From: Tvrtko Ursulin <tvrtko.ursulin@sophos.com>
To: Eric Paris <eparis@redhat.com>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>
Subject: Re: [BUG][PATCH][2.6.36-rc3] fanotify: Do not ignore result of permission decisions
Date: Wed, 8 Sep 2010 09:24:04 +0100 [thread overview]
Message-ID: <201009080924.04841.tvrtko.ursulin@sophos.com> (raw)
In-Reply-To: <201009071608.02290.tvrtko.ursulin@sophos.com>
Improved version of the fix which does not include the check
when permission events are not enabled in configuration and
stops processing if no interesting events remain.
Current code ignores access replies to permission decisions so
fix it in a way which will allow all listeners to still receive
non permission events.
Signed-off-by: Tvrtko Ursulin <tvrtko.ursulin@sophos.com>
---
fs/notify/fsnotify.c | 32 ++++++++++++++++++++++++--------
include/linux/fsnotify_backend.h | 4 ++++
2 files changed, 28 insertions(+), 8 deletions(-)
diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c
index 3680242..2350a53 100644
--- a/fs/notify/fsnotify.c
+++ b/fs/notify/fsnotify.c
@@ -224,7 +224,7 @@ int fsnotify(struct inode *to_tell, __u32 mask, void *data, int data_is,
struct fsnotify_group *inode_group, *vfsmount_group;
struct fsnotify_event *event = NULL;
struct vfsmount *mnt;
- int idx, ret = 0;
+ int idx, ret = 0, res;
/* global tests shouldn't care about events on child only the specific event */
__u32 test_mask = (mask & ~FS_EVENT_ON_CHILD);
@@ -275,20 +275,36 @@ int fsnotify(struct inode *to_tell, __u32 mask, void *data, int data_is,
if (inode_group > vfsmount_group) {
/* handle inode */
- send_to_group(to_tell, NULL, inode_mark, NULL, mask, data,
- data_is, cookie, file_name, &event);
+ res = send_to_group(to_tell, NULL, inode_mark, NULL, mask, data,
+ data_is, cookie, file_name, &event);
/* we didn't use the vfsmount_mark */
vfsmount_group = NULL;
} else if (vfsmount_group > inode_group) {
- send_to_group(to_tell, mnt, NULL, vfsmount_mark, mask, data,
- data_is, cookie, file_name, &event);
+ res = send_to_group(to_tell, mnt, NULL, vfsmount_mark, mask, data,
+ data_is, cookie, file_name, &event);
inode_group = NULL;
} else {
- send_to_group(to_tell, mnt, inode_mark, vfsmount_mark,
- mask, data, data_is, cookie, file_name,
- &event);
+ res = send_to_group(to_tell, mnt, inode_mark, vfsmount_mark,
+ mask, data, data_is, cookie, file_name,
+ &event);
}
+#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
+ /* If a listener denied on a permission event we will remember the reason
+ and run the rest with a non-permission mask only. This allows other
+ listeners to receive non-permission notifications but we do not care
+ about further permission checks and want to deny this event. */
+ if (unlikely((res == -EPERM) && (mask & FS_ALL_PERM_EVENTS))) {
+ mask &= ~FS_ALL_PERM_EVENTS;
+ ret = res;
+ /* Stop processing if no interesting events remains. */
+ if (!(mask & (ALL_FSNOTIFY_EVENTS & ~FS_EVENT_ON_CHILD)))
+ break;
+ }
+#else
+ (void)res;
+#endif
+
if (inode_group)
inode_node = srcu_dereference(inode_node->next,
&fsnotify_mark_srcu);
diff --git a/include/linux/fsnotify_backend.h b/include/linux/fsnotify_backend.h
index e40190d..c8aea03 100644
--- a/include/linux/fsnotify_backend.h
+++ b/include/linux/fsnotify_backend.h
@@ -64,6 +64,10 @@
#define FS_MOVE (FS_MOVED_FROM | FS_MOVED_TO)
+/* All events which require a permission response from userspace */
+#define FS_ALL_PERM_EVENTS (FS_OPEN_PERM |\
+ FS_ACCESS_PERM)
+
#define ALL_FSNOTIFY_EVENTS (FS_ACCESS | FS_MODIFY | FS_ATTRIB | \
FS_CLOSE_WRITE | FS_CLOSE_NOWRITE | FS_OPEN | \
FS_MOVED_FROM | FS_MOVED_TO | FS_CREATE | \
Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, United Kingdom.
Company Reg No 2096520. VAT Reg No GB 348 3873 20.
next prev parent reply other threads:[~2010-09-08 8:24 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-07 15:08 [BUG][PATCH][2.6.36-rc3] fanotify: Do not ignore result of permission decisions Tvrtko Ursulin
2010-09-08 8:24 ` Tvrtko Ursulin [this message]
2010-10-08 13:00 ` Andreas Gruenbacher
2010-10-08 16:11 ` Tvrtko Ursulin
2010-10-08 16:51 ` Eric Paris
2010-10-18 11:05 ` Tvrtko Ursulin
2010-10-08 21:05 ` Andreas Gruenbacher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201009080924.04841.tvrtko.ursulin@sophos.com \
--to=tvrtko.ursulin@sophos.com \
--cc=eparis@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).