Re: [PATCH v8 10/19] fanotify: introduce FAN_PRE_ACCESS permission event

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 21, 2024 at 7:31 PM Amir Goldstein <amir73il@xxxxxxxxx> wrote:
>
> On Thu, Nov 21, 2024 at 5:36 PM Jan Kara <jack@xxxxxxx> wrote:
> >
> > On Thu 21-11-24 15:18:36, Amir Goldstein wrote:
> > > On Thu, Nov 21, 2024 at 11:44 AM Jan Kara <jack@xxxxxxx> wrote:
> > > >
> > > > On Fri 15-11-24 10:30:23, Josef Bacik wrote:
> > > > > From: Amir Goldstein <amir73il@xxxxxxxxx>
> > > > >
> > > > > Similar to FAN_ACCESS_PERM permission event, but it is only allowed with
> > > > > class FAN_CLASS_PRE_CONTENT and only allowed on regular files and dirs.
> > > > >
> > > > > Unlike FAN_ACCESS_PERM, it is safe to write to the file being accessed
> > > > > in the context of the event handler.
> > > > >
> > > > > This pre-content event is meant to be used by hierarchical storage
> > > > > managers that want to fill the content of files on first read access.
> > > > >
> > > > > Signed-off-by: Amir Goldstein <amir73il@xxxxxxxxx>
> > > >
> > > > Here I was wondering about one thing:
> > > >
> > > > > +     /*
> > > > > +      * Filesystems need to opt-into pre-content evnets (a.k.a HSM)
> > > > > +      * and they are only supported on regular files and directories.
> > > > > +      */
> > > > > +     if (mask & FANOTIFY_PRE_CONTENT_EVENTS) {
> > > > > +             if (!(path->mnt->mnt_sb->s_iflags & SB_I_ALLOW_HSM))
> > > > > +                     return -EINVAL;
> > > > > +             if (!is_dir && !d_is_reg(path->dentry))
> > > > > +                     return -EINVAL;
> > > > > +     }
> > > >
> > > > AFAICS, currently no pre-content events are generated for directories. So
> > > > perhaps we should refuse directories here as well for now? I'd like to
> > >
> > > readdir() does emit PRE_ACCESS (without a range)
> >
> > Ah, right.
> >
> > > and also always emitted ACCESS_PERM.
> >
> > I know that and it's one of those mostly useless events AFAICT.
> >
> > > my POC is using that PRE_ACCESS to populate
> > > directories on-demand, although the functionality is incomplete without the
> > > "populate on lookup" event.
> >
> > Exactly. Without "populate on lookup" doing "populate on readdir" is ok for
> > a demo but not really usable in practice because you can get spurious
> > ENOENT from a lookup.
> >
> > > > avoid the mistake of original fanotify which had some events available on
> > > > directories but they did nothing and then you have to ponder hard whether
> > > > you're going to break userspace if you actually start emitting them...
> > >
> > > But in any case, the FAN_ONDIR built-in filter is applicable to PRE_ACCESS.
> >
> > Well, I'm not so concerned about filtering out uninteresting events. I'm
> > more concerned about emitting the event now and figuring out later that we
> > need to emit it in different places or with some other info when actual
> > production users appear.
> >
> > But I've realized we must allow pre-content marks to be placed on dirs so
> > that such marks can be placed on parents watching children. What we'd need
> > to forbid is a combination of FAN_ONDIR and FAN_PRE_ACCESS, wouldn't we?
>
> Yes, I think that can work well for now.
>

Only it does not require only check at API time that both flags are not
set, because FAN_ONDIR can be set earlier and then FAN_PRE_ACCESS
can be added later and vice versa, so need to do this in
fanotify_may_update_existing_mark() AFAICT.

Thanks,
Amir.





[Index of Archives]     [Reiser Filesystem Development]     [Ceph FS]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite National Park]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]     [Linux Media]

  Powered by Linux