From: Amir Goldstein <amir73il@gmail.com>
To: Jan Kara <jack@suse.cz>
Cc: Christian Brauner <brauner@kernel.org>, linux-fsdevel@vger.kernel.org
Subject: [PATCH v2 00/10] fanotify namespace monitoring
Date: Fri, 24 Apr 2026 19:04:53 +0200 [thread overview]
Message-ID: <20260424170503.2096847-1-amir73il@gmail.com> (raw)
Jan,
Following your feedback from v1 [1] review, I've made the changes
to clear the way for reusing the fs watcher event bits for ns watcher
event bits.
The terminology of "ns watcher" vs. "ns events" is a little confusing:
- "ns watcher" group can place mark on ns objects with
mntns/userns marks
- The events that can be requested by ns watcher are
mount (tree monitoring) and ns (tree monitoring) events
- We could imagine requesting all mount events of all mntns owned
by a specific userns, but this was not implemented
- "fs watcher" group can place mark on fs objects with
inode/mnt/sb marks
- The events that can be requested by fs watcher are
fs (monitoring, permission and pre-content) events
To simplify the implementation, the event flags (ON_CHILD, ISDIR)
live in a shared space that cannot be overloaded by neither group types.
This is not because ISDIR makes sense for ns watcher, just to reduce the
number of gates in common code. ON_CHILD flag might be usable for ns
watchers, not sure.
Thanks,
Amir.
Changes since v1:
- Introduce group type and gates
- FAN_NS_CREATE/FAN_NS_DELETE overload FAN_CREATE/FAN_DELETE in uapi
instead of using high 32bit
[1] https://lore.kernel.org/linux-fsdevel/20260307110550.373762-1-amir73il@gmail.com/
Amir Goldstein (10):
fsnotify: rename fsnotify group flag macros
fsnotify: introduce fsnotify group types
fsnotify: separate the events bitmask macros by group type
fanotify: test event->type instead of event mask when possible
fsnotify: do not report mount events with fsnotify()
fanotify: gate fs event classification by group type
fanotify: gate fs events checks in fanotify_mark() by group type
fanotify: add support for watching the namespaces tree
selftests/filesystems: create fanotify test dir
selftests/filesystems: add fanotify namespace notifications test
fs/notify/fanotify/fanotify.c | 141 ++++++--
fs/notify/fanotify/fanotify.h | 62 +++-
fs/notify/fanotify/fanotify_user.c | 218 +++++++++---
fs/notify/fdinfo.c | 9 +-
fs/notify/fsnotify.c | 123 +++++--
fs/notify/fsnotify.h | 12 +
fs/notify/group.c | 14 +-
fs/notify/inotify/inotify_user.c | 2 +-
fs/notify/mark.c | 9 +-
fs/nsfs.c | 21 ++
include/linux/fanotify.h | 40 ++-
include/linux/fsnotify.h | 5 +
include/linux/fsnotify_backend.h | 108 ++++--
include/linux/proc_fs.h | 2 +
include/linux/user_namespace.h | 6 +
include/uapi/linux/fanotify.h | 37 +-
kernel/audit_fsnotify.c | 2 +-
kernel/nscommon.c | 47 +++
kernel/user_namespace.c | 2 +
tools/include/uapi/linux/fanotify.h | 37 +-
tools/testing/selftests/Makefile | 2 +-
.../{mount-notify => fanotify}/.gitignore | 0
.../{mount-notify => fanotify}/Makefile | 3 +-
.../mount-notify_test.c | 0
.../mount-notify_test_ns.c | 0
.../filesystems/fanotify/ns-notify_test.c | 330 ++++++++++++++++++
26 files changed, 1045 insertions(+), 187 deletions(-)
rename tools/testing/selftests/filesystems/{mount-notify => fanotify}/.gitignore (100%)
rename tools/testing/selftests/filesystems/{mount-notify => fanotify}/Makefile (67%)
rename tools/testing/selftests/filesystems/{mount-notify => fanotify}/mount-notify_test.c (100%)
rename tools/testing/selftests/filesystems/{mount-notify => fanotify}/mount-notify_test_ns.c (100%)
create mode 100644 tools/testing/selftests/filesystems/fanotify/ns-notify_test.c
--
2.54.0
next reply other threads:[~2026-04-24 17:05 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-24 17:04 Amir Goldstein [this message]
2026-04-24 17:04 ` [PATCH v2 01/10] fsnotify: rename fsnotify group flag macros Amir Goldstein
2026-04-24 17:04 ` [PATCH v2 02/10] fsnotify: introduce fsnotify group types Amir Goldstein
2026-04-24 17:04 ` [PATCH v2 03/10] fsnotify: separate the events bitmask macros by group type Amir Goldstein
2026-04-24 17:04 ` [PATCH v2 04/10] fanotify: test event->type instead of event mask when possible Amir Goldstein
2026-04-24 17:04 ` [PATCH v2 05/10] fsnotify: do not report mount events with fsnotify() Amir Goldstein
2026-04-24 17:04 ` [PATCH v2 06/10] fanotify: gate fs event classification by group type Amir Goldstein
2026-04-24 17:05 ` [PATCH v2 07/10] fanotify: gate fs events checks in fanotify_mark() " Amir Goldstein
2026-04-24 17:05 ` [PATCH v2 08/10] fanotify: add support for watching the namespaces tree Amir Goldstein
2026-04-24 17:05 ` [PATCH v2 09/10] selftests/filesystems: create fanotify test dir Amir Goldstein
2026-04-24 17:05 ` [PATCH v2 10/10] selftests/filesystems: add fanotify namespace notifications test Amir Goldstein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260424170503.2096847-1-amir73il@gmail.com \
--to=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=jack@suse.cz \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox