Lines Matching +full:flags +full:- +full:mask
1 // SPDX-License-Identifier: GPL-2.0
99 * All flags that may be specified in parameter event_f_flags of fanotify_init.
101 * Internal and external open flags are stored together in field f_flags of
102 * struct file. Only external open flags shall be allowed in event_f_flags.
103 * Internal flags like FMODE_EXEC shall be excluded.
151 info->name_len); in fanotify_dir_name_info_len()
154 info->name2_len); in fanotify_dir_name_info_len()
166 if (fanotify_is_error_event(event->mask)) in fanotify_event_len()
172 (event->mask & FAN_ONDIR)) { in fanotify_event_len()
184 if (fanotify_is_mnt_event(event->mask)) in fanotify_event_len()
202 assert_spin_locked(&group->notification_lock); in fanotify_unhash_event()
207 if (WARN_ON_ONCE(hlist_unhashed(&event->merge_list))) in fanotify_unhash_event()
210 hlist_del_init(&event->merge_list); in fanotify_unhash_event()
229 spin_lock(&group->notification_lock); in get_one_event()
238 event = ERR_PTR(-EINVAL); in get_one_event()
247 if (fanotify_is_perm_event(event->mask)) in get_one_event()
248 FANOTIFY_PERM(event)->state = FAN_EVENT_REPORTED; in get_one_event()
249 if (fanotify_is_hashed_event(event->mask)) in get_one_event()
252 spin_unlock(&group->notification_lock); in get_one_event()
262 client_fd = get_unused_fd_flags(group->fanotify_data.f_flags); in create_fd()
270 new_file = dentry_open_nonotify(path, group->fanotify_data.f_flags, in create_fd()
287 return -EINVAL; in process_access_response_info()
290 return -EFAULT; in process_access_response_info()
292 if (friar->hdr.type != FAN_RESPONSE_INFO_AUDIT_RULE) in process_access_response_info()
293 return -EINVAL; in process_access_response_info()
294 if (friar->hdr.pad != 0) in process_access_response_info()
295 return -EINVAL; in process_access_response_info()
296 if (friar->hdr.len != sizeof(*friar)) in process_access_response_info()
297 return -EINVAL; in process_access_response_info()
304 * drop group->notification_lock.
309 __releases(&group->notification_lock) in finish_permission_event()
313 assert_spin_locked(&group->notification_lock); in finish_permission_event()
314 event->response = response & ~FAN_INFO; in finish_permission_event()
316 memcpy(&event->audit_rule, friar, sizeof(*friar)); in finish_permission_event()
318 if (event->state == FAN_EVENT_CANCELED) in finish_permission_event()
321 event->state = FAN_EVENT_ANSWERED; in finish_permission_event()
322 spin_unlock(&group->notification_lock); in finish_permission_event()
324 fsnotify_destroy_event(group, &event->fae.fse); in finish_permission_event()
333 int fd = response_struct->fd; in process_access_response()
334 u32 response = response_struct->response; in process_access_response()
347 return -EINVAL; in process_access_response()
352 return -EINVAL; in process_access_response()
355 /* Custom errno is supported only for pre-content groups */ in process_access_response()
356 if (errno && group->priority != FSNOTIFY_PRIO_PRE_CONTENT) in process_access_response()
357 return -EINVAL; in process_access_response()
374 return -EINVAL; in process_access_response()
378 return -EINVAL; in process_access_response()
382 return -EINVAL; in process_access_response()
395 return -EINVAL; in process_access_response()
397 spin_lock(&group->notification_lock); in process_access_response()
398 list_for_each_entry(event, &group->fanotify_data.access_list, in process_access_response()
400 if (event->fd != fd) in process_access_response()
403 list_del_init(&event->fae.fse.list); in process_access_response()
405 wake_up(&group->fanotify_data.access_waitq); in process_access_response()
408 spin_unlock(&group->notification_lock); in process_access_response()
