From: Amir Goldstein <amir73il@gmail.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: linux-kernel <linux-kernel@vger.kernel.org>,
stable <stable@vger.kernel.org>, Jan Kara <jack@suse.cz>
Subject: Re: [PATCH 4.9 30/30] fanotify: fix handling of events on child sub-directory
Date: Mon, 4 Feb 2019 12:48:00 +0200 [thread overview]
Message-ID: <CAOQ4uxhwxgpuzebDdqV61f2ENCVa44XiuKZmLfbnEOYZWvXrLA@mail.gmail.com> (raw)
In-Reply-To: <20190204103610.774179167@linuxfoundation.org>
On Mon, Feb 4, 2019 at 12:44 PM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
>
> 4.9-stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Amir Goldstein <amir73il@gmail.com>
>
> commit b469e7e47c8a075cc08bcd1e85d4365134bdcdd5 upstream.
>
> When an event is reported on a sub-directory and the parent inode has
> a mark mask with FS_EVENT_ON_CHILD|FS_ISDIR, the event will be sent to
> fsnotify() even if the event type is not in the parent mark mask
> (e.g. FS_OPEN).
>
> Further more, if that event happened on a mount or a filesystem with
> a mount/sb mark that does have that event type in their mask, the "on
> child" event will be reported on the mount/sb mark. That is not
> desired, because user will get a duplicate event for the same action.
>
> Note that the event reported on the victim inode is never merged with
> the event reported on the parent inode, because of the check in
> should_merge(): old_fsn->inode == new_fsn->inode.
>
> Fix this by looking for a match of an actual event type (i.e. not just
> FS_ISDIR) in parent's inode mark mask and by not reporting an "on child"
> event to group if event type is only found on mount/sb marks.
>
> [backport hint: The bug seems to have always been in fanotify, but this
> patch will only apply cleanly to v4.19.y]
>
Same comment about this backport hint being misleading in the
context of the backport patch.
> Cc: <stable@vger.kernel.org> # v4.19
> Signed-off-by: Amir Goldstein <amir73il@gmail.com>
> Signed-off-by: Jan Kara <jack@suse.cz>
> [amir: backport to v4.9]
> Signed-off-by: Amir Goldstein <amir73il@gmail.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>
> ---
> fs/notify/fsnotify.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> --- a/fs/notify/fsnotify.c
> +++ b/fs/notify/fsnotify.c
> @@ -101,9 +101,9 @@ int __fsnotify_parent(struct path *path,
> parent = dget_parent(dentry);
> p_inode = parent->d_inode;
>
> - if (unlikely(!fsnotify_inode_watches_children(p_inode)))
> + if (unlikely(!fsnotify_inode_watches_children(p_inode))) {
> __fsnotify_update_child_dentry_flags(p_inode);
> - else if (p_inode->i_fsnotify_mask & mask) {
> + } else if (p_inode->i_fsnotify_mask & mask & ~FS_EVENT_ON_CHILD) {
> struct name_snapshot name;
>
> /* we are notifying a parent so come up with the new mask which
> @@ -207,6 +207,10 @@ int fsnotify(struct inode *to_tell, __u3
> else
> mnt = NULL;
>
> + /* An event "on child" is not intended for a mount mark */
> + if (mask & FS_EVENT_ON_CHILD)
> + mnt = NULL;
> +
> /*
> * Optimization: srcu_read_lock() has a memory barrier which can
> * be expensive. It protects walking the *_fsnotify_marks lists.
>
>
next prev parent reply other threads:[~2019-02-04 11:01 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-04 10:36 [PATCH 4.9 00/30] 4.9.155-stable review Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 01/30] Fix "net: ipv4: do not handle duplicate fragments as overlapping" Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 02/30] fs: add the fsnotify call to vfs_iter_write Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 03/30] ipv6: Consider sk_bound_dev_if when binding a socket to an address Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 04/30] l2tp: copy 4 more bytes to linear part if necessary Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 05/30] net/mlx4_core: Add masking for a few queries on HCA caps Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 06/30] netrom: switch to sock timer API Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 07/30] net/rose: fix NULL ax25_cb kernel panic Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 08/30] ucc_geth: Reset BQL queue when stopping device Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 09/30] net/mlx5e: Allow MAC invalidation while spoofchk is ON Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 10/30] l2tp: remove l2specific_len dependency in l2tp_core Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 11/30] l2tp: fix reading optional fields of L2TPv3 Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 12/30] ipvlan, l3mdev: fix broken l3s mode wrt local routes Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 13/30] CIFS: Do not count -ENODATA as failure for query directory Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 14/30] fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb() Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 15/30] ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 16/30] arm64: kaslr: ensure randomized quantities are clean also when kaslr is off Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 17/30] arm64: hyp-stub: Forbid kprobing of the hyp-stub Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 18/30] arm64: hibernate: Clean the __hyp_text to PoC after resume Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 19/30] gfs2: Revert "Fix loop in gfs2_rbm_find" Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 20/30] platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK Greg Kroah-Hartman
2019-02-04 10:36 ` [PATCH 4.9 21/30] platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 22/30] mmc: sdhci-iproc: handle mmc_of_parse() errors during probe Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 23/30] kernel/exit.c: release ptraced tasks before zap_pid_ns_processes Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 24/30] mm, oom: fix use-after-free in oom_kill_process Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 25/30] mm: hwpoison: use do_send_sig_info() instead of force_sig() Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 26/30] mm: migrate: dont rely on __PageMovable() of newpage after unlocking it Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 27/30] cifs: Always resolve hostname before reconnecting Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 28/30] drivers: core: Remove glue dirs from sysfs earlier Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 29/30] fs: dont scan the inode cache before SB_BORN is set Greg Kroah-Hartman
2019-02-04 10:37 ` [PATCH 4.9 30/30] fanotify: fix handling of events on child sub-directory Greg Kroah-Hartman
2019-02-04 10:48 ` Amir Goldstein [this message]
2019-02-04 11:03 ` Greg Kroah-Hartman
2019-02-04 21:48 ` [PATCH 4.9 00/30] 4.9.155-stable review Guenter Roeck
2019-02-05 6:39 ` Naresh Kamboju
2019-02-05 11:38 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAOQ4uxhwxgpuzebDdqV61f2ENCVa44XiuKZmLfbnEOYZWvXrLA@mail.gmail.com \
--to=amir73il@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=jack@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).