On Thu 04-03-21 13:29:19, Amir Goldstein wrote: > Jan, > > These patches try to implement a minimal set and least controversial > functionality that we can allow for unprivileged users as a starting > point. > > The patches were tested on top of v5.12-rc1 and the fanotify_merge > patches using the unprivileged listener LTP tests written by Matthew > and another LTP tests I wrote to test the sysfs tunable limits [1]. Thanks. I've added both patches to my tree. Honza > > Thanks, > Amir. > > Changes since v1: > - Dropped marks per group limit in favor of max per user > - Rename sysfs files from 'listener' to 'group' terminology > - Dropped internal group flag FANOTIFY_UNPRIV > - Limit unprivileged listener to FAN_REPORT_FID family > - Report event->pid depending on reader capabilities > > [1] https://github.com/amir73il/ltp/commits/fanotify_unpriv > > Amir Goldstein (2): > fanotify: configurable limits via sysfs > fanotify: support limited functionality for unprivileged users > > fs/notify/fanotify/fanotify.c | 16 ++- > fs/notify/fanotify/fanotify_user.c | 152 ++++++++++++++++++++++++----- > fs/notify/fdinfo.c | 3 +- > fs/notify/group.c | 1 - > fs/notify/mark.c | 4 - > include/linux/fanotify.h | 36 ++++++- > include/linux/fsnotify_backend.h | 6 +- > include/linux/sched/user.h | 3 - > include/linux/user_namespace.h | 4 + > kernel/sysctl.c | 12 ++- > kernel/ucount.c | 4 + > 11 files changed, 194 insertions(+), 47 deletions(-) > > -- > 2.30.0 > -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR
