_type = FAN_EVENT_INFO_TYPE_RANGE; + info.hdr.len = info_len; + info.offset = *(pevent->ppos); + info.count = pevent->count; + + if (copy_to_user(buf, &info, info_len)) + return -EFAULT; + + return info_len; +} + static int copy_info_records_to_user(struct fanotify_event *event, struct fanotify_info *info, unsigned int info_mode, int pidfd, @@ -637,6 +666,15 @@ static int copy_info_records_to_user(struct fanotify_event *event, total_bytes += ret; } + if (fanotify_event_has_access_range(event)) { + ret = copy_range_info_to_user(event, buf, count); + if (ret < 0) + return ret; + buf += ret; + count -= ret; + total_bytes += ret; + } + return total_bytes; } diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 7596168c80eb..0636a9c85dd0 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -146,6 +146,7 @@ struct fanotify_event_metadata { #define FAN_EVENT_INFO_TYPE_DFID 3 #define FAN_EVENT_INFO_TYPE_PIDFD 4 #define FAN_EVENT_INFO_TYPE_ERROR 5 +#define FAN_EVENT_INFO_TYPE_RANGE 6 /* Special info types for FAN_RENAME */ #define FAN_EVENT_INFO_TYPE_OLD_DFID_NAME 10 @@ -192,6 +193,13 @@ struct fanotify_event_info_error { __u32 error_count; }; +struct fanotify_event_info_range { + struct fanotify_event_info_header hdr; + __u32 pad; + __u64 offset; + __u64 count; +}; + /* * User space may need to record additional information about its decision. * The extra information type records what kind of information is included. From patchwork Fri Nov 15 15:30:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876423 Received: from mail-yb1-f173.google.com (mail-yb1-f173.google.com [209.85.219.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 29E221E572C for ; Fri, 15 Nov 2024 15:31:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684704; cv=none; b=Ozr18BV+9hhgfvpKLFA+rtMoSQ1LFFNSwXC6zF7ceZmnwkYc+yp6co7jLRAb8CZpOCU6riXmt7/ySVUux6IrHtsqFCV6wFlkhHC2JX2Vc0DzeQTtRdpIm72N784LIKGzuZOT4Vf6TYDL7+Hk9DPodWXaBw9mc88EJZ93TNvTlmc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684704; c=relaxed/simple; bh=8QgT87d7IRHmYsIHWC8NEeUxbOkarMkA5rhLmJDJhnY=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QtXMO1tOUSASsR6PMeP7eDvwg+sqvtJ8S+QEAWHZHw9OcGK9mqzhkXfWFJcIASTv2xFIBf8RXjS0/2FbPbU3n1QVtdDSCtwNJicGoTKeo2zu/TYLE9h9Rj6IF8pl2AvYrdZv0ZBB4QBV0CcbrOkhkqrOSveJrfKDpz57YMpr6wk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=Nt75ujSY; arc=none smtp.client-ip=209.85.219.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="Nt75ujSY" Received: by mail-yb1-f173.google.com with SMTP id 3f1490d57ef6-e3819b7b57dso838711276.1 for ; Fri, 15 Nov 2024 07:31:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684702; x=1732289502; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=oYVz+XyZ9SoqwtPGIrYcB7tf/DoyF2fJkEf/z8ZauDI=; b=Nt75ujSYKoPrx+ragcR482dSRrztpqtjOyePU6nkeYN5BrinqTeJQavi/8hWZ9d4or arkCxw79XeULrLfyYAH7Byza+yGwrD1sFW2jDAGIY6Xx6KQkoNoJMRYyV1Zkj/jjDI2R 7SmHjl/+fTO6ZiTrU+SRotrNjAqj2Gvz/hvAlIfvM5jWgnhMrMO5939j+QOTunXJMH7F 3RutpgxFMV6edxcR6zpVaiIW+cheMk3gm7c+IJDRMEav+zExklcJAzDp2RJpGDg+XwCx 8Hzg7Nw27PvvNaL6iMSq7QVXRM3u09CPx5PSt4kAFSJXia78PdkDGz5kW0CzVJSNDNNr xjgg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684702; x=1732289502; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oYVz+XyZ9SoqwtPGIrYcB7tf/DoyF2fJkEf/z8ZauDI=; b=TB8WlM3rZqtGukVmPPtYWUrXoSQzvRhDGQuxEB5DTaO7Y0paVmmSrE55tWnjlB3jp7 4R6qO3dRmyFCNkrhM7QZui8VnItKCADsB69QZWZ1IReHB+zp+gjH5jfLch2SZ6lp2bLD 2lfCGJYXXton2sTmDoy9pLTybvgWJlb1FIXOmopUZLHlbadyGEWig/4FnbVGXnqZKJZI vSb72w9w2lL4MdCdZADALuKU+CMfvyKpC0vnWTdEKnqfJ2krjWyZGEoG7I62sISmVuZ0 7xg/07nWFT2KNOWBvwbu6p0736HRUgHs57XdhyZkPwRxAzw9rwx98z/svk8++KIlGUXW LM0g== X-Forwarded-Encrypted: i=1; AJvYcCWdr1xLPF0Dkl+EmWZJkDwsNa9JlNWmbZNhBAqyt3u6RRUyKQPEaJcsE4R8x7lLyc1HWObmdcsC/KyIkfjf@vger.kernel.org X-Gm-Message-State: AOJu0Yy1Nkmr8Hvy9WYt5QexZfB8DoAbclYxWLrMPpQr+/MFoMx3fp75 GTFm7H2nuEzbU+qIClgg5HT/2mHTvcNyN5qRCfoJ/2A8x1DtOZcLcudX0Uz9N/c= X-Google-Smtp-Source: AGHT+IFoxy1YCQFnRgPtGkTRCMBhBl4Fu3YB1s0FmhMUuPf3HGnEc2HjxOuL+DFHWmE6fl1W/EqzGQ== X-Received: by 2002:a05:690c:603:b0:6ee:3c22:cc67 with SMTP id 00721157ae682-6ee558ca435mr38407687b3.0.1731684701510; Fri, 15 Nov 2024 07:31:41 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee440737bcsm7797587b3.61.2024.11.15.07.31.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:40 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 12/19] fanotify: allow to set errno in FAN_DENY permission response Date: Fri, 15 Nov 2024 10:30:25 -0500 Message-ID: <1e5fb6af84b69ca96b5c849fa5f10bdf4d1dc414.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein With FAN_DENY response, user trying to perform the filesystem operation gets an error with errno set to EPERM. It is useful for hierarchical storage management (HSM) service to be able to deny access for reasons more diverse than EPERM, for example EAGAIN, if HSM could retry the operation later. Allow fanotify groups with priority FAN_CLASSS_PRE_CONTENT to responsd to permission events with the response value FAN_DENY_ERRNO(errno), instead of FAN_DENY to return a custom error. Limit custom error values to errors expected on read(2)/write(2) and open(2) of regular files. This list could be extended in the future. Userspace can test for legitimate values of FAN_DENY_ERRNO(errno) by writing a response to an fanotify group fd with a value of FAN_NOFD in the fd field of the response. The change in fanotify_response is backward compatible, because errno is written in the high 8 bits of the 32bit response field and old kernels reject respose value with high bits set. Signed-off-by: Amir Goldstein --- fs/notify/fanotify/fanotify.c | 19 +++++++++++---- fs/notify/fanotify/fanotify.h | 5 ++++ fs/notify/fanotify/fanotify_user.c | 37 ++++++++++++++++++++++++++---- include/linux/fanotify.h | 5 +++- include/uapi/linux/fanotify.h | 7 ++++++ 5 files changed, 62 insertions(+), 11 deletions(-) diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index da6c3c1c7edf..e3d04d77caba 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -223,7 +223,8 @@ static int fanotify_get_response(struct fsnotify_group *group, struct fanotify_perm_event *event, struct fsnotify_iter_info *iter_info) { - int ret; + int ret, errno; + u32 decision; pr_debug("%s: group=%p event=%p\n", __func__, group, event); @@ -256,20 +257,28 @@ static int fanotify_get_response(struct fsnotify_group *group, goto out; } + decision = event->response & + (FANOTIFY_RESPONSE_ACCESS | FANOTIFY_RESPONSE_FLAGS); /* userspace responded, convert to something usable */ - switch (event->response & FANOTIFY_RESPONSE_ACCESS) { + switch (decision & FANOTIFY_RESPONSE_ACCESS) { case FAN_ALLOW: ret = 0; break; case FAN_DENY: + /* Check custom errno from pre-content events */ + errno = fanotify_get_response_errno(event->response); + if (errno) { + ret = -errno; + break; + } + fallthrough; default: ret = -EPERM; } /* Check if the response should be audited */ - if (event->response & FAN_AUDIT) - audit_fanotify(event->response & ~FAN_AUDIT, - &event->audit_rule); + if (decision & FAN_AUDIT) + audit_fanotify(decision & ~FAN_AUDIT, &event->audit_rule); pr_debug("%s: group=%p event=%p about to return ret=%d\n", __func__, group, event, ret); diff --git a/fs/notify/fanotify/fanotify.h b/fs/notify/fanotify/fanotify.h index 7f06355afa1f..9e93aba210c9 100644 --- a/fs/notify/fanotify/fanotify.h +++ b/fs/notify/fanotify/fanotify.h @@ -528,3 +528,8 @@ static inline unsigned int fanotify_mark_user_flags(struct fsnotify_mark *mark) return mflags; } + +static inline u32 fanotify_get_response_errno(int res) +{ + return res >> FAN_ERRNO_SHIFT; +} diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index c7938d9e8101..28aac467c7e2 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -327,11 +327,14 @@ static int process_access_response(struct fsnotify_group *group, struct fanotify_perm_event *event; int fd = response_struct->fd; u32 response = response_struct->response; + u32 decision = response & + (FANOTIFY_RESPONSE_ACCESS | FANOTIFY_RESPONSE_FLAGS); + int errno = fanotify_get_response_errno(response); int ret = info_len; struct fanotify_response_info_audit_rule friar; - pr_debug("%s: group=%p fd=%d response=%u buf=%p size=%zu\n", __func__, - group, fd, response, info, info_len); + pr_debug("%s: group=%p fd=%d response=%x errno=%d buf=%p size=%zu\n", + __func__, group, fd, response, errno, info, info_len); /* * make sure the response is valid, if invalid we do nothing and either * userspace can send a valid response or we will clean it up after the @@ -340,18 +343,42 @@ static int process_access_response(struct fsnotify_group *group, if (response & ~FANOTIFY_RESPONSE_VALID_MASK) return -EINVAL; - switch (response & FANOTIFY_RESPONSE_ACCESS) { + switch (decision & FANOTIFY_RESPONSE_ACCESS) { case FAN_ALLOW: + if (errno) + return -EINVAL; + break; case FAN_DENY: + /* Custom errno is supported only for pre-content groups */ + if (errno && group->priority != FSNOTIFY_PRIO_PRE_CONTENT) + return -EINVAL; + + /* + * Limit errno to values expected on open(2)/read(2)/write(2) + * of regular files. + */ + switch (errno) { + case 0: + case EIO: + case EPERM: + case EBUSY: + case ETXTBSY: + case EAGAIN: + case ENOSPC: + case EDQUOT: + break; + default: + return -EINVAL; + } break; default: return -EINVAL; } - if ((response & FAN_AUDIT) && !FAN_GROUP_FLAG(group, FAN_ENABLE_AUDIT)) + if ((decision & FAN_AUDIT) && !FAN_GROUP_FLAG(group, FAN_ENABLE_AUDIT)) return -EINVAL; - if (response & FAN_INFO) { + if (decision & FAN_INFO) { ret = process_access_response_info(info, info_len, &friar); if (ret < 0) return ret; diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h index c747af064d2c..d9bb48976b53 100644 --- a/include/linux/fanotify.h +++ b/include/linux/fanotify.h @@ -132,7 +132,10 @@ /* These masks check for invalid bits in permission responses. */ #define FANOTIFY_RESPONSE_ACCESS (FAN_ALLOW | FAN_DENY) #define FANOTIFY_RESPONSE_FLAGS (FAN_AUDIT | FAN_INFO) -#define FANOTIFY_RESPONSE_VALID_MASK (FANOTIFY_RESPONSE_ACCESS | FANOTIFY_RESPONSE_FLAGS) +#define FANOTIFY_RESPONSE_ERRNO (FAN_ERRNO_MASK << FAN_ERRNO_SHIFT) +#define FANOTIFY_RESPONSE_VALID_MASK \ + (FANOTIFY_RESPONSE_ACCESS | FANOTIFY_RESPONSE_FLAGS | \ + FANOTIFY_RESPONSE_ERRNO) /* Do not use these old uapi constants internally */ #undef FAN_ALL_CLASS_BITS diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h index 0636a9c85dd0..bd8167979707 100644 --- a/include/uapi/linux/fanotify.h +++ b/include/uapi/linux/fanotify.h @@ -235,6 +235,13 @@ struct fanotify_response_info_audit_rule { /* Legit userspace responses to a _PERM event */ #define FAN_ALLOW 0x01 #define FAN_DENY 0x02 +/* errno other than EPERM can specified in upper byte of deny response */ +#define FAN_ERRNO_BITS 8 +#define FAN_ERRNO_SHIFT (32 - FAN_ERRNO_BITS) +#define FAN_ERRNO_MASK ((1 << FAN_ERRNO_BITS) - 1) +#define FAN_DENY_ERRNO(err) \ + (FAN_DENY | ((((__u32)(err)) & FAN_ERRNO_MASK) << FAN_ERRNO_SHIFT)) + #define FAN_AUDIT 0x10 /* Bitmask to create audit record for result */ #define FAN_INFO 0x20 /* Bitmask to indicate additional information */ From patchwork Fri Nov 15 15:30:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876424 Received: from mail-yw1-f170.google.com (mail-yw1-f170.google.com [209.85.128.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 347331E884D for ; Fri, 15 Nov 2024 15:31:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684705; cv=none; b=RXKmj9UuqmdQbdk9n0wDviTyzQO7f0xC2mmMmJc7ns+dNcMMZTNvw+l0lRnOH36rqwQNqGTtrVbVVvaJer6/gUKboL/GmtEzvv1AxIMkGBh6KISq20NC6VN7mV7H5smQlX6X1FZ+2f+QOs+6sM1pGyvyAWqb1i1QQfMqCdkFQkA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684705; c=relaxed/simple; bh=S8KtXYKv5KBhFWGf/VgvN+plHsknP1dZU8l0VOqJqrs=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=V34X2/4rM2+3BZ+zFkneBbYNfPms0PVOkH6jcUb4TP5yOoUy97ZKo+O1bJ0u23yAZumnmpn62HY8GqEQfbwW35W/F/GwVNT4oTn1DIzMO58NJ+MPDEPObRZujcIvKNqCkXHP+K6vPbXOAZRARby5WAQyI1ctyZpu8eUWyxisAKw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=cjESmci0; arc=none smtp.client-ip=209.85.128.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="cjESmci0" Received: by mail-yw1-f170.google.com with SMTP id 00721157ae682-6ee40e83288so24261967b3.1 for ; Fri, 15 Nov 2024 07:31:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684703; x=1732289503; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=rLlpuiMn0030yB3+s74DQOOZuZXxBi++zrJRvWIMp3o=; b=cjESmci0eXPgddC80zNMv3Udj7cRoLwt04JjPWZFgXE4tKyGTzGiIXhCUbbHYZ/69n qn0lkya+Xq+oZD3R8S8/rNjn5yQRNFm/czvtmqDhXcWfUkd79+KiJfkkphomJ3lAZZYu Km5G3flx5Xr/fzAiuLt7WRo/QpUlfd20+JLLfDmXL7wFdciCvHVIMgKoyJPgVpu/J5O6 OV3oGaUHK15lyJoJN1eQDK/MWqmxEUPDFxiRFtpL28Sfi/76yjooWM3hqemO22YEwMz6 6hDZdzNz2zC2UWbYuUwBxl7aNfehFbAPBl88uD4mRStfZWWH8MrmHitXlVNApIQFc1ge TBjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684703; x=1732289503; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rLlpuiMn0030yB3+s74DQOOZuZXxBi++zrJRvWIMp3o=; b=jEVQjaSEa1kChLKC6RGe9UNJWghd97EjWXBpDGpK2/xzUqtn67F32ul1KxQW/i2yMU gT4gNLS8vRxpHbzrvg7QxFLQTuefT8CIQVh9hV7ByFwsbSr3H0nv4gw5cFPLGqOI1R9V FGB1conJwtiETIHL97NJxS5IusmpxyJ4l4KudzFJV9PxM4dd+O2lgEBHBpgsqlFST4Dd V4wXZJE2nT2vs64Hym8oCgkulkPzr8maB/EK21557IFlB2V7zoNvgw8dalYk7Iiub/RQ tGjXIMuT4GCnoAbvsQzvdhvI/LcdICHjMr9/Aff8toaC5Zxz+pMNdQ9HAs/P80nyzOmB bJ6Q== X-Forwarded-Encrypted: i=1; AJvYcCWqiXW5uZ41lAqqAJi68dh2WdaMQ1Va88IqcgUoOqIP83ohSh0FlZycj/o/1CAOH0OGPzUYbnRHaw9khaFV@vger.kernel.org X-Gm-Message-State: AOJu0YyAZhnrWEoP01rqU2J1VpI7mC/vMs6cYi7dw+HrnU64Nms0pHUW vhMRNQbR0Ip1HzZwRA8Y2Xj6mVBD3EpjrTiCFtAM8FCGnGxti1cct5D15FlE2WnUqYuo+QMPYtU b X-Google-Smtp-Source: AGHT+IHLmXNsFgoxeQH2zoAuWGXM6iZ0/bFoZDUBvajKhRUeKgJ2+BFXj02LrLEKz+I9Qy3GGhxCnw== X-Received: by 2002:a05:690c:6806:b0:6dc:7877:1ea3 with SMTP id 00721157ae682-6ee55a6c9ebmr38646357b3.17.1731684703143; Fri, 15 Nov 2024 07:31:43 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee4400c7dasm7862627b3.24.2024.11.15.07.31.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:42 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 13/19] fanotify: add a helper to check for pre content events Date: Fri, 15 Nov 2024 10:30:26 -0500 Message-ID: <657f50e37d6d8f908c13f652129bcdd34ed7f4a9.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Amir Goldstein We want to emit events during page fault, and calling into fanotify could be expensive, so add a helper to allow us to skip calling into fanotify from page fault. This will also be used to disable readahead for content watched files which will be handled in a subsequent patch. Signed-off-by: Josef Bacik Signed-off-by: Amir Goldstein --- include/linux/fsnotify.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 08893429a818..d5a0d8648000 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -178,6 +178,11 @@ static inline void file_set_fsnotify_mode(struct file *file) } } +static inline bool fsnotify_file_has_pre_content_watches(struct file *file) +{ + return file && unlikely(FMODE_FSNOTIFY_HSM(file->f_mode)); +} + /* * fsnotify_file_area_perm - permission hook before access to file range */ @@ -264,6 +269,11 @@ static inline void file_set_fsnotify_mode(struct file *file) { } +static inline bool fsnotify_file_has_pre_content_watches(struct file *file) +{ + return false; +} + static inline int fsnotify_file_area_perm(struct file *file, int perm_mask, const loff_t *ppos, size_t count) { From patchwork Fri Nov 15 15:30:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876430 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D51C61F708D for ; Fri, 15 Nov 2024 15:32:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684724; cv=none; b=YRKKmR6q92Om+V4hy8LElPZUHpgoIPKd8e3GIvnDg/yroQ2aiWBQh+9U6vstjDzP1VBdWfr58yV7yp6swjxYOsZhtVFRyVJ92P0kGlPnQpAW13jwp/I61ern9CoqWEuEofuQBzQVet5klIzrAsuLiFiIjJ7QcYBj/oKQuHYVbog= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684724; c=relaxed/simple; bh=+l9EWxArkxZP8ea+ZGgm7I/UwC2ThOnM6mqb60PUC1g=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=HxCKMOOoN4AfREraLi6Vw/rc1bYQW0d1XR3rRD9jrF65VtR6Qb1T+cTszQeogY13hSxttm7u7rWlGpE0NbHhF6LMeG0f0D8SlcuBOCTX8s4zs0yMCNcOdwZfJzLwqyS5msFzR3jMAXRY6M+4k3NBLryDmodw9PcyTe4n4hSbNtI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=qf2O11I7; arc=none smtp.client-ip=209.85.214.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="qf2O11I7" Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-20cbcd71012so22820735ad.3 for ; Fri, 15 Nov 2024 07:32:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684722; x=1732289522; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GWXqETStm7Md/ZZi4QCCd1GSXP4JC1lp6P3n7C6qnQo=; b=qf2O11I7ymYVCJ+NkAZ0PashgAyJ6uE17jb20O8NynYc7riEYo92P1HNOvH5CMOQ6c TIwRukKgSrNHGyeWeGCjueZZGZiQYjAhp3H43Adq3Jex8E/IRFSIbUYPnRUTcYXKZBto olRPNkh4C40kNNM5QIIS0kDAkBAojv6n+CMDfhGgDC7YSvdJlwdjfPALrGQsUtJ/2O87 k682Jp5u+CpYoaf2JXOc4rqRdFsXDyLjiytVV2D/UZbio4/2q0cs0PNUCWqwf8HYbLYZ VbLRnGk6oTXvpJRUXcz01b0D673/oO8NTm2p90YxSVGYJspGbji9/j+zzcmy230rsyzF bU7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684722; x=1732289522; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GWXqETStm7Md/ZZi4QCCd1GSXP4JC1lp6P3n7C6qnQo=; b=J+tBS8oIz/n3iiWLqTjS3AGoaXdKlv4oJDDv2awpsiSMWKy2RxwAgC4U0/aJQ/87Kw bS9qUmrZKlgRWQCPi1glwrFjK2NJYOuxUx/2QVcORnmHcUJuKeSVULO1xLoj0YzgLdS6 tqZyWTi0FsEpj83vfJhUdTSVwTq5wX0YY2ccFtTPLESXhg3JZ+pBVE5YVc9+HhaGmFm5 6ObkHjnyjmuGgXMwcuAld0q7XnTliHzUDj/IR1Yq5ceYgDGQ95C8kVU8MbEbXGNqL5tY uFRTqd9sUgt1G/7tTXx4eMKUy9EyEbzxAFaTzhBK7GuQTIE1m715Q0yRh7OamF+NMbYd QhtA== X-Forwarded-Encrypted: i=1; AJvYcCVp2VzCmJoMlvXG0qtm6YQUGWje+F4TKN54jURiHu7qWlYRUI5d1gOsqMCcG+LdAIiV6l6O6kEc9kwVfr1z@vger.kernel.org X-Gm-Message-State: AOJu0YyN93o1Ep/iwPeNgpaUwmYOGsuWVJ5zAniHR5Kbm7KhR4ZbEADF 8DXfTxufEXTaECXkA6yR+oPxizH4XXBSfOc6Q+dRjTT8Sblb1+TUmGDxP4QZK8nc90mKOLiAQha 2 X-Google-Smtp-Source: AGHT+IEHUujjEReLNYNPy+KE0ogVxqRd47YtuHwtc3zNs/tYtNRt3+/0IcuvnNweNADhk1HvQaDdYw== X-Received: by 2002:a05:6902:20c7:b0:e29:1627:d4d3 with SMTP id 3f1490d57ef6-e38263c0d7amr3021251276.41.1731684704575; Fri, 15 Nov 2024 07:31:44 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e381545ae18sm987344276.46.2024.11.15.07.31.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:44 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 14/19] fanotify: disable readahead if we have pre-content watches Date: Fri, 15 Nov 2024 10:30:27 -0500 Message-ID: <70a54e859f555e54bc7a47b32fe5aca92b085615.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 With page faults we can trigger readahead on the file, and then subsequent faults can find these pages and insert them into the file without emitting an fanotify event. To avoid this case, disable readahead if we have pre-content watches on the file. This way we are guaranteed to get an event for every range we attempt to access on a pre-content watched file. Reviewed-by: Christian Brauner Signed-off-by: Josef Bacik --- mm/filemap.c | 12 ++++++++++++ mm/readahead.c | 13 +++++++++++++ 2 files changed, 25 insertions(+) diff --git a/mm/filemap.c b/mm/filemap.c index 196779e8e396..68ea596f6905 100644 --- a/mm/filemap.c +++ b/mm/filemap.c @@ -3151,6 +3151,14 @@ static struct file *do_sync_mmap_readahead(struct vm_fault *vmf) unsigned long vm_flags = vmf->vma->vm_flags; unsigned int mmap_miss; + /* + * If we have pre-content watches we need to disable readahead to make + * sure that we don't populate our mapping with 0 filled pages that we + * never emitted an event for. + */ + if (fsnotify_file_has_pre_content_watches(file)) + return fpin; + #ifdef CONFIG_TRANSPARENT_HUGEPAGE /* Use the readahead code, even if readahead is disabled */ if ((vm_flags & VM_HUGEPAGE) && HPAGE_PMD_ORDER <= MAX_PAGECACHE_ORDER) { @@ -3219,6 +3227,10 @@ static struct file *do_async_mmap_readahead(struct vm_fault *vmf, struct file *fpin = NULL; unsigned int mmap_miss; + /* See comment in do_sync_mmap_readahead. */ + if (fsnotify_file_has_pre_content_watches(file)) + return fpin; + /* If we don't want any read-ahead, don't bother */ if (vmf->vma->vm_flags & VM_RAND_READ || !ra->ra_pages) return fpin; diff --git a/mm/readahead.c b/mm/readahead.c index 9a807727d809..b42792c20605 100644 --- a/mm/readahead.c +++ b/mm/readahead.c @@ -128,6 +128,7 @@ #include #include #include +#include #include "internal.h" @@ -544,6 +545,14 @@ void page_cache_sync_ra(struct readahead_control *ractl, unsigned long max_pages, contig_count; pgoff_t prev_index, miss; + /* + * If we have pre-content watches we need to disable readahead to make + * sure that we don't find 0 filled pages in cache that we never emitted + * events for. + */ + if (fsnotify_file_has_pre_content_watches(ractl->file)) + return; + /* * Even if readahead is disabled, issue this request as readahead * as we'll need it to satisfy the requested range. The forced @@ -622,6 +631,10 @@ void page_cache_async_ra(struct readahead_control *ractl, if (!ra->ra_pages) return; + /* See the comment in page_cache_sync_ra. */ + if (fsnotify_file_has_pre_content_watches(ractl->file)) + return; + /* * Same bit is used for PG_readahead and PG_reclaim. */ From patchwork Fri Nov 15 15:30:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876426 Received: from mail-ot1-f53.google.com (mail-ot1-f53.google.com [209.85.210.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B4F2F1E9060 for ; Fri, 15 Nov 2024 15:31:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684716; cv=none; b=iyNC1dMb6hPO2aMbK5qvQs15wZOeA4Xn+cDxaPYb/3gjCQVHVsBhazXE+ibHT6BSlHryKdpVEgO/H91HgYhPNEFx2bFdOGvRGgwuruOhVerJGEaRWXjvXEIdrGkzqnbll5roB7+ejhy0+AKHatcW++YKO5k6511KQ01aK78d6F4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684716; c=relaxed/simple; bh=PPbePcs2WGvhpmWcX89Tq9aMCCGa8+t1geWVk1JQ/rg=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qqbfpRFSF1DPzhdrjlir233e5NNXWF516eBRNz1QMAQCROw5CE+we0tpIr2OC2hDRVb/xeULG4nrCpV9YfbMbG/5QAsJKt0cpLUL6zaRjK6JfuSTOs1VyvQlsdZE8jgdNfkKyQRm85yz3LJIRGN6edM9OZIKfEruUVr5fv8C/F0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=oBe0EtWQ; arc=none smtp.client-ip=209.85.210.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="oBe0EtWQ" Received: by mail-ot1-f53.google.com with SMTP id 46e09a7af769-7183a3f3beaso924709a34.1 for ; Fri, 15 Nov 2024 07:31:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684713; x=1732289513; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=UmMh2R9TaZZeTO+3Pa04+NECyzvSza2nfFK0oCoLtcs=; b=oBe0EtWQuwl88cCU5pTvTDkB/94N5XzWzaD3zlA6XpaCdsxhM9FEYAhy7NFj6hJ/5e fPoANvxD874ilkta+gRbLOycSq8Rdaoivm4Hy50CyqpEtUUESWkaxNykV8O8dToXo8d0 YDe8QLamWU2B7rEIrcz+HMJwOKXUBmdWCXEk5Gr/qhWRRGUjKjI2yaE7TfzhVSR/w8tN Nij/ncSEtuB0ENvFeh1P7Y3CT23ad9PRgF2yoiy8KUUOukcSCpU5/CN1CQDXWjJJnaJf iOxKK3OyEOObXKi1CRQotq77wT9aYZfj/Z6zi5UZxrK9AmCH21ivYJknNi7HPbd4NdsA ycZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684713; x=1732289513; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UmMh2R9TaZZeTO+3Pa04+NECyzvSza2nfFK0oCoLtcs=; b=G8xLCozAg8wQ6JGX1VhpzkxOpJcG+bE194DtLXZ+miefd1/LGXZxnf8x+QDdvIEjwm zt358ra9jjlSB/J2SCFQDccSaEOjDuOGQdz4G2v4BdHcPgzq3pqeSmWAt1s27GW0ZEuN oEkNFKV8vM7TUOKScqOO3BcYwA1yNBQj5XSBQc+6gSVabvGSh6O0Cd4EyDdWQNWplYxA BDfmWq9Dsa5rzuLoR0LNX1uFf5fac8qchkRE+MRFK/OtW1TZsE67LW587NKqsdzP+3NF H8rcIVHmu1tAG7+SJYGRJRFljMFh8SOLJcNBmB0r/4vr87P8L5j8FiHWiK7e03E0ft85 PS1w== X-Forwarded-Encrypted: i=1; AJvYcCUYXXLq/TwuMXl/CPjsz0hSAY1PPwXAoXMyUbS0UOZGLL8C48OjldUXbU0PRvz+A4jvkU+ipEYaUvgctT5+@vger.kernel.org X-Gm-Message-State: AOJu0Yz0WDAzE/Pk/0N6tK0+KpPVHT5p1PPZnechDoRLJ7Lx3Dw0j21x K9W2tS1Q2h3klCWVyOEGCGpmhSR9DtCo/CG35nyxE1viA363F5RSY+6rA+1reRk= X-Google-Smtp-Source: AGHT+IHtKZ3WiG2a6Yh90R7O7Da3Go40IEKMQxser6w6wpGF8sO84iqOBIyuVxo5A9VSaCx3/txhnw== X-Received: by 2002:a05:6830:d8c:b0:718:9df:997f with SMTP id 46e09a7af769-71a779b2c25mr3850260a34.14.1731684712917; Fri, 15 Nov 2024 07:31:52 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee4400c6e6sm7807317b3.9.2024.11.15.07.31.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:52 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 15/19] mm: don't allow huge faults for files with pre content watches Date: Fri, 15 Nov 2024 10:30:28 -0500 Message-ID: <9035b82cff08a3801cef3d06bbf2778b2e5a4dba.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 There's nothing stopping us from supporting this, we could simply pass the order into the helper and emit the proper length. However currently there's no tests to validate this works properly, so disable it until there's a desire to support this along with the appropriate tests. Reviewed-by: Christian Brauner Signed-off-by: Josef Bacik --- mm/memory.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/mm/memory.c b/mm/memory.c index bdf77a3ec47b..843ad75a4148 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -78,6 +78,7 @@ #include #include #include +#include #include @@ -5637,8 +5638,17 @@ static vm_fault_t do_numa_page(struct vm_fault *vmf) static inline vm_fault_t create_huge_pmd(struct vm_fault *vmf) { struct vm_area_struct *vma = vmf->vma; + struct file *file = vma->vm_file; if (vma_is_anonymous(vma)) return do_huge_pmd_anonymous_page(vmf); + /* + * Currently we just emit PAGE_SIZE for our fault events, so don't allow + * a huge fault if we have a pre content watch on this file. This would + * be trivial to support, but there would need to be tests to ensure + * this works properly and those don't exist currently. + */ + if (fsnotify_file_has_pre_content_watches(file)) + return VM_FAULT_FALLBACK; if (vma->vm_ops->huge_fault) return vma->vm_ops->huge_fault(vmf, PMD_ORDER); return VM_FAULT_FALLBACK; @@ -5648,6 +5658,7 @@ static inline vm_fault_t create_huge_pmd(struct vm_fault *vmf) static inline vm_fault_t wp_huge_pmd(struct vm_fault *vmf) { struct vm_area_struct *vma = vmf->vma; + struct file *file = vma->vm_file; const bool unshare = vmf->flags & FAULT_FLAG_UNSHARE; vm_fault_t ret; @@ -5662,6 +5673,9 @@ static inline vm_fault_t wp_huge_pmd(struct vm_fault *vmf) } if (vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) { + /* See comment in create_huge_pmd. */ + if (fsnotify_file_has_pre_content_watches(file)) + goto split; if (vma->vm_ops->huge_fault) { ret = vma->vm_ops->huge_fault(vmf, PMD_ORDER); if (!(ret & VM_FAULT_FALLBACK)) @@ -5681,9 +5695,13 @@ static vm_fault_t create_huge_pud(struct vm_fault *vmf) #if defined(CONFIG_TRANSPARENT_HUGEPAGE) && \ defined(CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD) struct vm_area_struct *vma = vmf->vma; + struct file *file = vma->vm_file; /* No support for anonymous transparent PUD pages yet */ if (vma_is_anonymous(vma)) return VM_FAULT_FALLBACK; + /* See comment in create_huge_pmd. */ + if (fsnotify_file_has_pre_content_watches(file)) + return VM_FAULT_FALLBACK; if (vma->vm_ops->huge_fault) return vma->vm_ops->huge_fault(vmf, PUD_ORDER); #endif /* CONFIG_TRANSPARENT_HUGEPAGE */ @@ -5695,12 +5713,16 @@ static vm_fault_t wp_huge_pud(struct vm_fault *vmf, pud_t orig_pud) #if defined(CONFIG_TRANSPARENT_HUGEPAGE) && \ defined(CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD) struct vm_area_struct *vma = vmf->vma; + struct file *file = vma->vm_file; vm_fault_t ret; /* No support for anonymous transparent PUD pages yet */ if (vma_is_anonymous(vma)) goto split; if (vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) { + /* See comment in create_huge_pmd. */ + if (fsnotify_file_has_pre_content_watches(file)) + goto split; if (vma->vm_ops->huge_fault) { ret = vma->vm_ops->huge_fault(vmf, PUD_ORDER); if (!(ret & VM_FAULT_FALLBACK)) From patchwork Fri Nov 15 15:30:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876428 Received: from mail-yw1-f179.google.com (mail-yw1-f179.google.com [209.85.128.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 63D2E1F4275 for ; Fri, 15 Nov 2024 15:31:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684717; cv=none; b=TvT2NDRyMghmjfo9ew7EY7m44iVSk77JFYK62/HrLNLjipZnD5B/Fhn8cHL/zckuTt2GGtxPnfBISC087h1eFv8tS+41qVaSkTlpuKFP5XJAHs1YQE27j8r3tf7Qp2JHFJsg/aNNPZJOv/BU5HjPzpl0lx4MKMSsNoXXSr33VMo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684717; c=relaxed/simple; bh=32HChrQf54ppyFpL+uRbV0WQCoSZt7JFC7d0t8FH4FM=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=btulAgVD7cmF0uq0/uqnEolFA8mNj5+CYPjB+cqwolmKyTN/PAgyQJ/h+vAWKpLL2SgdyFtN9J9Ck2WDaYw43UgXjKG2n7kP1vwbsXcMowPQajuqIbe5sxGbLddb3sNtkIscpe45i3AuGz1a0vrmy324yOd0URjsfLnNsZ+lUjY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=jA61qXD0; arc=none smtp.client-ip=209.85.128.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="jA61qXD0" Received: by mail-yw1-f179.google.com with SMTP id 00721157ae682-6ee4460fd7bso16249867b3.0 for ; Fri, 15 Nov 2024 07:31:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684714; x=1732289514; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=3KCTaRjNmkxmxaKf/dEMrgpxbgs8A3iRugI4cag6Bm4=; b=jA61qXD0D+5s1K3oXaOlt3fiKxBu4Z1olSsgdJsIA0G38KJ8AqkvsFDcLzgAlrJZ52 Hn24JTZTb1L2XNUb5XqEBTOzJ98S98UZYMp5rc9YC71wP6Ffo3/EZ34kLqFby2MNPi6Y Ofgo+NSfyVe67MVsvzVOqQZjMa1t16WDshS1PMB0R1f8rnItl1WpQQarS0gebZUMLrJf v8hjEm5gZYyZJoP0Wx8p3pVpjyp1dSaXDuaHTxo2lQULdK2V30Zi+ygWrCtFBEmZ2trn pSsRhAIGONoFL8/ueM9bhjgi3Ms1Ikaqjkqi/WzdLBk+oZOs4PWPkRgd3XbpBbV3R1/h Ziww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684714; x=1732289514; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3KCTaRjNmkxmxaKf/dEMrgpxbgs8A3iRugI4cag6Bm4=; b=gAVB29ILJkXi7iE/faMJGiFENFkfFfMAQMIxLdn625dyeNui68wUi3LFanhoSHnVMK U0LrdcQfKH30XJ8y7scS8rC679A6sWDSzhuzzo0MJFEGaMITC4p/zvsDYoAfVWZoJrb0 zI8OEIz3u3sY0aq16l3oGUZlDs7b4JBHDPSrt9fw8nte/q4XAeWO5aOtBcYhwzwW6ylb pnUfYq3Dy9ENd4T+BbzrD4HhQbXJITGpSC/cFnm/+GBHiNiuPYrHEuLivWqfwE3brePp McaNf3XM38778X3ghw2N/F9pcNBAjDDe+g8788v8o87lAMhpDR2DKRfRODYYfJ/g/x8l w5wA== X-Forwarded-Encrypted: i=1; AJvYcCXf3ruOYag5xargeLsiRcX3gwBUmgCDMpgnnncYCC0VTDW63JTtLVy+dJf/R89qPdkPjoKhBtP7+gUkjbTX@vger.kernel.org X-Gm-Message-State: AOJu0Yw2Yy1LE9s6ULnCJ2sHx54QCq8Sac9otvoj9KiipipumuJKuxxR C6C8uqciahLxjSClsJY1KBPAwq+UtNJ9DY81zzSCu1dkUn5Z/C72At1seg6tTxSaw9QUVbY7njb U X-Google-Smtp-Source: AGHT+IFmVYcZJStgSp9a9E1dsOyyT4rBH0daYbq6mRod+diiaSsdzS2Ed6cQkqbS64804RotiUDKFQ== X-Received: by 2002:a05:690c:9:b0:6e2:a129:1623 with SMTP id 00721157ae682-6ee55c69ee9mr29748387b3.38.1731684714337; Fri, 15 Nov 2024 07:31:54 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee4444ccdfsm7704207b3.120.2024.11.15.07.31.