When adding a super block root watch from a mount point that is not mounted
on the root of the file system, filter out events on file system objects
that happen outside this mount point directory (on non decendant objects).
This is not like FAN_MARK_MOUNT which filters only events that happened
on the mount of the mark. All events on file system objects are reported
as long as these objects are accessible from the mark mount point.
Signed-off-by: Amir Goldstein <amir73il@xxxxxxxxx>
---
fs/notify/fanotify/fanotify.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index 4b74e56..e016ade 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c
@@ -96,11 +96,12 @@ static bool fanotify_should_send_event(struct fsnotify_mark *inode_mark,
{
__u32 marks_mask, marks_ignored_mask;
const struct path *path = data;
+ struct vfsmount *mark_mnt = inode_mark ? inode_mark->mnt : NULL;
struct dentry *dentry = path->dentry;
- pr_debug("%s: inode_mark=%p vfsmnt_mark=%p mask=%x"
+ pr_debug("%s: inode_mark=%p vfsmnt_mark=%p mark_mnt=%p mask=%x"
" data_type=%d\n", __func__, inode_mark, vfsmnt_mark,
- event_mask, data_type);
+ mark_mnt, event_mask, data_type);
/* if we don't have enough info to send an event to userspace say no */
if (data_type != FSNOTIFY_EVENT_PATH &&
@@ -145,6 +146,14 @@ static bool fanotify_should_send_event(struct fsnotify_mark *inode_mark,
~marks_ignored_mask))
return false;
+ /*
+ * Only interesetd in dentry events visible from the mount
+ * from which the root watch was added
+ */
+ if (mark_mnt && mark_mnt->mnt_root != dentry &&
+ d_ancestor(mark_mnt->mnt_root, dentry) == NULL)
+ return false;
+
return true;
}
--
2.7.4
