forked from ~ljy/RK356X_SDK_RELEASE
blame | history | patch | commit | commitdiff
hc
2024-05-13 9d77db3c730780c8ef5ccd4b66403ff5675cfe4e 
 kernel/fs/notify/fanotify/fanotify_user.c
....@@ -1090,8 +1090,11 @@
10901090 	return 0;
10911091 }
10921092 
1093
-static int fanotify_events_supported(struct path *path, __u64 mask)
1093
+static int fanotify_events_supported(struct path *path, __u64 mask,
1094
+				     unsigned int flags)
10941095 {
1096
+	unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS;
1097
+
10951098 	/*
10961099 	 * Some filesystems such as 'proc' acquire unusual locks when opening
10971100 	 * files. For them fanotify permission events have high chances of
....@@ -1103,6 +1106,21 @@
11031106 	if (mask & FANOTIFY_PERM_EVENTS &&
11041107 	    path->mnt->mnt_sb->s_type->fs_flags & FS_DISALLOW_NOTIFY_PERM)
11051108 		return -EINVAL;
1109
+
1110
+	/*
1111
+	 * mount and sb marks are not allowed on kernel internal pseudo fs,
1112
+	 * like pipe_mnt, because that would subscribe to events on all the
1113
+	 * anonynous pipes in the system.
1114
+	 *
1115
+	 * SB_NOUSER covers all of the internal pseudo fs whose objects are not
1116
+	 * exposed to user's mount namespace, but there are other SB_KERNMOUNT
1117
+	 * fs, like nsfs, debugfs, for which the value of allowing sb and mount
1118
+	 * mark is questionable. For now we leave them alone.
1119
+	 */
1120
+	if (mark_type != FAN_MARK_INODE &&
1121
+	    path->mnt->mnt_sb->s_flags & SB_NOUSER)
1122
+		return -EINVAL;
1123
+
11061124 	return 0;
11071125 }
11081126 
....@@ -1218,7 +1236,7 @@
12181236 		goto fput_and_out;
12191237 
12201238 	if (flags & FAN_MARK_ADD) {
1221
-		ret = fanotify_events_supported(&path, mask);
1239
+		ret = fanotify_events_supported(&path, mask, flags);
12221240 		if (ret)
12231241 			goto path_put_and_out;
12241242 	}