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:53 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 16/19] fsnotify: generate pre-content permission event on page fault Date: Fri, 15 Nov 2024 10:30:29 -0500 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 FS_PRE_ACCESS or FS_PRE_MODIFY will be generated on page fault depending on the faulting method. This pre-content event is meant to be used by hierarchical storage managers that want to fill in the file content on first read access. Export a simple helper that file systems that have their own ->fault() will use, and have a more complicated helper to be do fancy things with in filemap_fault. Signed-off-by: Josef Bacik --- include/linux/mm.h | 1 + mm/filemap.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 79 insertions(+) diff --git a/include/linux/mm.h b/include/linux/mm.h index 01c5e7a4489f..90155ef8599a 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -3406,6 +3406,7 @@ extern vm_fault_t filemap_fault(struct vm_fault *vmf); extern vm_fault_t filemap_map_pages(struct vm_fault *vmf, pgoff_t start_pgoff, pgoff_t end_pgoff); extern vm_fault_t filemap_page_mkwrite(struct vm_fault *vmf); +extern vm_fault_t filemap_fsnotify_fault(struct vm_fault *vmf); extern unsigned long stack_guard_gap; /* Generic expand stack which grows the stack according to GROWS{UP,DOWN} */ diff --git a/mm/filemap.c b/mm/filemap.c index 68ea596f6905..0bf7d645dec5 100644 --- a/mm/filemap.c +++ b/mm/filemap.c @@ -47,6 +47,7 @@ #include #include #include +#include #include #include #include "internal.h" @@ -3289,6 +3290,52 @@ static vm_fault_t filemap_fault_recheck_pte_none(struct vm_fault *vmf) return ret; } +/** + * filemap_fsnotify_fault - maybe emit a pre-content event. + * @vmf: struct vm_fault containing details of the fault. + * @folio: the folio we're faulting in. + * + * If we have a pre-content watch on this file we will emit an event for this + * range. If we return anything the fault caller should return immediately, we + * will return VM_FAULT_RETRY if we had to emit an event, which will trigger the + * fault again and then the fault handler will run the second time through. + * + * This is meant to be called with the folio that we will be filling in to make + * sure the event is emitted for the correct range. + * + * Return: a bitwise-OR of %VM_FAULT_ codes, 0 if nothing happened. + */ +vm_fault_t filemap_fsnotify_fault(struct vm_fault *vmf) +{ + struct file *fpin = NULL; + int mask = (vmf->flags & FAULT_FLAG_WRITE) ? MAY_WRITE : MAY_ACCESS; + loff_t pos = vmf->pgoff >> PAGE_SHIFT; + size_t count = PAGE_SIZE; + vm_fault_t ret; + + /* + * We already did this and now we're retrying with everything locked, + * don't emit the event and continue. + */ + if (vmf->flags & FAULT_FLAG_TRIED) + return 0; + + /* No watches, we're done. */ + if (!fsnotify_file_has_pre_content_watches(vmf->vma->vm_file)) + return 0; + + fpin = maybe_unlock_mmap_for_io(vmf, fpin); + if (!fpin) + return VM_FAULT_SIGBUS; + + ret = fsnotify_file_area_perm(fpin, mask, &pos, count); + fput(fpin); + if (ret) + return VM_FAULT_SIGBUS; + return VM_FAULT_RETRY; +} +EXPORT_SYMBOL_GPL(filemap_fsnotify_fault); + /** * filemap_fault - read in file data for page fault handling * @vmf: struct vm_fault containing details of the fault @@ -3392,6 +3439,37 @@ vm_fault_t filemap_fault(struct vm_fault *vmf) * or because readahead was otherwise unable to retrieve it. */ if (unlikely(!folio_test_uptodate(folio))) { + /* + * If this is a precontent file we have can now emit an event to + * try and populate the folio. + */ + if (!(vmf->flags & FAULT_FLAG_TRIED) && + fsnotify_file_has_pre_content_watches(file)) { + loff_t pos = folio_pos(folio); + size_t count = folio_size(folio); + + /* We're NOWAIT, we have to retry. */ + if (vmf->flags & FAULT_FLAG_RETRY_NOWAIT) { + folio_unlock(folio); + goto out_retry; + } + + if (mapping_locked) + filemap_invalidate_unlock_shared(mapping); + mapping_locked = false; + + folio_unlock(folio); + fpin = maybe_unlock_mmap_for_io(vmf, fpin); + if (!fpin) + goto out_retry; + + error = fsnotify_file_area_perm(fpin, MAY_ACCESS, &pos, + count); + if (error) + ret = VM_FAULT_SIGBUS; + goto out_retry; + } + /* * If the invalidate lock is not held, the folio was in cache * and uptodate and now it is not. Strange but possible since we From patchwork Fri Nov 15 15:30:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876427 Received: from mail-yw1-f178.google.com (mail-yw1-f178.google.com [209.85.128.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 976E31F26FF for ; Fri, 15 Nov 2024 15:31:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684718; cv=none; b=kLl35xfmTUJgS/G376LFeO7CflCPCnzas/hWthwdK1VoFpiWeconqcyw7/Y08nRy0ZyNZXqFYpUFDqacQsJzZ/mSv9La3whHh3H0fb6HScZMgmI3Nnv6iX2u48rfzrxqcPHLYBG+1p7oM9rpO2H3wgzxO43Kp7d6P1VCilDB3uk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684718; c=relaxed/simple; bh=2N0bizMEg0czxuSX0Hl7S5FVpQVRVn9Mf1MRV8yCr7o=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LaMRvAgtZc4wA9fh2UBNG1gvLQI2MBQG8QC48tq0/bsreu0QGVhJgZn1mwRveWMnOrEFJFtjtzwHnAUXSLUmkhLBgh+7k7+kz8TBff/t/u4m9GB1jQZBFEIzD85fMgZXP4RaNmfttl7hJX8Fp/J/6nnawRlb5REgziyrlaGovl8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=eC0cYIic; arc=none smtp.client-ip=209.85.128.