From: David Howells <dhowells@redhat.com>
To: viro@zeniv.linux.org.uk
Cc: dhowells@redhat.com, Casey Schaufler <casey@schaufler-ca.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
nicolas.dichtel@6wind.com, raven@themaw.net,
Christian Brauner <christian@brauner.io>,
dhowells@redhat.com, keyrings@vger.kernel.org,
linux-usb@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org,
linux-block@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 0/6] Mount and superblock notifications [ver #5]
Date: Fri, 28 Jun 2019 16:50:13 +0100 [thread overview]
Message-ID: <156173701358.15650.8735203424342507015.stgit@warthog.procyon.org.uk> (raw)
Here's a set of patches to adds VFS-related watches to the general
notification system to add sources of events for:
(1) Mount topology events, such as mounting, unmounting, mount expiry,
mount reconfiguration.
(2) Superblock events, such as R/W<->R/O changes, quota overrun and I/O
errors (not complete yet).
One of the reasons for this is so that we can remove the issue of processes
having to repeatedly and regularly scan /proc/mounts, which has proven to
be a system performance problem. To further aid this, the fsinfo() syscall
on which this patch series depends, provides a way to access superblock and
mount information in binary form without the need to parse /proc/mounts.
LSM hooks are included are provided that allow an LSM to rule on whether or
not a watch may be set. Each of these hooks takes a different "watched
object" parameter, so they're not really shareable. The LSM should use
current's credentials. [Wanted by SELinux & Smack]
Watches are created with:
watch_mount(AT_FDCWD, "/", 0, fd, 0x03);
watch_sb(AT_FDCWD, "/mnt", 0, fd, 0x04);
where in all three cases, fd indicates the queue and the number after is a
tag between 0 and 255.
Further things that could be considered:
(1) Adding global superblock event queue.
(2) Propagating watches to child superblock over automounts.
The patches can be found here also:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=notifications
Changes:
ver #5:
(*) The superblock watch and mount watch parts are split out into this set
from the core branch (notifications-core) as it depends on fsinfo().
David
---
David Howells (6):
security: Add hooks to rule on setting a superblock or mount watch
Adjust watch_queue documentation to mention mount and superblock watches.
vfs: Add a mount-notification facility
vfs: Add superblock notifications
fsinfo: Export superblock notification counter
Add sample notification program
Documentation/watch_queue.rst | 20 +++
arch/alpha/kernel/syscalls/syscall.tbl | 2
arch/arm/tools/syscall.tbl | 2
arch/arm64/include/asm/unistd.h | 2
arch/ia64/kernel/syscalls/syscall.tbl | 2
arch/m68k/kernel/syscalls/syscall.tbl | 2
arch/microblaze/kernel/syscalls/syscall.tbl | 2
arch/mips/kernel/syscalls/syscall_n32.tbl | 2
arch/mips/kernel/syscalls/syscall_n64.tbl | 2
arch/mips/kernel/syscalls/syscall_o32.tbl | 2
arch/parisc/kernel/syscalls/syscall.tbl | 2
arch/powerpc/kernel/syscalls/syscall.tbl | 2
arch/s390/kernel/syscalls/syscall.tbl | 2
arch/sh/kernel/syscalls/syscall.tbl | 2
arch/sparc/kernel/syscalls/syscall.tbl | 2
arch/x86/entry/syscalls/syscall_32.tbl | 2
