Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp8609028ybi;
        Thu, 6 Jun 2019 15:48:05 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwqAjG1DQawHoo1E55L2186zNfYQ45Y43nK12q6iAhBAdrHCnq7P/YJyvBTiqEw42shvubQ
X-Received: by 2002:a17:90a:2627:: with SMTP id l36mr2273318pje.71.1559861285097;
        Thu, 06 Jun 2019 15:48:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1559861285; cv=none;
        d=google.com; s=arc-20160816;
        b=KWY9jBzi8MDndn2TP7asRHvkkxq70v5Vf+367YaFKdtse+k7FIZ8qTmtxRFiVwYv+h
         9B+BQNWXTBi6fBksuo/278pNvz0r3guOYEX8hLbDstme7kiHcsJtsH04zBUzg/x806Iy
         Vdmbq5m+Sy29lcTcdN6ih+Qe9B/mx3rq7+gbIv3+P05oip1gi8IwnH+Ly98jmUs4KwYJ
         gYXntghQ7J9gBOMgaWjcRohgQVs1PChcnfLYWh0howZGQ4QAMRHG6yknOYSnH/5u6UlZ
         MuorpOVvS6wqZynUQ8gDrnsu3GQjo7KDUD8I4feKpGHxdC8AryCXIim5ER5ZTC7H93Qh
         qGtQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version:dkim-signature;
        bh=KsNX6r5jKFOtQ4lc+eGRV9xmq07Fm18WJPMjS5Z5MPI=;
        b=pL5L+uR5NIgZVWY8Ozszy985B09x529oQXMOdFUZI1A568mcLAKF+lGvwEiURUgA1/
         uXllSXL89X9vQ6cKvn1L8ciIcN8B74EBzy1E/MsCRI99Zno6RgyBO9gFH4Z0KxaW/ugI
         krNqWMhwymKevhlmaYLjwtH7mOaJr+BeaWIEcf4dX8idKT5fKFAA/VIpY4zXojM0fXW6
         21bfuYFDSM0xhLT2YTKRdZWssGJVkXxTcabVRHHwWhN9WAxwRm1g7NWxxfnX+j4gtJUh
         dhn5D8noODt8rzLEXveWDCmX4HQwYMec1YvPjREqV4CEfl6z5TsXpiOo67RVqmcWBrlw
         ESVA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=PTRK9vmn;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p5si289726plk.244.2019.06.06.15.47.49;
        Thu, 06 Jun 2019 15:48:05 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=PTRK9vmn;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726881AbfFFWmJ (ORCPT <rfc822;busarih159@gmail.com>
        + 99 others); Thu, 6 Jun 2019 18:42:09 -0400
Received: from mail-pl1-f194.google.com ([209.85.214.194]:39547 "EHLO
        mail-pl1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727941AbfFFWmI (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 6 Jun 2019 18:42:08 -0400
Received: by mail-pl1-f194.google.com with SMTP id g9so14646plm.6
        for <linux-kernel@vger.kernel.org>; Thu, 06 Jun 2019 15:42:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=amacapital-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=KsNX6r5jKFOtQ4lc+eGRV9xmq07Fm18WJPMjS5Z5MPI=;
        b=PTRK9vmnWT/g5Zr13QQRSUiVwS2KbOUvsIl2db/P+q1I8gaxTF0N84zr8YwVEVwyxL
         1NzQ2DkAwfGv9hZcClcYfEqM1HX4/V4oVt7BdvmPoDazbYJaYLaMcEgjqlu3Uxg1/kb6
         n0eSP40bYpV5/gjNcG4y1fCKV7DSQn/yW9xDmUx9Ci2PbXiBlSy78NzILgwdl+f8NyvE
         QHEZasQgWh4BfDBUTRa2NVTPuoEkWz/LBCpTMu6QgdK6y15/L78uij70co/ARlFW4kUV
         2/KU00Eq47kw3ycEMGuxqu3uund8p1OPBUVsgPHr7HpKOu4Wc1yJ02Ts2iR7g1aSpMO4
         smRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=KsNX6r5jKFOtQ4lc+eGRV9xmq07Fm18WJPMjS5Z5MPI=;
        b=WPFynImyoIdF2NvoCBE+zAjDs6wda8IRfIGk0sqFj/A21ltoLJgFXLGDsREVEMN1Ew
         0y4mxoaRVTF0T6IAjBNxaVq3o2Tsvtq2ZVHytUwLSH7lwK/c4nfBN1nruOlrrOZf5tNT
         w6ises0i1LmNmGYTDm6LCQciJoqu0h/E8yAywOHL90wwHhYpWXxcg4md49AkJ4zYiQON
         KcSlEfJProTDK7ZOVUQ1Gm9mgublPlvQbTaZQhRK9wUpm/xoctuQGzTi9GNfDlZIBIBS
         RgCvPtMMjo65TbxfRydlQF7SIjyziEowLsLi/WqvSG+Z4X6AXjVtQjxlVls19fVFMgbn
