On Wed, May 22, 2019 at 11:42:01AM +0200, Jan Kara wrote:
> On Wed 22-05-19 07:57:18, Matthew Bobrowski wrote:
> > On Thu, May 16, 2019 at 10:36:32AM +0200, Jan Kara wrote:
> > > On Thu 16-05-19 08:54:37, Amir Goldstein wrote:
> > > > > Signed-off-by: Jan Kara <jack@xxxxxxx>
> > > > > ---
> > > > > fs/notify/fanotify/fanotify_user.c | 20 ++++++++++++++++++++
> > > > > 1 file changed, 20 insertions(+)
> > > > >
> > > > > diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
> > > > > index a90bb19dcfa2..73719949faa6 100644
> > > > > --- a/fs/notify/fanotify/fanotify_user.c
> > > > > +++ b/fs/notify/fanotify/fanotify_user.c
> > > > > @@ -920,6 +920,20 @@ static int fanotify_test_fid(struct path *path, __kernel_fsid_t *fsid)
> > > > > return 0;
> > > > > }
> > > > >
> > > > > +static int fanotify_events_supported(struct path *path, __u64 mask)
> > > > > +{
> > > > > + /*
> > > > > + * Proc is special and various files have special locking rules so
> > > > > + * fanotify permission events have high chances of deadlocking the
> > > > > + * system. Just disallow them.
> > > > > + */
> > > > > + if (mask & FANOTIFY_PERM_EVENTS &&
> > > > > + !strcmp(path->mnt->mnt_sb->s_type->name, "proc")) {
> > > >
> > > > Better use an SB_I_ flag to forbid permission events on fs?
> > >
> > > So checking s_type->name indeed felt dirty. I don't think we need a
> > > superblock flag though. I'll probably just go with FS_XXX flag in
> > > file_system_type.
> >
> > Would the same apply for some files that backed by sysfs and reside in
> > /sys?
>
> So far I'm not aware of similar easy to trigger deadlocks with sysfs. So I
> opted for a cautious path and disabled permission events only for proc.
> We'll see how that fares.
>
> > > > > + return -EOPNOTSUPP;
> > > >
> > > > I would go with EINVAL following precedent of per filesystem flags
> > > > check on rename(2), but not insisting.
> > >
> > > I was undecided between EOPNOTSUPP and EINVAL. So let's go with EINVAL.
> >
> > I was also thinking that EINVAL makes more sense in this particular
> > case.
>
> Good, that's what I used in v2.
>
> > > > Anyway, following Matthew's man page update for FAN_REPORT_FID,
> > > > we should also add this as reason for EOPNOTSUPP/EINVAL.
> > >
> > > Good point.
> >
> > I've followed up Michael in regards to the FAN_REPORT_FID patch series,
> > but no response as of yet. I'm happy to write the changes for this one
> > if you like?
>
> If you had time for that, that would be nice. Thanks!
Simple. I will write the changes and send it through for review.
--
Matthew Bobrowski
