From mboxrd@z Thu Jan 1 00:00:00 1970 From: Pavel Machek Subject: Re: fanotify - overall design before I start sending patches Date: Thu, 6 Aug 2009 12:10:59 +0200 Message-ID: <20090806101059.GD31370@elf.ucw.cz> References: <1248466429.3567.82.camel@localhost> <20090805020534.GB1354@ucw.cz> <200908051746.17903.tvrtko.ursulin@sophos.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: "david-gFPdbfVZQbY@public.gmane.org" , "a.p.zijlstra-/NLkJaSkS4VmR6Xm/wNWPw@public.gmane.org" , "Valdis.Kletnieks-PjAqaU27lzQ@public.gmane.org" , Douglas Leeder , "malware-list-h+Im9A44IAFcMpApZELgcQ@public.gmane.org" , "mrkafk-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org" , "aviro-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org" , "jack-AlSwsSmVLrQ@public.gmane.org" , "linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , "jengelh-nopoi9nDyk+ELgA04lAiVw@public.gmane.org" , "hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org" , "alexl-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org" , "jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org" , "linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , "alan-qBU/x9rampVanCEyBjwyrvXRex20P6io@public.gmane.org" , "arjan-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org" To: Tvrtko Ursulin Return-path: Content-Disposition: inline In-Reply-To: <200908051746.17903.tvrtko.ursulin-j34lQMj1tz/QT0dZR+AlfA@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: malware-list-bounces-h+Im9A44IAFcMpApZELgcQ@public.gmane.org Errors-To: malware-list-bounces-h+Im9A44IAFcMpApZELgcQ@public.gmane.org List-Id: linux-fsdevel.vger.kernel.org On Wed 2009-08-05 17:46:16, Tvrtko Ursulin wrote: > On Wednesday 05 August 2009 03:05:34 Pavel Machek wrote: > > BTW my -@suse.cz address no longer works. pavel-+ZI9xUNit7I@public.gmane.org should be ok. > > > > > If a FAN_ACCESS_PERM or FAN_OPEN_PERM event is received the listener > > > must send a response before the 5 second timeout. If no response is > > > sent before the 5 second timeout the original operation is allowed. If > > > this happens too many times (10 in a row) the fanotify group is evicted > > > from the kernel and will not get any new events. Sending a response is > > > done using the setsockopt() call with the socket options set to > > > FANOTIFY_ACCESS_RESPONSE. The buffer should contain a structure like: > > > > The timeout part of interface is very ugly. Will fanotify users have > > to be realtime/mlocked? > > Why do you think it is very ugly? Do I need to explain? > Just to make sure you haven't missed this - it is not that they have to > complete the whole operation before the timeout period (since you mention > realtime/mlock I suspect this is what you think?), but _during_ the operation > they have to show that they are active by sending something like keep alive > messages. > > Or you are worried about failing to meet even that on a loaded system? There > has to be something like this otherwise hung userspace client would kill the > whole system. Of course, I'm worried about failing to meet this on loaded system. And the fact that I _have_ to worry about that means that interface is ugly/broken. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html