[PATCH v7 0/4] fanotify: introduce new event mask FAN_OPEN_EXEC and FAN_OPEN_EXEC_PERM

[Matthew Bobrowski <mbobrowski@mbobrowski.org>]

Currently, the fanotify API does not provide a means for user space
applications to receive events when a file has been opened specifically
for execution. New event masks FAN_OPEN_EXEC and FAN_OPEN_EXEC_PERM have
been introduced in order to provide users with this capability.

These event types, when either are explicitly requested by the user, will
be returned within the event mask when a marked file object is being
opened has __FMODE_EXEC set as one of the flags for open_flag.

Linux is used as an operating system in some products, with an environment
that can be certified under the Common Criteria Operating System
Protection Profile (OSPP). This is a formal threat model for a class of
technology. It requires specific countermeasures to mitigate threats. It
requires documentation to explain how a product implements these
countermeasures. It requires proof via a test suite to demonstrate that
the requirements are met, observed and checked by an independent qualified
third party. The latest set of requirements for OSPP v4.2 can be found
here:

https://www.niap-ccevs.org/Profile/Info.cfm?PPID=424&id=424

If you look on page 58, you will see the following requirement:

FPT_SRP_EXT.1 Software Restriction Policies FPT_SRP_EXT.1.1
administrator specified [selection:
        file path,
        file digital signature,
        version,
        hash,
        [assignment: other characteristics]
]

This patch is to help aid in meeting this requirement.

Changes since v6:
	* Reordered patches within the patch series for the sake of
	  correctness.
	* Updated patch that contains FAN_OPEN_EXEC_PERM functionality to
	  include separate call to fsnotify_parent()/fsnotify() which is
	  used to mitigate merging of permission events.

Note that this set of patches are based on Amir's fsnotify-fixes branch,
which has already been posted through for review. For those interested,
this branch can be found here:
https://github.com/amir73il/linux/commits/fsnotify-fixes

LTP tests for this feature are on my 'fanotify-exec' branch here:
https://github.com/matthewbobrowski/ltp/commits/fanotify_exec. The files
that contains the test cases are provided below:

syscalls/fanotify03: test cases have been updated to cover
                     FAN_OPEN_EXEC_PERM events
syscalls/fanotify12: newly introduced LTP test file to cover
                     FAN_OPEN_EXEC events

All LTP tests have been run against this series of patches and all are
returning as a pass.

The man pages updates for these newly defined event masks can be found
here:
https://github.com/matthewbobrowski/man-pages/commits/fanotify_exec

I would like to thank both Amir and Jan for their time and help, highly
appreciated once again.

Matthew Bobrowski (4):
  fanotify: return only user requested event types in event mask
  fanotify: introduce new event mask FAN_OPEN_EXEC
  fsnotify: refactor fsnotify_parent()/fsnotify() paired calls when
    event is on path
  fanotify: introduce new event mask FAN_OPEN_EXEC_PERM

 fs/notify/fanotify/fanotify.c    | 29 ++++++++-------
 fs/notify/fsnotify.c             |  2 +-
 include/linux/fanotify.h         |  5 +--
 include/linux/fsnotify.h         | 61 +++++++++++++++++++-------------
 include/linux/fsnotify_backend.h | 11 ++++--
 include/uapi/linux/fanotify.h    |  2 ++
 6 files changed, 67 insertions(+), 43 deletions(-)

-- 
2.17.2


-- 
Matthew Bobrowski