Christian, A little while ago, Jan and I realized that an unprivileged overlayfs mount could be used to avert fanotify permission events that were requested for an inode or sb on the underlying fs. The [v1] patch set was an attempt to implement Miklos' suggestion (opt-in to query the fake path) which turned out to affet the vfs in many places, so Miklos and I agreed on a solution that will be less intrusive for vfs (opt-in to query the real path). The [v2] patch set took the less intrusive approach to vfs, but it also tried a different approach of extending the d_real() interface, which Miklos did not like. The [v3] patch goes back to the less intrusive approach to vfs without complicating d_real() interface, that Miklso and I agreed on during the [v1] patch set review, so hopefully everyone can be happy with it. This v5 patch set addresses review comments from yourself and from Christoph on [v3] and [v4]. Since the patches are 95% vfs, I think it is better if they are merged through the vfs tree. I am still hoping to solicit an ACK from Miklos on the ovl change in the last patch. Thanks, Amir. Changes since [v4]: - ACK from Jan for fsnotify patch - Do not use backing_file for cachefiles (brauner) - Consistent naming scheme *_*file_open() (brauner) - Split patches and better documentation (hch) Changes since [v3]: - Rename struct file_fake to backing_file - Rename helpers to open_backing_file(), backing_file_real_path() - Rename FMODE_FAKE_PATH to FMODE_BACKING - Separate flag from FMODE_NOACCOUNT - inline the fast-path branch of f_real_path() Changes since [v2]: - Restore the file_fake container (Miklos) - Re-arrange the v1 helpers (Christian) Changes since [v1]: - Drop the file_fake container - Leave f_path fake and special case only fsnotify [v4] https://lore.kernel.org/linux-unionfs/20230614074907.1943007-1-amir73il@xxxxxxxxx/ [v3] https://lore.kernel.org/linux-unionfs/20230611194706.1583818-1-amir73il@xxxxxxxxx/ [v2] https://lore.kernel.org/linux-unionfs/20230611132732.1502040-1-amir73il@xxxxxxxxx/ [v1] https://lore.kernel.org/linux-unionfs/20230609073239.957184-1-amir73il@xxxxxxxxx/ Amir Goldstein (5): fs: rename {vfs,kernel}_tmpfile_open() fs: use a helper for opening kernel internal files fs: move kmem_cache_zalloc() into alloc_empty_file*() helpers fs: use backing_file container for internal files with "fake" f_path ovl: enable fsnotify events on underlying real files fs/cachefiles/namei.c | 10 ++--- fs/file_table.c | 91 ++++++++++++++++++++++++++++++++-------- fs/internal.h | 5 ++- fs/namei.c | 24 ++++++----- fs/open.c | 75 ++++++++++++++++++++++++++++----- fs/overlayfs/file.c | 8 ++-- fs/overlayfs/overlayfs.h | 5 ++- include/linux/fs.h | 32 ++++++++++---- include/linux/fsnotify.h | 3 +- 9 files changed, 192 insertions(+), 61 deletions(-) -- 2.34.1