410 return -ENOENT; in process_access_response()
422 return -EFAULT; in copy_mnt_info_to_user()
424 info.mnt_id = FANOTIFY_ME(event)->mnt_id; in copy_mnt_info_to_user()
427 return -EFAULT; in copy_mnt_info_to_user()
442 return -EFAULT; in copy_error_info_to_user()
444 info.error = fee->error; in copy_error_info_to_user()
445 info.error_count = fee->err_count; in copy_error_info_to_user()
448 return -EFAULT; in copy_error_info_to_user()
461 size_t fh_len = fh ? fh->len : 0; in copy_fid_info_to_user()
469 return -EFAULT; in copy_fid_info_to_user()
479 return -EFAULT; in copy_fid_info_to_user()
485 return -EFAULT; in copy_fid_info_to_user()
488 return -EFAULT; in copy_fid_info_to_user()
495 return -EFAULT; in copy_fid_info_to_user()
498 len -= sizeof(info); in copy_fid_info_to_user()
500 return -EFAULT; in copy_fid_info_to_user()
502 handle.handle_type = fh->type; in copy_fid_info_to_user()
510 return -EFAULT; in copy_fid_info_to_user()
513 len -= sizeof(handle); in copy_fid_info_to_user()
515 return -EFAULT; in copy_fid_info_to_user()
527 return -EFAULT; in copy_fid_info_to_user()
530 len -= fh_len; in copy_fid_info_to_user()
536 return -EFAULT; in copy_fid_info_to_user()
539 return -EFAULT; in copy_fid_info_to_user()
542 len -= name_len; in copy_fid_info_to_user()
548 return -EFAULT; in copy_fid_info_to_user()
561 return -EFAULT; in copy_pidfd_info_to_user()
568 return -EFAULT; in copy_pidfd_info_to_user()
581 return -EFAULT; in copy_range_info_to_user()
583 if (WARN_ON_ONCE(!pevent->ppos)) in copy_range_info_to_user()
584 return -EINVAL; in copy_range_info_to_user()
588 info.offset = *(pevent->ppos); in copy_range_info_to_user()
589 info.count = pevent->count; in copy_range_info_to_user()
592 return -EFAULT; in copy_range_info_to_user()
613 info_type = info->name_len ? FAN_EVENT_INFO_TYPE_DFID_NAME : in copy_info_records_to_user()
617 if (event->mask & FAN_RENAME) in copy_info_records_to_user()
624 info->name_len, buf, count); in copy_info_records_to_user()
629 count -= ret; in copy_info_records_to_user()
640 info->name2_len, buf, count); in copy_info_records_to_user()
645 count -= ret; in copy_info_records_to_user()
660 (event->mask & FAN_ONDIR)) { in copy_info_records_to_user()
669 } else if ((event->mask & ALL_FSNOTIFY_DIRENT_EVENTS) || in copy_info_records_to_user()
670 (event->mask & FAN_ONDIR)) { in copy_info_records_to_user()
679 * With group flags FAN_REPORT_DIR_FID|FAN_REPORT_FID, in copy_info_records_to_user()
681 * non-directory, when there is no directory to report. in copy_info_records_to_user()
695 count -= ret; in copy_info_records_to_user()
705 count -= ret; in copy_info_records_to_user()
709 if (fanotify_is_error_event(event->mask)) { in copy_info_records_to_user()
714 count -= ret; in copy_info_records_to_user()
723 count -= ret; in copy_info_records_to_user()
727 if (fanotify_is_mnt_event(event->mask)) { in copy_info_records_to_user()
732 count -= ret; in copy_info_records_to_user()
749 int ret, pidfd = -ESRCH, fd = -EBADF; in copy_event_to_user()
757 metadata.mask = event->mask & FANOTIFY_OUTGOING_EVENTS; in copy_event_to_user()
758 metadata.pid = pid_vnr(event->pid); in copy_event_to_user()
760 * For an unprivileged listener, event->pid can be used to identify the in copy_event_to_user()
765 task_tgid(current) != event->pid) in copy_event_to_user()
775 path && path->mnt && path->dentry) { in copy_event_to_user()
792 path->dentry, fd); in copy_event_to_user()
800 if (fd == -EOPENSTALE) in copy_event_to_user()
816 * creation of pidfds for thread-group leaders. in copy_event_to_user()
821 * The PIDTYPE_TGID check for an event->pid is performed in copy_event_to_user()
