From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Amir Goldstein <amir73il@gmail.com>
Cc: Sasha Levin <sashal@kernel.org>, Jan Kara <jack@suse.cz>,
linux-fsdevel@vger.kernel.org, stable@vger.kernel.org,
Christian Brauner <brauner@kernel.org>
Subject: Re: [PATCH 5.15] fanotify: disallow mount/sb marks on kernel internal pseudo fs
Date: Sun, 16 Jul 2023 17:15:42 +0200 [thread overview]
Message-ID: <2023071635-stereo-driven-cb2a@gregkh> (raw)
In-Reply-To: <20230710133205.1154168-1-amir73il@gmail.com>
On Mon, Jul 10, 2023 at 04:32:05PM +0300, Amir Goldstein wrote:
> commit 69562eb0bd3e6bb8e522a7b254334e0fb30dff0c upstream.
>
> Hopefully, nobody is trying to abuse mount/sb marks for watching all
> anonymous pipes/inodes.
>
> I cannot think of a good reason to allow this - it looks like an
> oversight that dated back to the original fanotify API.
>
> Link: https://lore.kernel.org/linux-fsdevel/20230628101132.kvchg544mczxv2pm@quack3/
> Fixes: 0ff21db9fcc3 ("fanotify: hooks the fanotify_mark syscall to the vfsmount code")
> Signed-off-by: Amir Goldstein <amir73il@gmail.com>
> Reviewed-by: Christian Brauner <brauner@kernel.org>
> Signed-off-by: Jan Kara <jack@suse.cz>
> Message-Id: <20230629042044.25723-1-amir73il@gmail.com>
> [backport to 5.x.y]
> Signed-off-by: Amir Goldstein <amir73il@gmail.com>
> ---
>
> Greg,
>
> This 5.15 backport should cleanly apply to all 5.x.y LTS kernels.
> It will NOT apply to 4.x.y kernels.
>
> The original upstream commit should apply cleanly to 6.x.y stable
> kernels.
Now queued up, thanks.
greg k-h
prev parent reply other threads:[~2023-07-16 15:15 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-10 13:32 [PATCH 5.15] fanotify: disallow mount/sb marks on kernel internal pseudo fs Amir Goldstein
2023-07-16 15:15 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2023071635-stereo-driven-cb2a@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).