From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-fsdevel-owner@vger.kernel.org>
Received: from mail-pg1-f195.google.com ([209.85.215.195]:38423 "EHLO
        mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726659AbeKNJ0m (ORCPT
        <rfc822;linux-fsdevel@vger.kernel.org>);
        Wed, 14 Nov 2018 04:26:42 -0500
Received: by mail-pg1-f195.google.com with SMTP id f8-v6so6426059pgq.5
        for <linux-fsdevel@vger.kernel.org>; Tue, 13 Nov 2018 15:26:09 -0800 (PST)
Date: Wed, 14 Nov 2018 10:26:01 +1100
From: Matthew Bobrowski <mbobrowski@mbobrowski.org>
To: Jan Kara <jack@suse.cz>
Cc: Andy Lutomirski <luto@amacapital.net>,
        Andy Lutomirski <luto@kernel.org>,
        Amir Goldstein <amir73il@gmail.com>,
        Linux API <linux-api@vger.kernel.org>,
        Linux FS Devel <linux-fsdevel@vger.kernel.org>,
        Steve Grubb <sgrubb@redhat.com>
Subject: Re: [PATCH v7 2/4] fanotify: introduce new event mask FAN_OPEN_EXEC
Message-ID: <20181113232559.GA3132@lithium.mbobrowski.org>
References: <cover.1541639254.git.mbobrowski@mbobrowski.org>
 <05d2297ae76d5b7b00cc1d6af27b25e898e986c0.1541639254.git.mbobrowski@mbobrowski.org>
 <CALCETrUSq+a=8bFp4+8ZZYO3Jw6xzPrnQppbTQM6jPk9u25amA@mail.gmail.com>
 <20181109054133.GC4202@workstation.internal.lab>
 <CALCETrWa9r8qVS7tghfd8sZj7k7jpntQkVfK2e4Nm0hhnMJHvg@mail.gmail.com>
 <20181112161413.GB22091@quack2.suse.cz>
 <08C1375C-7E1F-4260-9EAF-A8B43CEED464@amacapital.net>
 <20181113114527.GA31599@lithium.mbobrowski.org>
 <20181113173503.GA12023@quack2.suse.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20181113173503.GA12023@quack2.suse.cz>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On Tue, Nov 13, 2018 at 06:35:03PM +0100, Jan Kara wrote:
> > > >> OK.  You should probably add to your documentation that interpreters
> > > >> opened as a result of execve() and execveat() also set FAN_OPEN_EXEC.
> > > > 
> > > > I'm not sure I understand your concern (and thus need for documentation).
> > > > In the following I assume you watch the whole system for fanotify events
> > > > (you can restrict them to specific files / mount points / superblocks
> > > > but that's besides the point of this discussion).
> > > > If you do:
> > > > 
> > > > ~> /bin/echo
> > > > 
> > > > Then you get FAN_OPEN_EXEC event for '/bin/echo' file and nothing more.
> > > 
> > > If indeed that’s what the code does, then documenting it as such seems fine.
> > > But, by inspection, ELF interpreters are opened with open_exec(), so they
> > > should fire the event too. Am I wrong?
> > 
> > No, you're not wrong.
> > 
> > I do believe that there is no need to add a specific statement about
> > interpreters within the documentation.
> 
> So I think what Andy means is that if I watch / for FAN_OPEN_EXEC, then
> people may not immediately realize that if they do /bin/echo, they'll
> actually get events for
> 
> /bin/echo
> /lib64/ld-2.22.so
> 
> At least I didn't immediately realize that (and just compiled test kernel
> with your patches to verify). So I think this clarification would be worth
> it as a note in the manpage. Changelog can IMO stay as is.

OK, sure, I will add it.

-- 
Matthew Bobrowski