825 * report either -ESRCH or FAN_NOPIDFD to the event listener in in copy_event_to_user()
829 if (metadata.pid && pid_has_task(event->pid, PIDTYPE_TGID)) in copy_event_to_user()
830 pidfd = pidfd_prepare(event->pid, 0, &pidfd_file); in copy_event_to_user()
833 pidfd = pidfd == -ESRCH ? FAN_NOPIDFD : FAN_EPIDFD; in copy_event_to_user()
836 ret = -EFAULT; in copy_event_to_user()
848 count -= FAN_EVENT_METADATA_LEN; in copy_event_to_user()
861 if (fanotify_is_perm_event(event->mask)) in copy_event_to_user()
862 FANOTIFY_PERM(event)->fd = fd; in copy_event_to_user()
883 struct fsnotify_group *group = file->private_data; in fanotify_poll()
886 poll_wait(file, &group->notification_waitq, wait); in fanotify_poll()
887 spin_lock(&group->notification_lock); in fanotify_poll()
890 spin_unlock(&group->notification_lock); in fanotify_poll()
905 group = file->private_data; in fanotify_read()
909 add_wait_queue(&group->notification_waitq, &wait); in fanotify_read()
923 ret = -EAGAIN; in fanotify_read()
924 if (file->f_flags & O_NONBLOCK) in fanotify_read()
927 ret = -ERESTARTSYS; in fanotify_read()
944 if (!fanotify_is_perm_event(event->mask)) { in fanotify_read()
945 fsnotify_destroy_event(group, &event->fse); in fanotify_read()
947 if (ret <= 0 || FANOTIFY_PERM(event)->fd < 0) { in fanotify_read()
948 spin_lock(&group->notification_lock); in fanotify_read()
951 wake_up(&group->fanotify_data.access_waitq); in fanotify_read()
953 spin_lock(&group->notification_lock); in fanotify_read()
954 list_add_tail(&event->fse.list, in fanotify_read()
955 &group->fanotify_data.access_list); in fanotify_read()
956 spin_unlock(&group->notification_lock); in fanotify_read()
962 count -= ret; in fanotify_read()
964 remove_wait_queue(&group->notification_waitq, &wait); in fanotify_read()
966 if (start != buf && ret != -EFAULT) in fanotify_read()
967 ret = buf - start; in fanotify_read()
980 return -EINVAL; in fanotify_write()
982 group = file->private_data; in fanotify_write()
987 return -EINVAL; in fanotify_write()
990 return -EFAULT; in fanotify_write()
992 info_len = count - sizeof(response); in fanotify_write()
1005 struct fsnotify_group *group = file->private_data; in fanotify_release()
1019 spin_lock(&group->notification_lock); in fanotify_release()
1020 while (!list_empty(&group->fanotify_data.access_list)) { in fanotify_release()
1023 event = list_first_entry(&group->fanotify_data.access_list, in fanotify_release()
1025 list_del_init(&event->fae.fse.list); in fanotify_release()
1027 spin_lock(&group->notification_lock); in fanotify_release()
1031 * Destroy all non-permission events. For permission events just in fanotify_release()
1038 if (!(event->mask & FANOTIFY_PERM_EVENTS)) { in fanotify_release()
1039 spin_unlock(&group->notification_lock); in fanotify_release()
1045 spin_lock(&group->notification_lock); in fanotify_release()
1047 spin_unlock(&group->notification_lock); in fanotify_release()
1050 wake_up(&group->fanotify_data.access_waitq); in fanotify_release()
1052 /* matches the fanotify_init->fsnotify_alloc_group */ in fanotify_release()
1063 int ret = -ENOTTY; in fanotify_ioctl()
1066 group = file->private_data; in fanotify_ioctl()
1072 spin_lock(&group->notification_lock); in fanotify_ioctl()
1073 list_for_each_entry(fsn_event, &group->notification_list, list) in fanotify_ioctl()
1075 spin_unlock(&group->notification_lock); in fanotify_ioctl()
1096 struct path *path, unsigned int flags, __u64 mask, in fanotify_find_path() argument
1101 pr_debug("%s: dfd=%d filename=%p flags=%x\n", __func__, in fanotify_find_path()
1102 dfd, filename, flags); in fanotify_find_path()
1108 return -EBADF; in fanotify_find_path()
