From: Andreas Gruenbacher <agruen@suse.de>
To: Eric Paris <eparis@redhat.com>
Cc: Jamie Lokier <jamie@shareable.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Evgeniy Polyakov <zbr@ioremap.net>,
David Miller <davem@davemloft.net>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
netdev@vger.kernel.org, viro@zeniv.linux.org.uk,
alan@linux.intel.com, hch@infradead.org
Subject: Re: fanotify as syscalls
Date: Sat, 19 Sep 2009 00:00:43 +0200 [thread overview]
Message-ID: <200909190000.43556.agruen@suse.de> (raw)
In-Reply-To: <1253307128.2552.21.camel@dhcp231-106.rdu.redhat.com>
On Friday, 18 September 2009 22:52:08 Eric Paris wrote:
> On Thu, 2009-09-17 at 22:07 +0200, Andreas Gruenbacher wrote:
> > From my point of view, "global" events make no sense, and fanotify
> > listeners should register which directories they are interested in (e.g.,
> > include "/", exclude "/proc"). This takes care of chroots and namespaces
> > as well.
>
> While I completely agree that most users don't want global events, the
> antimalware vendors who today, unprotect and hack the syscall table on
> their unsuspecting customer's machines to intercept every read, write,
> open, close, mmap, etc syscall want EXACTLY that.
I understand that "global" is what those guys get today for lack of a
reasonable mechanism, but it's not what anybody can ge given by fanotify: it
conflicts with filesystem namespaces.
Consider running several "virtual machines" in separate namespaces on the same
kernel. With "global" you are forced to run the same global fanotify
listeners everywhere; with per-mount-point listeners, you can choose
between "global" and something more fine-grained by identifying which
vfsmounts you are interested in. (Filesystem namespaces correspond to
vfsmount hierarchies.)
> [...] You still have to exclude /proc and /sys and everything else.
Those are mount points, and so convenient to handle with a per-mount-point
mechanism. No additional kernel code needed.
> [...] Still though, this sounds like an issue for the f_type and f_fsid
> exclusion syscall I say I'm still not settled on.
Those are also obsolete with a per-mount-point mechanism.
Thanks,
Andreas
next prev parent reply other threads:[~2009-09-18 22:01 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-11 5:25 [PATCH 1/8] networking/fanotify: declare fanotify socket numbers Eric Paris
2009-09-11 5:26 ` [PATCH 2/8] vfs: introduce FMODE_NONOTIFY Eric Paris
2009-09-11 5:26 ` [PATCH 3/8] fanotify: fscking all notification system Eric Paris
2009-09-11 5:26 ` [PATCH 4/8] fanotify:drop notification if they exist in the outgoing queue Eric Paris
2009-09-11 5:26 ` [PATCH 5/8] fanotify: merge notification events with different masks Eric Paris
2009-09-11 5:26 ` [PATCH 6/8] fanotify: userspace socket Eric Paris
2009-09-11 5:26 ` [PATCH 7/8] fanotify: userspace can add and remove fsnotify inode marks Eric Paris
2009-09-11 5:26 ` [PATCH 8/8] fanotify: send events to userspace over socket reads Eric Paris
2009-09-11 14:08 ` Daniel Walker
2009-09-11 14:15 ` Eric Paris
2009-09-11 14:22 ` Daniel Walker
2009-09-11 14:32 ` Daniel Walker
2009-09-11 14:32 ` [PATCH 1/8] networking/fanotify: declare fanotify socket numbers Andreas Gruenbacher
2009-09-11 16:04 ` Eric Paris
2009-09-11 18:46 ` David Miller
2009-09-11 19:33 ` Eric Paris
2009-09-11 20:46 ` Jamie Lokier
2009-09-11 21:13 ` Eric Paris
2009-09-11 21:27 ` Jamie Lokier
2009-09-11 21:51 ` Eric Paris
2009-09-12 9:41 ` Evgeniy Polyakov
2009-09-14 0:17 ` Jamie Lokier
2009-09-14 14:07 ` Evgeniy Polyakov
2009-09-14 19:08 ` fanotify as syscalls Eric Paris
2009-09-15 20:16 ` Evgeniy Polyakov
2009-09-15 21:54 ` Eric Paris
2009-09-15 23:49 ` Linus Torvalds
2009-09-16 1:26 ` Eric Paris
2009-09-16 7:52 ` Jamie Lokier
2009-09-16 9:48 ` Eric Paris
2009-09-16 12:17 ` Jamie Lokier
2009-09-17 20:07 ` Andreas Gruenbacher
2009-09-18 20:52 ` Eric Paris
2009-09-18 22:00 ` Andreas Gruenbacher [this message]
2009-09-19 3:04 ` Eric Paris
2009-09-21 20:04 ` Andreas Gruenbacher
2009-09-21 20:28 ` Jamie Lokier
2009-09-21 21:27 ` Andreas Gruenbacher
2009-09-21 22:00 ` Jamie Lokier
2009-09-21 23:09 ` Andreas Gruenbacher
2009-09-21 23:56 ` Jamie Lokier
2009-09-21 22:18 ` Davide Libenzi
2009-09-21 23:12 ` Jamie Lokier
2009-09-22 14:51 ` Davide Libenzi
2009-09-22 15:31 ` Andreas Gruenbacher
2009-09-22 16:04 ` Davide Libenzi
2009-09-23 8:39 ` Tvrtko Ursulin
2009-09-23 11:20 ` hch
2009-09-23 15:35 ` Davide Libenzi
2009-09-23 21:58 ` hch
2009-09-23 11:32 ` Arjan van de Ven
2009-09-23 15:42 ` Tvrtko Ursulin
2009-09-23 15:51 ` Eric Paris
2009-09-23 21:56 ` hch
2009-09-23 15:26 ` Davide Libenzi
2009-09-23 15:45 ` Tvrtko Ursulin
2009-09-23 17:31 ` Davide Libenzi
2009-09-22 16:11 ` Eric Paris
2009-09-22 16:27 ` Jamie Lokier
2009-09-22 23:43 ` Davide Libenzi
2009-09-22 21:06 ` Eric Paris
2009-09-22 21:38 ` Andreas Gruenbacher
2009-09-16 10:41 ` Alan Cox
2009-09-16 11:41 ` Jamie Lokier
2009-09-16 12:01 ` Alan Cox
2009-09-16 12:56 ` Jamie Lokier
2009-09-16 15:53 ` Eric Paris
2009-09-16 21:49 ` Jamie Lokier
2009-09-16 22:33 ` Eric Paris
2009-09-16 11:30 ` Arnd Bergmann
2009-09-16 12:05 ` Evgeniy Polyakov
2009-09-16 12:27 ` Jamie Lokier
2009-09-17 16:40 ` Linus Torvalds
2009-09-17 17:35 ` Arjan van de Ven
2009-09-17 18:53 ` Eric Paris
2009-09-22 0:15 ` Eric W. Biederman
2009-09-22 0:22 ` Randy Dunlap
2009-09-11 21:21 ` [PATCH 1/8] networking/fanotify: declare fanotify socket numbers jamal
2009-09-11 21:42 ` Jamie Lokier
2009-09-11 22:52 ` jamal
2009-09-14 0:03 ` Jamie Lokier
2009-09-14 1:26 ` Eric Paris
2009-09-14 13:15 ` jamal
2009-09-12 9:47 ` Evgeniy Polyakov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200909190000.43556.agruen@suse.de \
--to=agruen@suse.de \
--cc=alan@linux.intel.com \
--cc=davem@davemloft.net \
--cc=eparis@redhat.com \
--cc=hch@infradead.org \
--cc=jamie@shareable.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=zbr@ioremap.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).