Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp3417389iob; Mon, 16 May 2022 22:35:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxmb4WwRC9etwqByIkhE/OcyCUTwXKD9X8hfsj8DOE9LxyqwcS0ftaYCcPu8kLynRDEETWg X-Received: by 2002:a05:6a00:298a:b0:50e:8e3:b673 with SMTP id cj10-20020a056a00298a00b0050e08e3b673mr20686556pfb.28.1652765702097; Mon, 16 May 2022 22:35:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652765702; cv=none; d=google.com; s=arc-20160816; b=vkDU6DvOLea+aqK/ch5t4oWg3+HLA40JyA9NHvnrR607Klz9TWCpypqfiE75xgW2iE bQPXp26Brk2RlZDUnOFbv/NuLODTltWC1il2w3Qgrinv9q2EPTXNW0gq238CQM5GqxwD V/3OVEIxITAVEnBNf7W+YKBrks3t/le/bHp6YWEjYFeK/pJpTiVDo2Cd8cK83ekrq38Z dZK52doGrFiXxBF7rs4eh+c4OEvgddLjhwHaqKprkbGdjtw9kKYV8KyvUZ+K+bPyZzf0 2+XtLUdyX7NMy4ZgZ4o4OuTAQx4/8Y/dEAnPPWl0Bwdmd5+l0EeYnLJcqkbh+efOZZ1G zmEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ClZIFGyD6HKniMmljlvhlfrYl2oVFQTP8LO7iGT6TQA=; b=H3hru1++aFVq9HSnvPfwgiD3chJsEK1qGpIQ7QefCGyUPeOrtDnWM2dY6lPSFyhKMP JOQdleCmjL+Vb93Cm8wlpdSp2VryNRym/0cb4jh0gBSkhjWc4MfMepFyE+9JAXzzr+tB wt+17P0jCJv02wuRZriGuJonGq/YvYpsYYnLtsHG2TFwMNXFezNS4JnhLhKHa1qZO5zR bhaOQdsXEc99IKXJMZeJpMwGuk9DYIIqtzQG2eI0lEAZ0JQjycsvBdM9Ovnp2JBy+zEo ogM4BQyhN0sxYir1jVdprOEP7/IOdsRNFzLcHsNp/IhkYatSZqKPCSYD4Kv+Rab6LNHY 0pFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=gDKRnIbW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ja21-20020a170902efd500b00153b2d165ecsi8894497plb.500.2022.05.16.22.34.50; Mon, 16 May 2022 22:35:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=gDKRnIbW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347731AbiEPU3x (ORCPT + 99 others); Mon, 16 May 2022 16:29:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56562 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1350201AbiEPUAz (ORCPT ); Mon, 16 May 2022 16:00:55 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DD33246664; Mon, 16 May 2022 12:55:03 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 5DEA5B81614; Mon, 16 May 2022 19:54:10 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7B74AC385AA; Mon, 16 May 2022 19:54:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1652730849; bh=jyDIdAd6VRulWWPBhtTgE5U6lZXpOkTszQqFD/Gx1q0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gDKRnIbW1EMNF2zymjDAxYvKiYCpsOsRtZxI8CSKz1amqG37G4zuUTGKpueiBibEE 9WdjZ/Db4v9AJKgTCH1kENic00HFibkn4J6boC+KmRdD9OCZfVIJNGhZafurJGxmbK UUCMdPpZfwf7IpKmUn8cWCfbznXzDHnu1dNCisL4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Amir Goldstein , Jan Kara , Sasha Levin Subject: [PATCH 5.17 024/114] fanotify: do not allow setting dirent events in mask of non-dir Date: Mon, 16 May 2022 21:35:58 +0200 Message-Id: <20220516193626.187066736@linuxfoundation.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220516193625.489108457@linuxfoundation.org> References: <20220516193625.489108457@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Amir Goldstein [ Upstream commit ceaf69f8eadcafb323392be88e7a5248c415d423 ] Dirent events (create/delete/move) are only reported on watched directory inodes, but in fanotify as well as in legacy inotify, it was always allowed to set them on non-dir inode, which does not result in any meaningful outcome. Until kernel v5.17, dirent events in fanotify also differed from events "on child" (e.g. FAN_OPEN) in the information provided in the event. For example, FAN_OPEN could be set in the mask of a non-dir or the mask of its parent and event would report the fid of the child regardless of the marked object. By contrast, FAN_DELETE is not reported if the child is marked and the child fid was not reported in the events. Since kernel v5.17, with fanotify group flag FAN_REPORT_TARGET_FID, the fid of the child is reported with dirent events, like events "on child", which may create confusion for users expecting the same behavior as events "on child" when setting events in the mask on a child. The desired semantics of setting dirent events in the mask of a child are not clear, so for now, deny this action for a group initialized with flag FAN_REPORT_TARGET_FID and for the new event FAN_RENAME. We may relax this restriction in the future if we decide on the semantics and implement them. Fixes: d61fd650e9d2 ("fanotify: introduce group flag FAN_REPORT_TARGET_FID") Fixes: 8cc3b1ccd930 ("fanotify: wire up FAN_RENAME event") Link: https://lore.kernel.org/linux-fsdevel/20220505133057.zm5t6vumc4xdcnsg@quack3.lan/ Signed-off-by: Amir Goldstein Signed-off-by: Jan Kara Link: https://lore.kernel.org/r/20220507080028.219826-1-amir73il@gmail.com Signed-off-by: Sasha Levin --- fs/notify/fanotify/fanotify_user.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 2ff6bd85ba8f..f2a1947ec5ee 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -1638,6 +1638,19 @@ static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask, else mnt = path.mnt; + /* + * FAN_RENAME is not allowed on non-dir (for now). + * We shouldn't have allowed setting any dirent events in mask of + * non-dir, but because we always allowed it, error only if group + * was initialized with the new flag FAN_REPORT_TARGET_FID. + */ + ret = -ENOTDIR; + if (inode && !S_ISDIR(inode->i_mode) && + ((mask & FAN_RENAME) || + ((mask & FANOTIFY_DIRENT_EVENTS) && + FAN_GROUP_FLAG(group, FAN_REPORT_TARGET_FID)))) + goto path_put_and_out; + /* Mask out FAN_EVENT_ON_CHILD flag for sb/mount/non-dir marks */ if (mnt || !S_ISDIR(inode->i_mode)) { mask &= ~FAN_EVENT_ON_CHILD; -- 2.35.1