1110 if ((flags & FAN_MARK_ONLYDIR) && in fanotify_find_path()
1111 !(S_ISDIR(file_inode(fd_file(f))->i_mode))) in fanotify_find_path()
1112 return -ENOTDIR; in fanotify_find_path()
1114 *path = fd_file(f)->f_path; in fanotify_find_path()
1119 if (!(flags & FAN_MARK_DONT_FOLLOW)) in fanotify_find_path()
1121 if (flags & FAN_MARK_ONLYDIR) in fanotify_find_path()
1136 ret = security_path_notify(path, mask, obj_type); in fanotify_find_path()
1145 __u32 mask, unsigned int flags, in fanotify_mark_remove_from_mask() argument
1151 mask &= ~umask; in fanotify_mark_remove_from_mask()
1152 spin_lock(&fsn_mark->lock); in fanotify_mark_remove_from_mask()
1154 if (!(flags & FANOTIFY_MARK_IGNORE_BITS)) { in fanotify_mark_remove_from_mask()
1155 fsn_mark->mask &= ~mask; in fanotify_mark_remove_from_mask()
1157 fsn_mark->ignore_mask &= ~mask; in fanotify_mark_remove_from_mask()
1161 * We need to keep the mark around even if remaining mask cannot in fanotify_mark_remove_from_mask()
1162 * result in any events (e.g. mask == FAN_ONDIR) to support incremenal in fanotify_mark_remove_from_mask()
1163 * changes to the mask. in fanotify_mark_remove_from_mask()
1166 *destroy = !((fsn_mark->mask | fsn_mark->ignore_mask) & ~umask); in fanotify_mark_remove_from_mask()
1167 spin_unlock(&fsn_mark->lock); in fanotify_mark_remove_from_mask()
1173 void *obj, unsigned int obj_type, __u32 mask, in fanotify_remove_mark() argument
1174 unsigned int flags, __u32 umask) in fanotify_remove_mark() argument
1184 return -ENOENT; in fanotify_remove_mark()
1187 removed = fanotify_mark_remove_from_mask(fsn_mark, mask, flags, in fanotify_remove_mark()
1189 if (removed & fsnotify_conn_mask(fsn_mark->connector)) in fanotify_remove_mark()
1190 fsnotify_recalc_mask(fsn_mark->connector); in fanotify_remove_mark()
1211 * independent event flags in ignore mask. After that, trying to in fanotify_mark_update_flags()
1212 * update the ignore mask with the old FAN_MARK_IGNORED_MASK API in fanotify_mark_update_flags()
1216 fsn_mark->flags |= FSNOTIFY_MARK_FLAG_HAS_IGNORE_FLAGS; in fanotify_mark_update_flags()
1220 * the removal of the FS_MODIFY bit in calculated mask if it was set in fanotify_mark_update_flags()
1221 * because of an ignore mask that is now going to survive FS_MODIFY. in fanotify_mark_update_flags()
1224 !(fsn_mark->flags & FSNOTIFY_MARK_FLAG_IGNORED_SURV_MODIFY)) { in fanotify_mark_update_flags()
1225 fsn_mark->flags |= FSNOTIFY_MARK_FLAG_IGNORED_SURV_MODIFY; in fanotify_mark_update_flags()
1226 if (!(fsn_mark->mask & FS_MODIFY)) in fanotify_mark_update_flags()
1230 if (fsn_mark->connector->type != FSNOTIFY_OBJ_TYPE_INODE || in fanotify_mark_update_flags()
1231 want_iref == !(fsn_mark->flags & FSNOTIFY_MARK_FLAG_NO_IREF)) in fanotify_mark_update_flags()
1239 fsn_mark->flags &= ~FSNOTIFY_MARK_FLAG_NO_IREF; in fanotify_mark_update_flags()
1245 __u32 mask, unsigned int fan_flags) in fanotify_mark_add_to_mask() argument
1249 spin_lock(&fsn_mark->lock); in fanotify_mark_add_to_mask()
1251 fsn_mark->mask |= mask; in fanotify_mark_add_to_mask()
1253 fsn_mark->ignore_mask |= mask; in fanotify_mark_add_to_mask()
1256 ~fsnotify_conn_mask(fsn_mark->connector); in fanotify_mark_add_to_mask()
1259 spin_unlock(&fsn_mark->lock); in fanotify_mark_add_to_mask()
1278 FANOTIFY_MARK(mark)->fsid = fsid->id; in fanotify_set_mark_fsid()
1279 mark->flags |= FSNOTIFY_MARK_FLAG_HAS_FSID; in fanotify_set_mark_fsid()
1280 if (fsid->weak) in fanotify_set_mark_fsid()
1281 mark->flags |= FSNOTIFY_MARK_FLAG_WEAK_FSID; in fanotify_set_mark_fsid()
1284 if (list_empty(&group->marks_list)) in fanotify_set_mark_fsid()
1288 list_for_each_entry(old, &group->marks_list, g_list) { in fanotify_set_mark_fsid()