         VGlw==
X-Gm-Message-State: APjAAAXHG8hrstfq3YGkljjbSvKxGqCmuFSXsys7TFbLFmsnooRrfjWl
        rpvZhru3kfDRFYMlBuhANAgo0w==
X-Received: by 2002:a17:902:8d89:: with SMTP id v9mr33641433plo.99.1559860927859;
        Thu, 06 Jun 2019 15:42:07 -0700 (PDT)
Received: from ?IPv6:2601:646:c200:1ef2:1d20:2c9f:a1b0:7165? ([2601:646:c200:1ef2:1d20:2c9f:a1b0:7165])
        by smtp.gmail.com with ESMTPSA id x66sm167031pfx.139.2019.06.06.15.42.06
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 06 Jun 2019 15:42:07 -0700 (PDT)
Content-Type: text/plain;
        charset=utf-8
Mime-Version: 1.0 (1.0)
Subject: Re: [RFC][PATCH 00/10] Mount, FS, Block and Keyrings notifications [ver #3]
From:   Andy Lutomirski <luto@amacapital.net>
X-Mailer: iPhone Mail (16F203)
In-Reply-To: <30567.1559860681@warthog.procyon.org.uk>
Date:   Thu, 6 Jun 2019 15:42:06 -0700
Cc:     Andy Lutomirski <luto@kernel.org>,
        Casey Schaufler <casey@schaufler-ca.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        USB list <linux-usb@vger.kernel.org>, raven@themaw.net,
        Linux FS Devel <linux-fsdevel@vger.kernel.org>,
        Linux API <linux-api@vger.kernel.org>,
        linux-block@vger.kernel.org, keyrings@vger.kernel.org,
        LSM List <linux-security-module@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Paul Moore <paul@paul-moore.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <D2BD8FEB-5DF5-449B-AF81-83BA65E0E643@amacapital.net>
References: <AD7898AE-B92C-4DE6-B895-7116FEDB3091@amacapital.net> <CALCETrVuNRPgEzv-XY4M9m6sEsCiRHxPenN_MpcMYc1h26vVwQ@mail.gmail.com> <b91710d8-cd2d-6b93-8619-130b9d15983d@tycho.nsa.gov> <155981411940.17513.7137844619951358374.stgit@warthog.procyon.org.uk> <3813.1559827003@warthog.procyon.org.uk> <8382af23-548c-f162-0e82-11e308049735@tycho.nsa.gov> <0eb007c5-b4a0-9384-d915-37b0e5a158bf@schaufler-ca.com> <c82052e5-ca11-67b5-965e-8f828081f31c@tycho.nsa.gov> <07e92045-2d80-8573-4d36-643deeaff9ec@schaufler-ca.com> <23611.1559855827@warthog.procyon.org.uk> <30567.1559860681@warthog.procyon.org.uk>
To:     David Howells <dhowells@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



> On Jun 6, 2019, at 3:38 PM, David Howells <dhowells@redhat.com> wrote:
>=20
> Andy Lutomirski <luto@amacapital.net> wrote:
>=20
>> I mean: are there cases where some action generates a notification but do=
es
>> not otherwise have an effect visible to the users who can receive the
>> notification. It looks like the answer is probably =E2=80=9Cno=E2=80=9D, w=
hich is good.
>=20
> mount_notify().  You can get a notification that someone altered the mount=

> topology (eg. by mounting something).  A process receiving a notification
> could then use fsinfo(), say, to reread the mount topology tree, find out
> where the new mount is and wander over there to have a look - assuming the=
y
> have the permissions for pathwalk to succeed.
>=20
>=20

They can call fsinfo() anyway, or just read /proc/self/mounts. As far as I=E2=
=80=99m concerned, if you have CAP_SYS_ADMIN over a mount namespace and LSM p=
olicy lets you mount things, the of course you can get information to basica=
lly anyone who can use that mount namespace.=