From: Amir Goldstein <amir73il@gmail.com>
To: Al Viro <viro@zeniv.linux.org.uk>
Cc: Jan Kara <jack@suse.cz>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
LSM List <linux-security-module@vger.kernel.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
James Morris <jmorris@namei.org>,
Miklos Szeredi <miklos@szeredi.hu>,
Matthew Bobrowski <mbobrowski@mbobrowski.org>,
Kentaro Takeda <takedakn@nttdata.co.jp>,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
John Johansen <john.johansen@canonical.com>
Subject: Re: fanotify and LSM path hooks
Date: Sun, 14 Apr 2019 23:28:18 +0300 [thread overview]
Message-ID: <CAOQ4uxiXVJVV1vT-DLOJBA=u3YV8FPYKUfzaac-Y_J8wN3_tiQ@mail.gmail.com> (raw)
In-Reply-To: <20190414192601.GR2217@ZenIV.linux.org.uk>
On Sun, Apr 14, 2019 at 10:26 PM Al Viro <viro@zeniv.linux.org.uk> wrote:
>
> On Sun, Apr 14, 2019 at 09:51:38PM +0300, Amir Goldstein wrote:
>
> > But the truth is I would much rather that users have a way to mark
> > a subtree root and ask fanotify for events under that subtree.
> > As a matter of fact, I have some private POC patches that allow users to
> > setup a mark on a "subtree root" dentry, which really marks the super block
> > and keep a reference to the dentry. Than every event on that super block
> > is filtered with is_subdir() against the marked dentry.
>
> And that is_subdir() is protected by what, exactly? And what happens
> if you have many such dentries?
>
> Or, for that matter, what happens if that dentry gets invalidated?
Well, as I said, its just a POC, it only supports filtering by a single dentry
and I didn't think that was the way to go forward. I am looking for the best way
to go forward.
That's why I was looking for an API to "fence" renaming objects in/out of
of a subtree root. It sounds useful to have something like this for
containers and chroots.
Let's look at the options users have today.
Users can use recursive inotify that is racy and pins too many inodes in cache.
Users can use the new fanotify sb mark to get all events on filesystem and
filter them by path is userspace (also racy w.r.t ancestry).
I donno, maybe filtering by projid or another inherited persistent
inode property
is good enough for the existing use cases out there - this seems to be the way
ext4 is going with encrypted subtrees and case insensitive subtrees.
Thanks,
Amir.
next prev parent reply other threads:[~2019-04-14 20:28 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-14 16:04 fanotify and LSM path hooks Amir Goldstein
2019-04-14 16:39 ` Al Viro
2019-04-14 18:51 ` Amir Goldstein
2019-04-14 19:26 ` Al Viro
2019-04-14 20:28 ` Amir Goldstein [this message]
2019-04-16 15:45 ` Jan Kara
2019-04-16 18:24 ` Amir Goldstein
2019-04-17 11:30 ` Jan Kara
2019-04-17 12:14 ` Miklos Szeredi
2019-04-17 14:05 ` Jan Kara
2019-04-17 14:14 ` Miklos Szeredi
2019-04-18 10:53 ` Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOQ4uxiXVJVV1vT-DLOJBA=u3YV8FPYKUfzaac-Y_J8wN3_tiQ@mail.gmail.com' \
--to=amir73il@gmail.com \
--cc=jack@suse.cz \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mbobrowski@mbobrowski.org \
--cc=miklos@szeredi.hu \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=serge@hallyn.com \
--cc=takedakn@nttdata.co.jp \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).