1289 conn = READ_ONCE(old->connector); in fanotify_set_mark_fsid()
1302 if ((mark->flags ^ old->flags) & FSNOTIFY_MARK_FLAG_WEAK_FSID) in fanotify_set_mark_fsid()
1303 return -EXDEV; in fanotify_set_mark_fsid()
1306 if (!fsid->weak) in fanotify_set_mark_fsid()
1310 if (old_sb != fsid->sb) in fanotify_set_mark_fsid()
1311 return -EXDEV; in fanotify_set_mark_fsid()
1313 /* Do not allow mixing marks from different btrfs sub-volumes */ in fanotify_set_mark_fsid()
1314 if (!fanotify_fsid_equal(&FANOTIFY_MARK(old)->fsid, in fanotify_set_mark_fsid()
1315 &FANOTIFY_MARK(mark)->fsid)) in fanotify_set_mark_fsid()
1316 return -EXDEV; in fanotify_set_mark_fsid()
1327 struct ucounts *ucounts = group->fanotify_data.ucounts; in fanotify_add_new_mark()
1338 !inc_ucount(ucounts->ns, ucounts->uid, UCOUNT_FANOTIFY_MARKS)) in fanotify_add_new_mark()
1339 return ERR_PTR(-ENOSPC); in fanotify_add_new_mark()
1343 ret = -ENOMEM; in fanotify_add_new_mark()
1347 mark = &fan_mark->fsn_mark; in fanotify_add_new_mark()
1350 mark->flags |= FSNOTIFY_MARK_FLAG_NO_IREF; in fanotify_add_new_mark()
1358 fan_mark->fsid.val[0] = fan_mark->fsid.val[1] = 0; in fanotify_add_new_mark()
1377 if (mempool_initialized(&group->fanotify_data.error_events_pool)) in fanotify_group_init_error_pool()
1380 return mempool_init_kmalloc_pool(&group->fanotify_data.error_events_pool, in fanotify_group_init_error_pool()
1386 __u32 mask, unsigned int fan_flags) in fanotify_may_update_existing_mark() argument
1392 !(fsn_mark->flags & FSNOTIFY_MARK_FLAG_NO_IREF)) in fanotify_may_update_existing_mark()
1393 return -EEXIST; in fanotify_may_update_existing_mark()
1396 * New ignore mask semantics cannot be downgraded to old semantics. in fanotify_may_update_existing_mark()
1399 fsn_mark->flags & FSNOTIFY_MARK_FLAG_HAS_IGNORE_FLAGS) in fanotify_may_update_existing_mark()
1400 return -EEXIST; in fanotify_may_update_existing_mark()
1403 * An ignore mask that survives modify could never be downgraded to not in fanotify_may_update_existing_mark()
1405 * explicit and return an error when trying to update the ignore mask in fanotify_may_update_existing_mark()
1410 fsn_mark->flags & FSNOTIFY_MARK_FLAG_IGNORED_SURV_MODIFY) in fanotify_may_update_existing_mark()
1411 return -EEXIST; in fanotify_may_update_existing_mark()
1413 /* For now pre-content events are not generated for directories */ in fanotify_may_update_existing_mark()
1414 mask |= fsn_mark->mask; in fanotify_may_update_existing_mark()
1415 if (mask & FANOTIFY_PRE_CONTENT_EVENTS && mask & FAN_ONDIR) in fanotify_may_update_existing_mark()
1416 return -EEXIST; in fanotify_may_update_existing_mark()
1423 __u32 mask, unsigned int fan_flags, in fanotify_add_mark() argument
1442 * Check if requested mark flags conflict with an existing mark flags. in fanotify_add_mark()
1444 ret = fanotify_may_update_existing_mark(fsn_mark, mask, fan_flags); in fanotify_add_mark()
1449 * Error events are pre-allocated per group, only if strictly in fanotify_add_mark()
1453 (mask & FAN_FS_ERROR)) { in fanotify_add_mark()
1459 recalc = fanotify_mark_add_to_mask(fsn_mark, mask, fan_flags); in fanotify_add_mark()
1461 fsnotify_recalc_mask(fsn_mark->connector); in fanotify_add_mark()
1479 oevent->type = FANOTIFY_EVENT_TYPE_OVERFLOW; in fanotify_alloc_overflow_event()
1481 return &oevent->fse; in fanotify_alloc_overflow_event()
1499 SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) in SYSCALL_DEFINE2() argument
1503 unsigned int fid_mode = flags & FANOTIFY_FID_BITS; in SYSCALL_DEFINE2()
1504 unsigned int class = flags & FANOTIFY_CLASS_BITS; in SYSCALL_DEFINE2()
1508 pr_debug("%s: flags=%x event_f_flags=%x\n", in SYSCALL_DEFINE2()