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="eC0cYIic" Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-6e3cdbc25a0so21877047b3.2 for ; Fri, 15 Nov 2024 07:31:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684716; x=1732289516; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=3nbIBZPU5mMiQBH7fH9PUjd6pvpSRIo6Q0oL6vGrX38=; b=eC0cYIicdKHGAKWmNkEFoUITofha1lNixX70BShTKVQVY9e3K9rBoMn6DWQp3kqlbP dpkBv0NLvDUbcG+MRDBxbLVklABB9YUa5oPLnk5u9szWMwn8QUspmsNqUXyV+dYrt0At 8l7cdttDXn/lVGSGvJJN+neqoBkH2ADhP4Qz9mT1Gt2O1Yra10BV7mMLn4nsJYZgTl+Y vTWtQKV0Zx30w4Q6jiXGwljA8/HQD9dqxYQLHjZA9L7BVVXbccbrvS8lQW/DWtOkNuMi kT979D0Y3YYxjZORHK16QThmQlQt/dkuaw5g9nx/3jFdQt4BmpBHv8/j6R6Y1Ia8P2Ro 7U/g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684716; x=1732289516; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3nbIBZPU5mMiQBH7fH9PUjd6pvpSRIo6Q0oL6vGrX38=; b=tw31jHKdEYpk2p7nxLZlHfISCXWv6BU3mCzfBHWrEFQe3O8P5PpEyWTsPNfkiXzE9i CUaybqcc92F3NPXKZPX4EpnjUpnbPM/c51WsInHYoaDNbHSkbRalKIySmK6uK6MFyu6x X6PR9UI/9XkMZGTbYu8pfP5RXPnneYWNDb70YQ4rJNiWgkc5oZ4ormYPsWkmBGF4L0Yq CtTl2wFmco2a0YbjzgHacpZf5iBeKgDSiWmdanjJU1QDpU98Q+yFcm5seZ/4uUhGBQZU AmY1Fx3HYItF7WW50Y6tpjnNjwHuIabTmFSNe/fnSUZ0BXhQzy0aEhaOZgdLVO7juy4K Y9mQ== X-Forwarded-Encrypted: i=1; AJvYcCV8c/6fhqwQpRuUVlKaqKnEa1IXneFJ8godLn5Q92gSc5jVsK1fgvcPI/Afjcl99lUjYjp05yaIjsL7HsOW@vger.kernel.org X-Gm-Message-State: AOJu0YxOhSf4dCJ1BxPpFFtraxsNFftXjoss0EhlkFmTUn5GPgs/hlhM 8F8Ty/cRPt0EHKEWLQZwLL60WvD5A0QiSX/OBjbpKtKGI86JSir0LMDTrzFDbx8= X-Google-Smtp-Source: AGHT+IF2kfSK7avJhhme8jmNEknNmwYth/OIHi/JSJVRuMCWaSMr+rN1yucoeC0+W4HJkwXlrHqqNQ== X-Received: by 2002:a05:690c:688a:b0:6ea:7c46:8c23 with SMTP id 00721157ae682-6ee55ef8021mr42068567b3.35.1731684715691; Fri, 15 Nov 2024 07:31:55 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee440709dbsm7729117b3.54.2024.11.15.07.31.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:55 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 17/19] xfs: add pre-content fsnotify hook for write faults Date: Fri, 15 Nov 2024 10:30:30 -0500 Message-ID: <9eccdf59a65b72f0a1a5e2f2b9bff8eda2d4f2d9.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 xfs has it's own handling for write faults, so we need to add the pre-content fsnotify hook for this case. Reads go through filemap_fault so they're handled properly there. Signed-off-by: Josef Bacik --- fs/xfs/xfs_file.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/xfs/xfs_file.c b/fs/xfs/xfs_file.c index ca47cae5a40a..4fe89770ecb5 100644 --- a/fs/xfs/xfs_file.c +++ b/fs/xfs/xfs_file.c @@ -1458,6 +1458,10 @@ xfs_write_fault( unsigned int lock_mode = XFS_MMAPLOCK_SHARED; vm_fault_t ret; + ret = filemap_fsnotify_fault(vmf); + if (unlikely(ret)) + return ret; + sb_start_pagefault(inode->i_sb); file_update_time(vmf->vma->vm_file); From patchwork Fri Nov 15 15:30:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876429 Received: from mail-yw1-f180.google.com (mail-yw1-f180.google.com [209.85.128.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2F0B41F707D for ; Fri, 15 Nov 2024 15:31:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684719; cv=none; b=UEYhOdl3nk57zbggqa8SyWq9HZYKnqPA+42VIsuyHxtjC/mIH94F+ZKUpl7KPEfJN6Tz6X1D3OxbX0h8Sjpjk7PI0wGEguKIb7efVi1R8NzcZMjyIhdm0b2V02Odi5I0p1q5DbbNGbR3BkjF/PYtSzzzgNgFSE9UJ3rRjozTeoc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684719; c=relaxed/simple; bh=6I0DlDU7r6h299w7wCYMACFg3R+68ox0OBCaPPO6OWw=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=k5f1e74jvXCSm/8kCt6bFol8pVPCLAzG6R/Injxx+P4MHQfRonhi2PeAmYd/AEgoycqhBKNinYiYo3tMpzGhf4tz3jCn2Sks0lGlO6Lz383k5c5EfM+JNP4+zzjntjEOwiYHy5BESNesYSKzuvm78Acz4dXWPjRZzNZjOxSSvoE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=L/iy3LQa; arc=none smtp.client-ip=209.85.128.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="L/iy3LQa" Received: by mail-yw1-f180.google.com with SMTP id 00721157ae682-6eb0c2dda3cso20778867b3.1 for ; Fri, 15 Nov 2024 07:31:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684717; x=1732289517; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=SVlCssk7TvFYg+mPz0+epJww2XrJywW98H8fNg6oZ9s=; b=L/iy3LQaJK51zfKZy836wWqkdRDua/qu5MWDwfT8I+E560K7SSexHUFmeDq26/zUrn h3KOdqsG9twRzlUB4bV2Nq2HJynSF/gfw2d8JSFEQAK5/9W6UZhfou3tLH1og64avY/J Al9XK1PhX/dtHA3RzLGasw9+49kqMcgj2JnPqB38Y6LkIe+lMiQN0PXvIr7yOdO8agL6 6STMChfP/Z54ueyAO40XQ+EIECZbAI8QivqPPmKrO+2+9PQus8SboVJ5LJjwauCVsou2 3x15CjQZiEa/h92ZZTZ0gwOxHvYIa37dpkfhLsrXitqxCpUoNwqZUx4okJMzBlTVDtAL vA6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684717; x=1732289517; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SVlCssk7TvFYg+mPz0+epJww2XrJywW98H8fNg6oZ9s=; b=Dud3XDzPbm8X3pEXly7F4EhUWhumUWIgCLB1MiZWUvERvqqkp814nkIsiiUBSPYuy1 nUrtkdjGU9MKWNZuS/fOTcSxCbIReEcSaDEJw/DGmoiSiUNJcF9J5hyrDfaqx/x12GJA 1lEs2acQeGXUPyXLVsL7PcdrIgDDYDMge8uKPqwqhs5g/SZP8lpnWkxAaYkXo/pF1fpZ UP9hHk252hiY2EBJ5NXElyZoInt8tZ1LCxJY31j5O/qWmw9wVAnFDMsrYUjYs0xvd0Sb o7fvn+3/xhmwStqNdTc2eEEELxomUJikDBGqkLaY/P2Iu90WrTToqJ6NHIDQe1VmsjNq 9i4w== X-Forwarded-Encrypted: i=1; AJvYcCXVoDC5hxu7v2SlSVm1ju/SuGTZxOydrRgXmgHFjXXHCSfQrCYCXXly43VM85FWG2OWpT7UbTOlHsMXBWkx@vger.kernel.org X-Gm-Message-State: AOJu0Yx0lOXQNxU9iFzGUyGWmPsP9tv20uA4bH+J35+yaJuq8pafWByE J6h7vcDWxJTGO/b/Ts0LZ5XLVOVP6YaZAx509UtFRnRdNvlz/w/nqQCu1oZatCM= X-Google-Smtp-Source: AGHT+IHB7s7jP8NWV/O0FcTu86HRGJSs7P0wkOPC0j5cMuO18DrwRH2o+5qB1EsHLQ8UmBf4vwq9wQ== X-Received: by 2002:a05:690c:62c5:b0:6ea:8a23:7673 with SMTP id 00721157ae682-6ee55bbae6amr38804727b3.8.1731684717148; Fri, 15 Nov 2024 07:31:57 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6ee44075016sm7768367b3.63.2024.11.15.07.31.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:56 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 18/19] btrfs: disable defrag on pre-content watched files Date: Fri, 15 Nov 2024 10:30:31 -0500 Message-ID: <4cc5bcea13db7904174353d08e85157356282a59.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 We queue up inodes to be defrag'ed asynchronously, which means we do not have their original file for readahead. This means that the code to skip readahead on pre-content watched files will not run, and we could potentially read in empty pages. Handle this corner case by disabling defrag on files that are currently being watched for pre-content events. Signed-off-by: Josef Bacik --- fs/btrfs/ioctl.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index c9302d193187..1e5913f276be 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -2635,6 +2635,15 @@ static int btrfs_ioctl_defrag(struct file *file, void __user *argp) goto out; } + /* + * Don't allow defrag on pre-content watched files, as it could + * populate the page cache with 0's via readahead. + */ + if (fsnotify_file_has_pre_content_watches(file)) { + ret = -EINVAL; + goto out; + } + if (argp) { if (copy_from_user(&range, argp, sizeof(range))) { ret = -EFAULT; From patchwork Fri Nov 15 15:30:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Josef Bacik X-Patchwork-Id: 13876431 Received: from mail-oi1-f178.google.com (mail-oi1-f178.google.com [209.85.167.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1E0151D5CC9 for ; Fri, 15 Nov 2024 15:32:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684731; cv=none; b=dCulmvoR7oTVVV2j0P1Lwf8Ra9ggGsjDus4JsEEm5ijANaXQCfma0x/EJnPoCvwmHV7qYLXhae5CAMq9V83Qg1XQXHPOcwR5py7s9cUnwI9b9wEecTsBt6Gk4Odz1uhO4Pf9wlaPNQrF9ROvJgOMR/9ZNu5IIbAAs6/IruWXb2I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731684731; c=relaxed/simple; bh=nFXm/L4ae8YekLwpIFurgFERbAtgq26xVgDJzO6g1yM=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fNS+JjwXbrKgVK4JZ7o/YNprqHd/Mn0pkKck1XNZ9EFUBGrVnePlf65FuGosAqiHLPugU92c6yXC9FRp8vGp4ONd8jJGVq6dq42HEImaS/BWU3HaJokPl1IzWID9A6HU8nFozaPJtTiS20SQwqmpEsHuC77GaUHfRnOpK89HeOw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com; spf=none smtp.mailfrom=toxicpanda.com; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b=OhbvR0D9; arc=none smtp.client-ip=209.85.167.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=toxicpanda.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=toxicpanda-com.20230601.gappssmtp.com header.i=@toxicpanda-com.20230601.gappssmtp.com header.b="OhbvR0D9" Received: by mail-oi1-f178.google.com with SMTP id 5614622812f47-3e5fa17a79dso1182708b6e.1 for ; Fri, 15 Nov 2024 07:32:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toxicpanda-com.20230601.gappssmtp.com; s=20230601; t=1731684729; x=1732289529; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Gek1GO8SPggpZ3MPgZMTTjA2lPqNZurY73wIWpdWbQQ=; b=OhbvR0D9Mpu/eExRINZ6D2YTBSWBQVN4I77aTxH725JB6v1OtP4PbqsiIJcMqulLzD PioDrpuYnRgl9mDwb6vPK3upyetHSr+oINmPkdr8QxCWDft025bwE4nU3PV0fKHGOF9Y 5jOq9a9PK96V3MqsEnD3wir6nk5nC8fc/gqPbhtSXB7le1fxkIAjBC45RlNpGY+45tDU XMmI3hV/8/jQl38viODdYYbaJgzz/pYCsFFKRRupoBk31k8KIXEw609yC47pR2cZF7RP YsaPDpH3DUsL3DttGA4nSsC4i3av1T7si5+F8NTv0l4/R6xLtQeB6iMtfXeb3MKT/OGg brEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731684729; x=1732289529; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gek1GO8SPggpZ3MPgZMTTjA2lPqNZurY73wIWpdWbQQ=; b=CL1uO73wfkh5NNoVcKymWmQ7OTNeIdP0GsP5aWHsHfTmgaf7WPaV5Itpb7IwJiFJ1d VGVj3MaOaYX9y6wt6iBO+RAlN6Rsn4DsvZGWsb4bSisQs302jzWX2/wQ5FcMe6pf4Olz YorNa/Jzm1pczXdj7li4bwHnMakl05+LjEMycCtVuieSALZuHRU8gFruyM7VHjRAIMsg guaz0wQ85wVtOraKRaBYwzo7x5O7/L95xxVeSLOkAVUiBKp9o2fpZ4FApDQcnySoXK9V U99jw/TCKqVjehUX1mLtFK0zkaSBOIRGI3XD+v9+xUCWXsk/c74w1HNYtemWVnzrurKI WStg== X-Forwarded-Encrypted: i=1; AJvYcCWkiTMNVRNUhnXBUPYmXMkYfkh4jBSISywa7++mrN/bRv41gTgplkHOvgUjrhhHgMSHs/fhpzR80mmZcmw2@vger.kernel.org X-Gm-Message-State: AOJu0Yy+VveXhSSZ+sNG2rRFG0FBqkc9LS1vxb9YN/WVHqePj9RyrByX k8cL93xzvJSf2IT3nUB8AeloruElclctKZd4bL08mk5cHqXe5vulUOwf6rclG1nW7cAU9GWoOUr C X-Google-Smtp-Source: AGHT+IEUcKBXNGC+FquadsfHiR9BI4UoMJrmZkBZaObeXyKm9EGd5wreVNWR6wH/jakvp0EFNSF0lA== X-Received: by 2002:a05:6902:1209:b0:e30:c977:a360 with SMTP id 3f1490d57ef6-e38261291fdmr3157574276.5.1731684719039; Fri, 15 Nov 2024 07:31:59 -0800 (PST) Received: from localhost (syn-076-182-020-124.res.spectrum.com. [76.182.20.124]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e384121a605sm296041276.52.2024.11.15.07.31.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 07:31:58 -0800 (PST) From: Josef Bacik To: kernel-team@fb.com, linux-fsdevel@vger.kernel.org, jack@suse.cz, amir73il@gmail.com, brauner@kernel.org, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, linux-xfs@vger.kernel.org, linux-btrfs@vger.kernel.org, linux-mm@kvack.org, linux-ext4@vger.kernel.org Subject: [PATCH v8 19/19] fs: enable pre-content events on supported file systems Date: Fri, 15 Nov 2024 10:30:32 -0500 Message-ID: <46960dcb2725fa0317895ed66a8409ba1c306a82.1731684329.git.josef@toxicpanda.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Now that all the code has been added for pre-content events, and the various file systems that need the page fault hooks for fsnotify have been updated, add SB_I_ALLOW_HSM to the supported file systems. Signed-off-by: Josef Bacik --- fs/btrfs/super.c | 2 +- fs/ext4/super.c | 3 +++ fs/xfs/xfs_super.c | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c index 97a85d180b61..fe6ecc3f1cab 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c @@ -961,7 +961,7 @@ static int btrfs_fill_super(struct super_block *sb, #endif sb->s_xattr = btrfs_xattr_handlers; sb->s_time_gran = 1; - sb->s_iflags |= SB_I_CGROUPWB; + sb->s_iflags |= SB_I_CGROUPWB | SB_I_ALLOW_HSM; err = super_setup_bdi(sb); if (err) { diff --git a/fs/ext4/super.c b/fs/ext4/super.c index b3512d78b55c..13b9d67a4eec 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -5306,6 +5306,9 @@ static int __ext4_fill_super(struct fs_context *fc, struct super_block *sb) /* i_version is always enabled now */ sb->s_flags |= SB_I_VERSION; + /* HSM events are allowed by default. */ + sb->s_iflags |= SB_I_ALLOW_HSM; + err = ext4_check_feature_compatibility(sb, es, silent); if (err) goto failed_mount; diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index fda75db739b1..2d1e9db8548d 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -1713,7 +1713,7 @@ xfs_fs_fill_super( sb->s_time_max = XFS_LEGACY_TIME_MAX; } trace_xfs_inode_timestamp_range(mp, sb->s_time_min, sb->s_time_max); - sb->s_iflags |= SB_I_CGROUPWB; + sb->s_iflags |= SB_I_CGROUPWB | SB_I_ALLOW_HSM; set_posix_acl_flag(sb);