[PATCH v5 0/3] mount notification

Linux Security Modules development
 help / color / mirror / Atom feed

From: Miklos Szeredi <mszeredi@redhat.com>
To: linux-fsdevel@vger.kernel.org
Cc: Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
	Amir Goldstein <amir73il@gmail.com>, Karel Zak <kzak@redhat.com>,
	Lennart Poettering <lennart@poettering.net>,
	Ian Kent <raven@themaw.net>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	Paul Moore <paul@paul-moore.com>,
	selinux@vger.kernel.org, linux-security-module@vger.kernel.org,
	selinux-refpolicy@vger.kernel.org
Subject: [PATCH v5 0/3] mount notification
Date: Wed, 29 Jan 2025 17:57:58 +0100	[thread overview]
Message-ID: <20250129165803.72138-1-mszeredi@redhat.com> (raw)

This should be ready for adding to the v6.15 queue.  I don't see the
SELinux discussion converging, so I took the simpler version out of the two
that were suggested.

Will work on adding selftests.

Thanks to everyone for the reviews!

Miklos

---
v5:
 - drop FS_MNT_CHANGE (Christian)
 - rebased on current mainline (Amir)
 - add FSNOTIFY_MNT_EVENTS (Amir)
 - change selinux permission check to FILE__WATCH_MOUNT (Paul)

v4:
  - add notification on attribute change
  - deal with two FIXMEs
  - move data and code to #ifdef CONFIG_FSNOTIFY regions
  - function renames for more consistentcy (Christian)
  - explanation comment in umount_tree() (Christian)
  - style cleanups in fanotify (Amir, Jan)
  - changed FAN_MNT_* values (Amir)

v3:
  - use a global list protected for temporarily storing (Christian)
  - move fsnotify_* calls to namespace_unlock() (Christian)
  - downgrade namespace_sem to read for fsnotify_* calls (Christian)
  - add notification for reparenting in propagate_umount (Christian)
  - require nsfs file (/proc/PID/ns/mnt) in fanotify_mark(2) (Christian)
  - cleaner check for fsnotify being initialized (Amir)
  - fix stub __fsnotify_mntns_delete (kernel test robot)
  - don't add FANOTIFY_MOUNT_EVENTS to FANOTIFY_FD_EVENTS (Amir)

v2:
  - notify for whole namespace as this seems to be what people prefer
  - move fsnotify() calls outside of mount_lock
  - only report mnt_id, not parent_id


Miklos Szeredi (3):
  fsnotify: add mount notification infrastructure
  fanotify: notify on mount attach and detach
  vfs: add notifications for mount attach and detach

 fs/mount.h                         | 26 +++++++++
 fs/namespace.c                     | 93 ++++++++++++++++++++++++++++--
 fs/notify/fanotify/fanotify.c      | 38 +++++++++++-
 fs/notify/fanotify/fanotify.h      | 18 ++++++
 fs/notify/fanotify/fanotify_user.c | 87 +++++++++++++++++++++++-----
 fs/notify/fdinfo.c                 |  5 ++
 fs/notify/fsnotify.c               | 47 ++++++++++++---
 fs/notify/fsnotify.h               | 11 ++++
 fs/notify/mark.c                   | 14 ++++-
 fs/pnode.c                         |  4 +-
 include/linux/fanotify.h           | 12 ++--
 include/linux/fsnotify.h           | 20 +++++++
 include/linux/fsnotify_backend.h   | 42 ++++++++++++++
 include/uapi/linux/fanotify.h      | 10 ++++
 security/selinux/hooks.c           |  4 ++
 15 files changed, 396 insertions(+), 35 deletions(-)

-- 
2.48.1

next             reply	other threads:[~2025-01-29 16:58 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-01-29 16:57 Miklos Szeredi [this message]
2025-01-29 16:57 ` [PATCH v5 1/3] fsnotify: add mount notification infrastructure Miklos Szeredi
2025-02-11 13:05   ` Jan Kara
2025-01-29 16:58 ` [PATCH v5 2/3] fanotify: notify on mount attach and detach Miklos Szeredi
2025-01-30 21:05   ` Paul Moore
2025-01-31 10:53     ` Miklos Szeredi
2025-01-31 14:28       ` Paul Moore
2025-02-04 10:19         ` Christian Brauner
2025-02-04 10:20       ` Christian Brauner
2025-01-31 12:09     ` Christian Brauner
2025-01-31 14:39       ` Paul Moore
2025-02-04 10:07         ` Christian Brauner
2025-02-04 23:52           ` Paul Moore
2025-02-11 13:32   ` Jan Kara
2025-02-13 11:59     ` Miklos Szeredi
2025-02-13 13:08       ` Amir Goldstein
2025-01-29 16:58 ` [PATCH v5 3/3] vfs: add notifications for " Miklos Szeredi
2025-02-11 13:04   ` Jan Kara
2025-01-30 16:07 ` [PATCH v5 0/3] mount notification Christian Brauner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250129165803.72138-1-mszeredi@redhat.com \
    --to=mszeredi@redhat.com \
    --cc=amir73il@gmail.com \
    --cc=brauner@kernel.org \
    --cc=jack@suse.cz \
    --cc=kzak@redhat.com \
    --cc=lennart@poettering.net \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=raven@themaw.net \
    --cc=selinux-refpolicy@vger.kernel.org \
    --cc=selinux@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox