Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757189AbZF3Ogt (ORCPT ); Tue, 30 Jun 2009 10:36:49 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1752647AbZF3Ogl (ORCPT ); Tue, 30 Jun 2009 10:36:41 -0400 Received: from turing-police.cc.vt.edu ([128.173.14.107]:55343 "EHLO turing-police.cc.vt.edu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752583AbZF3Ogl (ORCPT ); Tue, 30 Jun 2009 10:36:41 -0400 X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.2 To: Eric Paris Cc: linux-kernel@vger.kernel.org, malware-list@dmesg.printk.net Subject: Re: fanotify: the fscking all notification system In-Reply-To: Your message of "Mon, 29 Jun 2009 16:08:45 EDT." <1246306125.754.300.camel@dhcp235-23.rdu.redhat.com> From: Valdis.Kletnieks@vt.edu References: <1246306125.754.300.camel@dhcp235-23.rdu.redhat.com> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1246368155_20486P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Tue, 30 Jun 2009 09:22:35 -0400 Message-ID: <22424.1246368155@turing-police.cc.vt.edu> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1739 Lines: 43 --==_Exmh_1246368155_20486P Content-Type: text/plain; charset=us-ascii On Mon, 29 Jun 2009 16:08:45 EDT, Eric Paris said: > fanotify provides two things: > 1) a new notification system, sorta like inotify, only instead of an > arbitrary 'watch descriptor' which userspace has to know how to map back > to an object on the filesystem, fanotify provides an open read-only fd > back to the original object. It should be noted that the set of > fanotify events is much smaller than the set of inotify events. > > 2) an access system in which processes may be blocked until the fanotify > userspace listener has decided if the operation should be allowed. I don't care much about virus scanners - but some of us with petabytes of disk space to manage could use tis for HSM applications. The HSM daemon could fanotify on the file, notice that the file accessed referred to a special "I've been archived" stub/token, and put the file back before giving the go-ahead to the process. The only sticky question - does this happen early enough that the accessing process, when un-blocked, will continue through open() and get the *new* version of the newly restored file? --==_Exmh_1246368155_20486P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Exmh version 2.5 07/13/2001 iD8DBQFKShGbcC3lWbTT17ARAkOZAJ90E1vEyEaFQTOJjq5RPNOc+V4CfQCg0jiL ldeBrkECiHRW2Dek+oeQNvQ= =YLM4 -----END PGP SIGNATURE----- --==_Exmh_1246368155_20486P-- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/