Received: by 2002:a05:7412:8521:b0:e2:908c:2ebd with SMTP id t33csp2496877rdf; Mon, 6 Nov 2023 16:48:03 -0800 (PST) X-Google-Smtp-Source: AGHT+IGFCANX+aFIuKE8puwBj+FZxZ8pu1msZ3cyZF/wKly0hyFB6YmmzSafoeR/5mcI+2DyEkYw X-Received: by 2002:a05:6358:91a8:b0:16b:6ea4:d71d with SMTP id j40-20020a05635891a800b0016b6ea4d71dmr3732033rwa.26.1699318083015; Mon, 06 Nov 2023 16:48:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1699318082; cv=none; d=google.com; s=arc-20160816; b=wEMn5UckSxtOe66qP22v9AiwMc2wMm5VerikwlsKk60yXNvWOUU+tf9Lj2+Df2F5YM LcwJ1gSFSvylRvBNI6ss8nSkU1ydO4crC7BKF0MhrYI1J0xw2WU9fJgd3yxaGqhbwT7K q0HlRmEPStsDQ7p7VXLH0BawG9ZzNC1F48GJRKR33KbXgJAZ7fJSB0MFgPfw3MMDGL3b DIDmNslFwf2H/FAJnRSMP/EQjwgj8OLLs78pchKX120g/R8vL23VJ9WkD/uKfM7VitzQ gEGIAD5GyKjkawynek1Mw57x5/SkrJ4CeQbXXACX1boAkLDNPMiey9fE83RZ5P7Bru33 XRZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:subject :from:references:cc:to:content-language:user-agent:mime-version:date :message-id:feedback-id:dkim-signature:dkim-signature; bh=Gw31p/x43vdxiXCzPMnjFbRQKL2XYHOsIr+oWsxF2fE=; fh=IALw+sIx69QRmid8odmYjssYgm8nDNVLM3c8Yu6K+A0=; b=WAMw26EgEdRjmymLJOoMKOC6pxzvhq1TbxgO9uJB0pPlmPWnPl6vQQZ+aYApuiNOaY dcVwVk00y8mMF5iTIX9JYWbFiw5THTfs7mvvR5dc1zixJQ1kF48T70hJ3BbfCha0ANsR xQ+3SGvh91RD6vyZwGIH3+36gMjISXkL9sKz4qvAlbuf+pZRCGZmLZ6vH+Lnr1Ej1TMw WaJbc8t1ZpNQ4IxHTmP1jc8bKNi7QRYWAQbE1S7Z7ZKTLJVoh70XPUdZEag5ddfF5pLB d6PcaEZBHD0xBP3yODSMEoFlpMnylOslEcSO/hn0Bf54kvu8ln/v8bXaQVuuUQCzsoBP IxkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@themaw.net header.s=fm2 header.b=v9rKkBwn; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=jmup3Y5H; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id n189-20020a6327c6000000b00577f4d85fdbsi911263pgn.548.2023.11.06.16.48.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Nov 2023 16:48:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@themaw.net header.s=fm2 header.b=v9rKkBwn; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=jmup3Y5H; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 18C2E80BA7EB; Mon, 6 Nov 2023 16:48:00 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233324AbjKGArn (ORCPT + 99 others); Mon, 6 Nov 2023 19:47:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36822 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232821AbjKGArl (ORCPT ); Mon, 6 Nov 2023 19:47:41 -0500 Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E533AD73; Mon, 6 Nov 2023 16:47:38 -0800 (PST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 5A7395C01D7; Mon, 6 Nov 2023 19:47:38 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Mon, 06 Nov 2023 19:47:38 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=themaw.net; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to; s=fm2; t= 1699318058; x=1699404458; bh=Gw31p/x43vdxiXCzPMnjFbRQKL2XYHOsIr+ oWsxF2fE=; b=v9rKkBwnmH7u2D6mnOMCHaBPLBJuhu9S05QWFAghJ//bAemz5mX u+Sgb0+89MKBk88i1MvG6ljOtiSO9x1laCK255CqLbTulXp5XZ6FRjjYqxItQO1d 5XwS5X/PUpqavceoga483BlhWEYYjpT82LS1DgErRTDP7OiCewsbhlFzE1hGZJ1+ bzGqHwMIJtYudPo3ZKCW0nWPKbwgIAsKdXArlTNKISMJHxMFFmzus1BvagsW9e/8 VBTvYXAyPeDCBEQd+2tasxzFcKENGcTgsrjOy4x2F0ONprB6UcZiQ0JWS08jgkoO xIY1VeGPD8ROAfWOZYNIMiVYjnGhyZuba7g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1699318058; x=1699404458; bh=Gw31p/x43vdxiXCzPMnjFbRQKL2XYHOsIr+ oWsxF2fE=; b=jmup3Y5HBcICiD1KQbIbvzVxrdjy9eaXo+HcZ84ibyxib+YguY7 ULBSRIKZW6U7/Gv8FUFkNllD56PosjlJtlmGFzVmn0d7y9FXAgomrdhW4RJHy/+o 8USkFc6msw5HHv98/GEwTZXdjGFibLV1eYar0eQo3jpZ9+rVnDyBvBh0iGRYMW1n 1Gi22//9pVSh5XIOFcGYKjH+Zr7xaDtmDuANVp4Cxif0dKllzUpu7TeEPuqDngFO 3y/DSNOVYswZey1uzVsBRIXlZpPWeJLa3NFrYnT+9NEpVROD5Pf+sBMQhczGyvxu iNtF2+6iejteUkdCAzRVXLcNb5TBHxe9DsA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrudduhedgvdehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepkfffgggfvfevfhfhufgjtgfgsehtkeertddtfeejnecuhfhrohhmpefkrghn ucfmvghnthcuoehrrghvvghnsehthhgvmhgrfidrnhgvtheqnecuggftrfgrthhtvghrnh epteeghedvkeejveejuedvtdekuedtueehtdegjeeugefhleetjeevkedutdeifeefnecu ffhomhgrihhnpehkvghrnhgvlhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurf grrhgrmhepmhgrihhlfhhrohhmpehrrghvvghnsehthhgvmhgrfidrnhgvth X-ME-Proxy: Feedback-ID: i31e841b0:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 6 Nov 2023 19:47:32 -0500 (EST) Message-ID: <8f14da98-f2f5-b9ba-8d24-1b22eaa3c0d6@themaw.net> Date: Tue, 7 Nov 2023 08:47:29 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Content-Language: en-US To: Amir Goldstein , Karel Zak Cc: Miklos Szeredi , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-api@vger.kernel.org, linux-man@vger.kernel.org, linux-security-module@vger.kernel.org, David Howells , Linus Torvalds , Al Viro , Christian Brauner , Matthew House , Florian Weimer , Arnd Bergmann References: <20231025140205.3586473-1-mszeredi@redhat.com> <374433e3-ab72-64a3-0fa0-ab455268e5e0@themaw.net> <20231106121053.egamth3hr7zcfzji@ws.net.home> From: Ian Kent Subject: Re: [PATCH v4 0/6] querying mount attributes In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 06 Nov 2023 16:48:00 -0800 (PST) On 6/11/23 21:33, Amir Goldstein wrote: > On Mon, Nov 6, 2023 at 2:11 PM Karel Zak wrote: >> On Wed, Nov 01, 2023 at 07:52:45PM +0800, Ian Kent wrote: >>> On 25/10/23 22:01, Miklos Szeredi wrote: >>> Looks ok to me,covers the primary cases I needed when I worked >>> on using fsinfo() in systemd. >> Our work on systemd was about two areas: get mount info (stat/listmount() >> now) from the kernel, and get the mount ID from notification. >> >> There was watch_queue.h with WATCH_TYPE_MOUNT_NOTIFY and struct >> mount_notification->auxiliary_mount (aka mount ID) and event subtype >> to get the change status (new mount, umount, etc.) >> >> For example David's: >> https://patchwork.kernel.org/project/linux-security-module/patch/155991711016.15579.4449417925184028666.stgit@warthog.procyon.org.uk/ >> >> Do we have any replacement for this? >> > The plan is to extend fanotify for mount namespace change notifications. > > Here is a simple POC for FAN_UNMOUNT notification: > > https://lore.kernel.org/linux-fsdevel/20230414182903.1852019-1-amir73il@gmail.com/ > > I was waiting for Miklos' patches to land, so that we can report > mnt_id_unique (of mount and its parent mount) in the events. > > The plan is to start with setting a mark on a vfsmount to get > FAN_MOUNT/FAN_UNMOUNT notifications for changes to direct > children of that mount. I'll have a look at what I needed when I was working to implement this in systemd. Without looking at the code I can say I was handling mount, umount and I think remount events so that's probably a minimum. As I mentioned earlier I found I also need event rate management which was a new requirement at the time. > > This part, I was planning to do myself. I cannot say for sure when > I will be able to get to it, but it should be a rather simple patch. > > If anybody else would like to volunteer for the task, I will be > happy to assist. I would like to help with this but I'm not familiar with fanotify so I'll need to spend a bit of time on that. I am just about in a position to do that now. I'll also be looking at the watch queue framework that did get merged back then, I'm not sure how that will turn out. > > Not sure if we are going to need special notifications for mount > move and mount beneath? Yes that will be an interesting question, I have noticed Christians' work on mount beneath. We need to provide the ability to monitor mount tables as is done by using the proc mount lists to start with and I'm pretty sure that includes at least mount, umount and moves perhaps more but I'll check what I was using. > > Not sure if we are going to need notifications on mount attribute > changes? Also an interesting question, we will see in time I guess. You would think that the mount/umount/move events would get what's needed because (assuming mount move maps to remount) mount, umount and remount should cover cases were mounted mount attributes change. > > We may later also implement a mark on a mount namespace > to get events on all mount namespace changes. Monitoring the proc mount tables essentially provides lists of mounts that are present in a mount namespace (as seen by the given process) so this is going to be needed sooner rather than later if we hope to realize improvements from our new system calls. Ian