1509 __func__, flags, event_f_flags); in SYSCALL_DEFINE2()
1514 * limited functionality - an unprivileged group is limited to in SYSCALL_DEFINE2()
1518 if ((flags & FANOTIFY_ADMIN_INIT_FLAGS) || !fid_mode) in SYSCALL_DEFINE2()
1519 return -EPERM; in SYSCALL_DEFINE2()
1530 if (flags & ~(FANOTIFY_INIT_FLAGS | FAN_ENABLE_AUDIT)) in SYSCALL_DEFINE2()
1532 if (flags & ~FANOTIFY_INIT_FLAGS) in SYSCALL_DEFINE2()
1534 return -EINVAL; in SYSCALL_DEFINE2()
1537 * A pidfd can only be returned for a thread-group leader; thus in SYSCALL_DEFINE2()
1541 if ((flags & FAN_REPORT_PIDFD) && (flags & FAN_REPORT_TID)) in SYSCALL_DEFINE2()
1542 return -EINVAL; in SYSCALL_DEFINE2()
1545 if (flags & FAN_REPORT_MNT) { in SYSCALL_DEFINE2()
1547 return -EINVAL; in SYSCALL_DEFINE2()
1548 if (flags & (FANOTIFY_FID_BITS | FAN_REPORT_FD_ERROR)) in SYSCALL_DEFINE2()
1549 return -EINVAL; in SYSCALL_DEFINE2()
1553 return -EINVAL; in SYSCALL_DEFINE2()
1561 return -EINVAL; in SYSCALL_DEFINE2()
1565 return -EINVAL; in SYSCALL_DEFINE2()
1572 return -EINVAL; in SYSCALL_DEFINE2()
1581 return -EINVAL; in SYSCALL_DEFINE2()
1584 if (flags & FAN_CLOEXEC) in SYSCALL_DEFINE2()
1586 if (flags & FAN_NONBLOCK) in SYSCALL_DEFINE2()
1597 group->fanotify_data.ucounts = inc_ucount(current_user_ns(), in SYSCALL_DEFINE2()
1600 if (!group->fanotify_data.ucounts) { in SYSCALL_DEFINE2()
1601 fd = -EMFILE; in SYSCALL_DEFINE2()
1605 group->fanotify_data.flags = flags | internal_flags; in SYSCALL_DEFINE2()
1606 group->memcg = get_mem_cgroup_from_mm(current->mm); in SYSCALL_DEFINE2()
1608 group->fanotify_data.merge_hash = fanotify_alloc_merge_hash(); in SYSCALL_DEFINE2()
1609 if (!group->fanotify_data.merge_hash) { in SYSCALL_DEFINE2()
1610 fd = -ENOMEM; in SYSCALL_DEFINE2()
1614 group->overflow_event = fanotify_alloc_overflow_event(); in SYSCALL_DEFINE2()
1615 if (unlikely(!group->overflow_event)) { in SYSCALL_DEFINE2()
1616 fd = -ENOMEM; in SYSCALL_DEFINE2()
1622 group->fanotify_data.f_flags = event_f_flags; in SYSCALL_DEFINE2()
1623 init_waitqueue_head(&group->fanotify_data.access_waitq); in SYSCALL_DEFINE2()
1624 INIT_LIST_HEAD(&group->fanotify_data.access_list); in SYSCALL_DEFINE2()
1627 group->priority = FSNOTIFY_PRIO_NORMAL; in SYSCALL_DEFINE2()
1630 group->priority = FSNOTIFY_PRIO_CONTENT; in SYSCALL_DEFINE2()
1633 group->priority = FSNOTIFY_PRIO_PRE_CONTENT; in SYSCALL_DEFINE2()
1636 fd = -EINVAL; in SYSCALL_DEFINE2()
1640 if (flags & FAN_UNLIMITED_QUEUE) { in SYSCALL_DEFINE2()
1641 fd = -EPERM; in SYSCALL_DEFINE2()
1644 group->max_events = UINT_MAX; in SYSCALL_DEFINE2()
1646 group->max_events = fanotify_max_queued_events; in SYSCALL_DEFINE2()
1649 if (flags & FAN_UNLIMITED_MARKS) { in SYSCALL_DEFINE2()
1650 fd = -EPERM; in SYSCALL_DEFINE2()
1655 if (flags & FAN_ENABLE_AUDIT) { in SYSCALL_DEFINE2()
1656 fd = -EPERM; in SYSCALL_DEFINE2()
1680 static int fanotify_test_fsid(struct dentry *dentry, unsigned int flags, in fanotify_test_fsid() argument
1683 unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; in fanotify_test_fsid()
1690 err = vfs_get_fsid(dentry, &fsid->id); in fanotify_test_fsid()
1694 fsid->sb = dentry->d_sb; in fanotify_test_fsid()
1695 if (!fsid->id.val[0] && !fsid->id.val[1]) { in fanotify_test_fsid()
1696 err = -ENODEV; in fanotify_test_fsid()
1704 err = vfs_get_fsid(dentry->d_sb->s_root, &root_fsid); in fanotify_test_fsid()
1708 if (!fanotify_fsid_equal(&root_fsid, &fsid->id)) { in fanotify_test_fsid()
1709 err = -EXDEV; in fanotify_test_fsid()
1713 fsid->weak = false; in fanotify_test_fsid()
1718 fsid->weak = true; in fanotify_test_fsid()
1723 static int fanotify_test_fid(struct dentry *dentry, unsigned int flags) in fanotify_test_fid() argument
