Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp3914466iog; Tue, 28 Jun 2022 05:31:11 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tMqiC8KZL4Edh/qDBBGkzS8j6PfcnGIe1ECm2tKxKFGu1HDiKnM34Kz7Ws417HMR8uQS9t X-Received: by 2002:a17:906:4fd6:b0:70c:9284:cc01 with SMTP id i22-20020a1709064fd600b0070c9284cc01mr17811494ejw.553.1656419471651; Tue, 28 Jun 2022 05:31:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656419471; cv=none; d=google.com; s=arc-20160816; b=waN0EBpqALhtQtGOsK8wuI0PgqIeZgYtTw1mbI8budNAD8DdPB6UbACrARuU0olFz4 ywAsd4noNSWRmnForlRkgrN/ZxR7g+/eJFaXpNv5mPYeMK4X6xHBHwV22u15YHUH5puv G/X3gY+ExMjEq1Fvpad3sSk6D2xC+q3XLq7kO54NKhXJ3QmA8aZvkBlkHHZK9DBe2VDl mQP2f0VYLwmtxoqwuBBCAfe9/2XOFX1LOeGEVE447Bwoq/5WmSW3F/BY50ceLH95Cw3a VOa91v59YCe0buwmxZkmsewMbyJMTEABtGnRZ4sP2+cDne9F/tjanw8EW5+NEhuZfztm l5sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=wimQzapjci/tNxsMqKMeMRkF2V9K297VGlo0W1Odw0s=; b=Fv8ZtOhCakYREeG+hkSeX+GADffmrVJKLZzHKU1woqx4RvIc4QrA3ZREbZQGASxGwA 7p0BuPqpDf/vrLs9g2IIUPLtN7PuJ9ScjO2/LD1tsDDCOmq2+tBKMGITMv+Azj7DCPco 6icq57mvPOvc+7r2s2sb38mzkUNy8NVOM5x58kPwmok6KqKDdWQ+Sy5mjI4UswMT7rbR ZqTwvf8aaaXuT0BFKmtyTv+/1oGjMGDuLP5N7e8Wwu0sYbXoAqeV23QMg9WnR1knh7ev 6LnB++9HM3MerKsy5yImHNirY2jxq8L+rwQNFByn2LqgF8Xugb6ke8oMxaa0X4ady3M/ h1lw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=oe7PRKI+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l22-20020a170906795600b00712236ab6aasi15913245ejo.95.2022.06.28.05.30.45; Tue, 28 Jun 2022 05:31:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=oe7PRKI+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345785AbiF1M3Y (ORCPT + 99 others); Tue, 28 Jun 2022 08:29:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58308 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345652AbiF1M3W (ORCPT ); Tue, 28 Jun 2022 08:29:22 -0400 Received: from mail-vs1-xe31.google.com (mail-vs1-xe31.google.com [IPv6:2607:f8b0:4864:20::e31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 798862BB01; Tue, 28 Jun 2022 05:29:21 -0700 (PDT) Received: by mail-vs1-xe31.google.com with SMTP id e7so11803515vsp.13; Tue, 28 Jun 2022 05:29:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wimQzapjci/tNxsMqKMeMRkF2V9K297VGlo0W1Odw0s=; b=oe7PRKI+nQfRiq+ebO3duN2nfZrftuLlTCjr6lgBSjNSQaS8h/+cHLJc+TejnTrwsq 8+IuZ2Kq8RHtyxHK11Ti1kCjFw5ZIsZMpHLZeZpCuUggAoRe99pLnYVlOp1wkEkttjMD xUSsugX5IfO55tkNgQKz+/fio58csK+A9FjJBTDJvgKeoLGtiRyXzcuc0oTfQsFty1C4 FzwGK12J1XoZfww3GjIYaMqNral9EsLeVXzCIRmD22ck5nwYKQSz/7kfx5/SpYEj99V8 r+lwb5fR2ikDxoAG4j1u2nvLU7WySbqqjIei+FoYDev3tImvStK4/QJPiAWy2BdcFMPJ opFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wimQzapjci/tNxsMqKMeMRkF2V9K297VGlo0W1Odw0s=; b=p9igo+rW+6nPCa9F/XS8CRJB/eZuBjgQyYR2K3cka13qOidQohwUWFPt6QkHf3gU0o PZM9dxpJT8aUY5ZKEuM7wHFMI7UdrsrvsmI3BGo1U6pBELlE3ftFSnCnapkFuA2x0eNa QSy2ozgEm8ScKhXOWlfQmDd43bjWcMoJ68uRYafgvw0CYPsjcO2KTIbNqbQvgm6PeKZ/ hql7rLQcFSMgFA9xeQgyrsiQZm3cLb+08RSyTOXhEnWVeDrgwwXUCAmu0Bc4JHDPx6eW 6DjRBc3H2B+WVZh540aQvWx3QehZfX1SxB8fefqAnd1PTtv4kHg+KHvb/puadErLI8CU NKPw== X-Gm-Message-State: AJIora8VDxfGEsbLX5XaEAXGFcPSVMLN2CEarshv1vaTCZJr6pWDiXKT Xz59vU+bi/A5hvo4I+hzc0SMZYf7bHcloHToWe8= X-Received: by 2002:a05:6102:38c7:b0:356:4e2f:ae5b with SMTP id k7-20020a05610238c700b003564e2fae5bmr1622701vst.71.1656419360645; Tue, 28 Jun 2022 05:29:20 -0700 (PDT) MIME-Version: 1.0 References: <20220628101413.10432-1-duguoweisz@gmail.com> <20220628104528.no4jarh2ihm5gxau@quack3> <20220628104853.c3gcsvabqv2zzckd@wittgenstein> In-Reply-To: From: Amir Goldstein Date: Tue, 28 Jun 2022 15:29:08 +0300 Message-ID: Subject: Re: [PATCH 6/6] fanotify: add current_user_instances node To: guowei du Cc: Christian Brauner , Jan Kara , Matthew Bobrowski , linux-fsdevel , linux-kernel , duguowei Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 28, 2022 at 2:50 PM guowei du wrote: > > hi, Mr Kara, Mr Brauner, > > I want to know how many fanotify readers are monitoring the fs event. > If userspace daemons monitoring all file system events are too many, maybe there will be an impact on performance. > I want something else which is more than just the number of groups. I want to provide the admin the option to enumerate over all groups and list their marks and blocked events. This would be similar to listing all the fdinfo of anon_inode:[fanotify] fds of processes that initialised fanotify groups. This enumeration could be done for example in /sys/fs/fanotify/groups/ My main incentive is not only the enumeration. My main incentive is to provide an administrative interface to check for any fs operations that are currently blocked by a rogue fanotify permission events reader and an easy way for administrators to kill those rogue processes (i.e. buggy anti-malware). This interface is inspired by the ability to enumerate and abort fuse connections for rogue fuse servers. I want to do that for the existing permission events as a prerequisite to adding new blocking events to be used for implementation of hierarchical storage managers, similar the Windows ProjFs [1]. This was allegedly the intended use case for group class FAN_CLASS_PRE_CONTENT (see man page). Do you want to implement the first step of enumerating fdinfo of all groups via /sys/fs/fanotify/groups/? Jan, If you have objections to any of the ideas above please shout. I was going to prepare a roadmap for blocking events and post it for comments, but this patch triggered a heads up. Thanks, Amir. [1] https://docs.microsoft.com/en-us/windows/win32/projfs/projected-file-system