[PATCH v5 0/3] mount notification

Miklos Szeredi mszeredi at redhat.com
Wed Jan 29 16:57:58 UTC 2025 

This should be ready for adding to the v6.15 queue.  I don't see the
SELinux discussion converging, so I took the simpler version out of the two
that were suggested.

Will work on adding selftests.

Thanks to everyone for the reviews!

Miklos

---
v5:
 - drop FS_MNT_CHANGE (Christian)
 - rebased on current mainline (Amir)
 - add FSNOTIFY_MNT_EVENTS (Amir)
 - change selinux permission check to FILE__WATCH_MOUNT (Paul)

v4:
  - add notification on attribute change
  - deal with two FIXMEs
  - move data and code to #ifdef CONFIG_FSNOTIFY regions
  - function renames for more consistentcy (Christian)
  - explanation comment in umount_tree() (Christian)
  - style cleanups in fanotify (Amir, Jan)
  - changed FAN_MNT_* values (Amir)

v3:
  - use a global list protected for temporarily storing (Christian)
  - move fsnotify_* calls to namespace_unlock() (Christian)
  - downgrade namespace_sem to read for fsnotify_* calls (Christian)
  - add notification for reparenting in propagate_umount (Christian)
  - require nsfs file (/proc/PID/ns/mnt) in fanotify_mark(2) (Christian)
  - cleaner check for fsnotify being initialized (Amir)
  - fix stub __fsnotify_mntns_delete (kernel test robot)
  - don't add FANOTIFY_MOUNT_EVENTS to FANOTIFY_FD_EVENTS (Amir)

v2:
  - notify for whole namespace as this seems to be what people prefer
  - move fsnotify() calls outside of mount_lock
  - only report mnt_id, not parent_id


Miklos Szeredi (3):
  fsnotify: add mount notification infrastructure
  fanotify: notify on mount attach and detach
  vfs: add notifications for mount attach and detach

 fs/mount.h                         | 26 +++++++++
 fs/namespace.c                     | 93 ++++++++++++++++++++++++++++--
 fs/notify/fanotify/fanotify.c      | 38 +++++++++++-
 fs/notify/fanotify/fanotify.h      | 18 ++++++
 fs/notify/fanotify/fanotify_user.c | 87 +++++++++++++++++++++++-----
 fs/notify/fdinfo.c                 |  5 ++
 fs/notify/fsnotify.c               | 47 ++++++++++++---
 fs/notify/fsnotify.h               | 11 ++++
 fs/notify/mark.c                   | 14 ++++-
 fs/pnode.c                         |  4 +-
 include/linux/fanotify.h           | 12 ++--
 include/linux/fsnotify.h           | 20 +++++++
 include/linux/fsnotify_backend.h   | 42 ++++++++++++++
 include/uapi/linux/fanotify.h      | 10 ++++
 security/selinux/hooks.c           |  4 ++
 15 files changed, 396 insertions(+), 35 deletions(-)

-- 
2.48.1

More information about the Linux-security-module-archive mailing list