1725 unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; in fanotify_test_fid()
1726 const struct export_operations *nop = dentry->d_sb->s_export_op; in fanotify_test_fid()
1734 return -EOPNOTSUPP; in fanotify_test_fid()
1742 return -EOPNOTSUPP; in fanotify_test_fid()
1748 const struct path *path, __u64 mask, in fanotify_events_supported() argument
1749 unsigned int flags) in fanotify_events_supported() argument
1751 unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; in fanotify_events_supported()
1752 bool is_dir = d_is_dir(path->dentry); in fanotify_events_supported()
1753 /* Strict validation of events in non-dir inode mask with v5.17+ APIs */ in fanotify_events_supported()
1755 (mask & FAN_RENAME) || in fanotify_events_supported()
1756 (flags & FAN_MARK_IGNORE); in fanotify_events_supported()
1759 * Filesystems need to opt-into pre-content evnets (a.k.a HSM) in fanotify_events_supported()
1762 if (mask & FANOTIFY_PRE_CONTENT_EVENTS) { in fanotify_events_supported()
1763 if (!(path->mnt->mnt_sb->s_iflags & SB_I_ALLOW_HSM)) in fanotify_events_supported()
1764 return -EOPNOTSUPP; in fanotify_events_supported()
1765 if (!is_dir && !d_is_reg(path->dentry)) in fanotify_events_supported()
1766 return -EINVAL; in fanotify_events_supported()
1772 * deadlocking the system - open done when reporting fanotify event in fanotify_events_supported()
1777 if (mask & FANOTIFY_PERM_EVENTS && in fanotify_events_supported()
1778 path->mnt->mnt_sb->s_type->fs_flags & FS_DISALLOW_NOTIFY_PERM) in fanotify_events_supported()
1779 return -EINVAL; in fanotify_events_supported()
1792 path->mnt->mnt_sb->s_flags & SB_NOUSER) in fanotify_events_supported()
1793 return -EINVAL; in fanotify_events_supported()
1797 * flags FAN_ONDIR and FAN_EVENT_ON_CHILD in mask of non-dir inode, in fanotify_events_supported()
1801 !is_dir && (mask & FANOTIFY_DIRONLY_EVENT_BITS)) in fanotify_events_supported()
1802 return -ENOTDIR; in fanotify_events_supported()
1807 static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask, in do_fanotify_mark() argument
1815 unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; in do_fanotify_mark()
1816 unsigned int mark_cmd = flags & FANOTIFY_MARK_CMD_BITS; in do_fanotify_mark()
1817 unsigned int ignore = flags & FANOTIFY_MARK_IGNORE_BITS; in do_fanotify_mark()
1823 pr_debug("%s: fanotify_fd=%d flags=%x dfd=%d pathname=%p mask=%llx\n", in do_fanotify_mark()
1824 __func__, fanotify_fd, flags, dfd, pathname, mask); in do_fanotify_mark()
1827 if (upper_32_bits(mask)) in do_fanotify_mark()
1828 return -EINVAL; in do_fanotify_mark()
1830 if (flags & ~FANOTIFY_MARK_FLAGS) in do_fanotify_mark()
1831 return -EINVAL; in do_fanotify_mark()
1847 return -EINVAL; in do_fanotify_mark()
1853 if (!mask) in do_fanotify_mark()
1854 return -EINVAL; in do_fanotify_mark()
1857 if (flags & ~(FANOTIFY_MARK_TYPE_BITS | FAN_MARK_FLUSH)) in do_fanotify_mark()
1858 return -EINVAL; in do_fanotify_mark()
1861 return -EINVAL; in do_fanotify_mark()
1867 if (mask & ~valid_mask) in do_fanotify_mark()
1868 return -EINVAL; in do_fanotify_mark()
1873 return -EINVAL; in do_fanotify_mark()
1876 * Event flags (FAN_ONDIR, FAN_EVENT_ON_CHILD) have no effect with in do_fanotify_mark()
1880 mask &= ~FANOTIFY_EVENT_FLAGS; in do_fanotify_mark()
1886 return -EBADF; in do_fanotify_mark()
1889 if (unlikely(fd_file(f)->f_op != &fanotify_fops)) in do_fanotify_mark()
1890 return -EINVAL; in do_fanotify_mark()
1891 group = fd_file(f)->private_data; in do_fanotify_mark()
1895 if (mask & ~FANOTIFY_MOUNT_EVENTS) in do_fanotify_mark()
1896 return -EINVAL; in do_fanotify_mark()
1898 return -EINVAL; in do_fanotify_mark()
1900 if (mask & FANOTIFY_MOUNT_EVENTS) in do_fanotify_mark()
1901 return -EINVAL; in do_fanotify_mark()
1903 return -EINVAL; in do_fanotify_mark()
1914 return -EPERM; in do_fanotify_mark()
1918 * Pre-content permission events are not allowed for FAN_CLASS_CONTENT. in do_fanotify_mark()
1920 if (mask & FANOTIFY_PERM_EVENTS && in do_fanotify_mark()
1921 group->priority == FSNOTIFY_PRIO_NORMAL) in do_fanotify_mark()
1922 return -EINVAL; in do_fanotify_mark()
1923 else if (mask & FANOTIFY_PRE_CONTENT_EVENTS && in do_fanotify_mark()
1924 group->priority == FSNOTIFY_PRIO_CONTENT) in do_fanotify_mark()
1925 return -EINVAL; in do_fanotify_mark()
1927 if (mask & FAN_FS_ERROR && in do_fanotify_mark()
1929 return -EINVAL; in do_fanotify_mark()
1935 if (flags & FAN_MARK_EVICTABLE && in do_fanotify_mark()
1937 return -EINVAL; in do_fanotify_mark()
1941 * event->fd require a group that supports reporting fid. Those in do_fanotify_mark()
1947 if (mask & ~(FANOTIFY_FD_EVENTS|FANOTIFY_MOUNT_EVENTS|FANOTIFY_EVENT_FLAGS) && in do_fanotify_mark()
1949 return -EINVAL; in do_fanotify_mark()
1956 if (mask & FAN_RENAME && !(fid_mode & FAN_REPORT_NAME)) in do_fanotify_mark()
1957 return -EINVAL; in do_fanotify_mark()
1959 /* Pre-content events are not currently generated for directories. */ in do_fanotify_mark()
1960 if (mask & FANOTIFY_PRE_CONTENT_EVENTS && mask & FAN_ONDIR) in do_fanotify_mark()
1961 return -EINVAL; in do_fanotify_mark()
1968 ret = fanotify_find_path(dfd, pathname, &path, flags, in do_fanotify_mark()
1969 (mask & ALL_FSNOTIFY_EVENTS), obj_type); in do_fanotify_mark()
1974 ret = fanotify_events_supported(group, &path, mask, flags); in do_fanotify_mark()
1980 ret = fanotify_test_fsid(path.dentry, flags, &__fsid); in do_fanotify_mark()
1984 ret = fanotify_test_fid(path.dentry, flags); in do_fanotify_mark()
1993 inode = path.dentry->d_inode; in do_fanotify_mark()
1998 obj = path.mnt->mnt_sb; in do_fanotify_mark()
2003 ret = -EINVAL; in do_fanotify_mark()
2009 * an ignore mask, unless that ignore mask is supposed to survive in do_fanotify_mark()
2012 if (mark_cmd == FAN_MARK_ADD && (flags & FANOTIFY_MARK_IGNORE_BITS) && in do_fanotify_mark()
2013 !(flags & FAN_MARK_IGNORED_SURV_MODIFY)) { in do_fanotify_mark()
2014 ret = !inode ? -EINVAL : -EISDIR; in do_fanotify_mark()
2017 (!inode || S_ISDIR(inode->i_mode))) in do_fanotify_mark()
2025 /* Mask out FAN_EVENT_ON_CHILD flag for sb/mount/non-dir marks */ in do_fanotify_mark()
2026 if (!inode || !S_ISDIR(inode->i_mode)) { in do_fanotify_mark()
2027 mask &= ~FAN_EVENT_ON_CHILD; in do_fanotify_mark()
2031 * events with parent/name info for non-directory. in do_fanotify_mark()
2034 (flags & FAN_MARK_ADD) && !ignore) in do_fanotify_mark()
2035 mask |= FAN_EVENT_ON_CHILD; in do_fanotify_mark()
2041 ret = fanotify_add_mark(group, obj, obj_type, mask, flags, in do_fanotify_mark()
2045 ret = fanotify_remove_mark(group, obj, obj_type, mask, flags, in do_fanotify_mark()
2049 ret = -EINVAL; in do_fanotify_mark()
2058 SYSCALL_DEFINE5(fanotify_mark, int, fanotify_fd, unsigned int, flags, in SYSCALL_DEFINE5() argument
2059 __u64, mask, int, dfd, in SYSCALL_DEFINE5() argument
2062 return do_fanotify_mark(fanotify_fd, flags, mask, dfd, pathname); in SYSCALL_DEFINE5()
2068 int, fanotify_fd, unsigned int, flags, in SYSCALL32_DEFINE6() argument
2069 SC_ARG64(mask), int, dfd, in SYSCALL32_DEFINE6() argument
2072 return do_fanotify_mark(fanotify_fd, flags, SC_VAL64(__u64, mask), in SYSCALL32_DEFINE6()
2078 * fanotify_user_setup - Our initialization function. Note that we cannot return
2079 * error because we have compiled-in VFS hooks. So an (unlikely) failure here
2094 max_marks = (((si.totalram - si.totalhigh) / 100) << PAGE_SHIFT) / in fanotify_user_setup()