arch/x86/entry/syscalls/syscall_64.tbl | 2
arch/xtensa/kernel/syscalls/syscall.tbl | 2
drivers/misc/Kconfig | 5 -
fs/Kconfig | 21 +++
fs/Makefile | 1
fs/fsinfo.c | 12 ++
fs/mount.h | 33 +++--
fs/mount_notify.c | 188 +++++++++++++++++++++++++++
fs/namespace.c | 16 ++
fs/super.c | 126 ++++++++++++++++++
include/linux/dcache.h | 1
include/linux/fs.h | 78 +++++++++++
include/linux/lsm_hooks.h | 16 ++
include/linux/security.h | 10 +
include/linux/syscalls.h | 4 +
include/uapi/asm-generic/unistd.h | 6 +
include/uapi/linux/fsinfo.h | 10 +
include/uapi/linux/watch_queue.h | 61 +++++++++
kernel/sys_ni.c | 2
samples/vfs/test-fsinfo.c | 13 ++
samples/watch_queue/watch_test.c | 76 +++++++++++
security/security.c | 10 +
38 files changed, 722 insertions(+), 21 deletions(-)
create mode 100644 fs/mount_notify.c
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com>
To: viro@zeniv.linux.org.uk
Cc: dhowells@redhat.com, Casey Schaufler <casey@schaufler-ca.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
nicolas.dichtel@6wind.com, raven@themaw.net,
Christian Brauner <christian@brauner.io>dhowells@redhat.com,
keyrings@vger.kernel.org, linux-usb@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fsdevel@vger.kernel.org,
linux-api@vger.kernel.org@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 0/6] Mount and superblock notifications [ver #5]
Date: Fri, 28 Jun 2019 15:50:13 +0000 [thread overview]
Message-ID: <156173701358.15650.8735203424342507015.stgit@warthog.procyon.org.uk> (raw)
Here's a set of patches to adds VFS-related watches to the general
notification system to add sources of events for:
(1) Mount topology events, such as mounting, unmounting, mount expiry,
mount reconfiguration.
(2) Superblock events, such as R/W<->R/O changes, quota overrun and I/O
errors (not complete yet).
One of the reasons for this is so that we can remove the issue of processes
having to repeatedly and regularly scan /proc/mounts, which has proven to
be a system performance problem. To further aid this, the fsinfo() syscall
on which this patch series depends, provides a way to access superblock and
mount information in binary form without the need to parse /proc/mounts.
LSM hooks are included are provided that allow an LSM to rule on whether or
not a watch may be set. Each of these hooks takes a different "watched
object" parameter, so they're not really shareable. The LSM should use
current's credentials. [Wanted by SELinux & Smack]
Watches are created with:
watch_mount(AT_FDCWD, "/", 0, fd, 0x03);
watch_sb(AT_FDCWD, "/mnt", 0, fd, 0x04);
where in all three cases, fd indicates the queue and the number after is a
tag between 0 and 255.
Further things that could be considered:
(1) Adding global superblock event queue.
(2) Propagating watches to child superblock over automounts.
The patches can be found here also:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=notifications
Changes:
ver #5:
(*) The superblock watch and mount watch parts are split out into this set
from the core branch (notifications-core) as it depends on fsinfo().
David
---
David Howells (6):
security: Add hooks to rule on setting a superblock or mount watch
Adjust watch_queue documentation to mention mount and superblock watches.
