Re: [malware-list] A few concerns about fanotify implementation.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2010-10-26 at 15:22 +0100, Tvrtko Ursulin wrote:
> On Tuesday 26 Oct 2010 14:58:34 Vasily Novikov wrote:
> > > > 2. As I understood it was intended to flush cache via FAN_MARK_FLUSH
> > > > flag but it is currently disabled and there is no notion about it in
> > > > the man page. There are cases when it is necessary to flush all cache,
> > > > for example on anti-malware bases update.
> > >
> > > Where do you see this as disabled?
> >
> > In fanotify_mark syscall flags argument is checked and if FAN_MARK_FLUSH
> > bit is set then EINVAL error is returned.
> 
> [snip]
> 
> >     40  #define FAN_ALL_MARK_FLAGS      (FAN_MARK_ADD |\
> >     41                                   FAN_MARK_REMOVE |\
> >     42                                   FAN_MARK_DONT_FOLLOW |\
> >     43                                   FAN_MARK_ONLYDIR |\
> >     44                                   FAN_MARK_MOUNT |\
> >     45                                   FAN_MARK_IGNORED_MASK |\
> >     46                                   FAN_MARK_IGNORED_SURV_MODIFY)
> >
> > fs/notify/fanotify/fanotify_user.c:
> >    678  SYSCALL_DEFINE(fanotify_mark)(int fanotify_fd, unsigned int
> > flags,
> >    679                                __u64 mask, int dfd,
> >    680                                const char  __user * pathname)
> >    ...
> >    696          if (flags & ~FAN_ALL_MARK_FLAGS)
> >    697                  return -EINVAL;
> 
> You are right. I suspect it is just an accidental omission of FAN_MARK_FLUSH
> from FAN_ALL_MARK_FLAGS. Eric would probably appreciate if you send him a
> patch for this since he is quite busy these days.

I actually started to get the fanotify tree into order last night.  I'll
try to address all of your comments and send my series of patches today.
Thanks SOOOOOOOOOO much for the review!

-Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux