[RFC/PATCH v2 bpf-next fanotify 7/7] selftests/bpf: Add test for BPF based fanotify fastpath handler
Alexei Starovoitov
alexei.starovoitov at gmail.com
Thu Nov 14 20:14:08 UTC 2024
On Thu, Nov 14, 2024 at 12:44 AM Song Liu <song at kernel.org> wrote:
>
> +
> + if (bpf_is_subdir(dentry, v->dentry))
> + ret = FAN_FP_RET_SEND_TO_USERSPACE;
> + else
> + ret = FAN_FP_RET_SKIP_EVENT;
It seems to me that all these patches and feature additions
to fanotify, new kfuncs, etc are done just to do the above
filtering by subdir ?
If so, just hard code this logic as an extra flag to fanotify ?
So it can filter all events by subdir.
bpf programmability makes sense when it needs to express
user space policy. Here it's just a filter by subdir.
bpf hammer doesn't look like the right tool for this use case.
More information about the Linux-security-module-archive
mailing list