vfs: Add a mount-notification facility
vfs: Add superblock notifications
fsinfo: Export superblock notification counter
Add sample notification program
Documentation/watch_queue.rst | 20 +++
arch/alpha/kernel/syscalls/syscall.tbl | 2
arch/arm/tools/syscall.tbl | 2
arch/arm64/include/asm/unistd.h | 2
arch/ia64/kernel/syscalls/syscall.tbl | 2
arch/m68k/kernel/syscalls/syscall.tbl | 2
arch/microblaze/kernel/syscalls/syscall.tbl | 2
arch/mips/kernel/syscalls/syscall_n32.tbl | 2
arch/mips/kernel/syscalls/syscall_n64.tbl | 2
arch/mips/kernel/syscalls/syscall_o32.tbl | 2
arch/parisc/kernel/syscalls/syscall.tbl | 2
arch/powerpc/kernel/syscalls/syscall.tbl | 2
arch/s390/kernel/syscalls/syscall.tbl | 2
arch/sh/kernel/syscalls/syscall.tbl | 2
arch/sparc/kernel/syscalls/syscall.tbl | 2
arch/x86/entry/syscalls/syscall_32.tbl | 2
arch/x86/entry/syscalls/syscall_64.tbl | 2
arch/xtensa/kernel/syscalls/syscall.tbl | 2
drivers/misc/Kconfig | 5 -
fs/Kconfig | 21 +++
fs/Makefile | 1
fs/fsinfo.c | 12 ++
fs/mount.h | 33 +++--
fs/mount_notify.c | 188 +++++++++++++++++++++++++++
fs/namespace.c | 16 ++
fs/super.c | 126 ++++++++++++++++++
include/linux/dcache.h | 1
include/linux/fs.h | 78 +++++++++++
include/linux/lsm_hooks.h | 16 ++
include/linux/security.h | 10 +
include/linux/syscalls.h | 4 +
include/uapi/asm-generic/unistd.h | 6 +
include/uapi/linux/fsinfo.h | 10 +
include/uapi/linux/watch_queue.h | 61 +++++++++
kernel/sys_ni.c | 2
samples/vfs/test-fsinfo.c | 13 ++
samples/watch_queue/watch_test.c | 76 +++++++++++
security/security.c | 10 +
38 files changed, 722 insertions(+), 21 deletions(-)
create mode 100644 fs/mount_notify.c
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com>
To: viro@zeniv.linux.org.uk
Cc: dhowells@redhat.com, Casey Schaufler <casey@schaufler-ca.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
nicolas.dichtel@6wind.com, raven@themaw.net,
Christian Brauner <christian@brauner.io>dhowells@redhat.com,
keyrings@vger.kernel.org, linux-usb@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org,
linux-block@vger.kernel.orglinux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH 0/6] Mount and superblock notifications [ver #5]
Date: Fri, 28 Jun 2019 16:50:13 +0100 [thread overview]
Message-ID: <156173701358.15650.8735203424342507015.stgit@warthog.procyon.org.uk> (raw)
Here's a set of patches to adds VFS-related watches to the general
notification system to add sources of events for:
(1) Mount topology events, such as mounting, unmounting, mount expiry,
mount reconfiguration.
(2) Superblock events, such as R/W<->R/O changes, quota overrun and I/O
errors (not complete yet).
One of the reasons for this is so that we can remove the issue of processes
having to repeatedly and regularly scan /proc/mounts, which has proven to
be a system performance problem. To further aid this, the fsinfo() syscall
on which this patch series depends, provides a way to access superblock and
mount information in binary form without the need to parse /proc/mounts.
LSM hooks are included are provided that allow an LSM to rule on whether or
not a watch may be set. Each of these hooks takes a different "watched
object" parameter, so they're not really shareable. The LSM should use
current's credentials. [Wanted by SELinux & Smack]
Watches are created with:
watch_mount(AT_FDCWD, "/", 0, fd, 0x03);
watch_sb(AT_FDCWD, "/mnt", 0, fd, 0x04);
where in all three cases, fd indicates the queue and the number after is a
tag between 0 and 255.
Further things that could be considered:
(1) Adding global superblock event queue.
(2) Propagating watches to child superblock over automounts.
The patches can be found here also:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=notifications
Changes:
ver #5:
(*) The superblock watch and mount watch parts are split out into this set
from the core branch (notifications-core) as it depends on fsinfo().
David
---
David Howells (6):
security: Add hooks to rule on setting a superblock or mount watch
Adjust watch_queue documentation to mention mount and superblock watches.
vfs: Add a mount-notification facility
vfs: Add superblock notifications
fsinfo: Export superblock notification counter
Add sample notification program
Documentation/watch_queue.rst | 20 +++
arch/alpha/kernel/syscalls/syscall.tbl | 2
arch/arm/tools/syscall.tbl | 2
arch/arm64/include/asm/unistd.h | 2
arch/ia64/kernel/syscalls/syscall.tbl | 2
arch/m68k/kernel/syscalls/syscall.tbl | 2
arch/microblaze/kernel/syscalls/syscall.tbl | 2
arch/mips/kernel/syscalls/syscall_n32.tbl | 2
arch/mips/kernel/syscalls/syscall_n64.tbl | 2
arch/mips/kernel/syscalls/syscall_o32.tbl | 2
arch/parisc/kernel/syscalls/syscall.tbl | 2
arch/powerpc/kernel/syscalls/syscall.tbl | 2
arch/s390/kernel/syscalls/syscall.tbl | 2
arch/sh/kernel/syscalls/syscall.tbl | 2
arch/sparc/kernel/syscalls/syscall.tbl | 2
arch/x86/entry/syscalls/syscall_32.tbl | 2
arch/x86/entry/syscalls/syscall_64.tbl | 2
arch/xtensa/kernel/syscalls/syscall.tbl | 2
drivers/misc/Kconfig | 5 -
fs/Kconfig | 21 +++
fs/Makefile | 1
fs/fsinfo.c | 12 ++
fs/mount.h | 33 +++--
fs/mount_notify.c | 188 +++++++++++++++++++++++++++
fs/namespace.c | 16 ++
fs/super.c | 126 ++++++++++++++++++
include/linux/dcache.h | 1
include/linux/fs.h | 78 +++++++++++
include/linux/lsm_hooks.h | 16 ++
include/linux/security.h | 10 +
include/linux/syscalls.h | 4 +
include/uapi/asm-generic/unistd.h | 6 +
include/uapi/linux/fsinfo.h | 10 +
include/uapi/linux/watch_queue.h | 61 +++++++++
kernel/sys_ni.c | 2
samples/vfs/test-fsinfo.c | 13 ++
samples/watch_queue/watch_test.c | 76 +++++++++++
security/security.c | 10 +
38 files changed, 722 insertions(+), 21 deletions(-)
create mode 100644 fs/mount_notify.c
next reply other threads:[~2019-06-28 15:50 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-28 15:50 David Howells [this message]
2019-06-28 15:50 ` [PATCH 0/6] Mount and superblock notifications [ver #5] David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:50 ` [PATCH 1/6] security: Add hooks to rule on setting a superblock or mount watch " David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:50 ` David Howells
2019-07-12 20:11 ` James Morris
2019-07-12 20:11 ` James Morris
2019-07-12 20:11 ` James Morris
2019-06-28 15:50 ` [PATCH 2/6] Adjust watch_queue documentation to mention mount and superblock watches. " David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:50 ` David Howells
2019-07-01 2:59 ` Randy Dunlap
2019-07-01 2:59 ` Randy Dunlap
2019-07-01 8:52 ` David Howells
2019-07-01 8:52 ` David Howells
2019-07-01 14:52 ` Randy Dunlap
2019-07-01 14:52 ` Randy Dunlap
2019-06-28 15:50 ` [PATCH 3/6] vfs: Add a mount-notification facility " David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:50 ` [PATCH 4/6] vfs: Add superblock notifications " David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:50 ` David Howells
2019-06-28 15:51 ` [PATCH 5/6] fsinfo: Export superblock notification counter " David Howells
2019-06-28 15:51 ` David Howells
2019-06-28 15:51 ` David Howells
2019-06-28 15:51 ` [PATCH 6/6] Add sample notification program " David Howells
2019-06-28 15:51 ` David Howells
2019-06-28 15:51 ` David Howells
2019-06-28 16:47 ` [PATCH 0/6] Mount and superblock notifications " David Howells
2019-06-28 16:47 ` David Howells
2019-06-28 16:47 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=156173701358.15650.8735203424342507015.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=casey@schaufler-ca.com \
--cc=christian@brauner.io \
--cc=gregkh@linuxfoundation.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=nicolas.dichtel@6wind.com \
--cc=raven@themaw.net \
--cc=sds@tycho.nsa.gov \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.