From: Amir Goldstein amir73il@gmail.com

mainline inclusion from mainline-5.7-rc1 commit 55bf882c7f13dda8bbe624040c6d5b4fbb812d16 category: bugfix bugzilla: 46764 CVE: NA https://gitee.com/openeuler/kernel/issues/I27PTB?from=project-issue ---------------------------

Change the logic of FAN_ONDIR in two ways that are similar to the logic of FAN_EVENT_ON_CHILD, that was fixed in commit 54a307ba8d3c ("fanotify: fix logic of events on child"):

1. The flag is meaningless in ignore mask 2. The flag refers only to events in the mask of the mark where it is set

This is what the fanotify_mark.2 man page says about FAN_ONDIR: "Without this flag, only events for files are created." It doesn't say anything about setting this flag in ignore mask to stop getting events on directories nor can I think of any setup where this capability would be useful.

Currently, when marks masks are merged, the FAN_ONDIR flag set in one mark affects the events that are set in another mark's mask and this behavior causes unexpected results. For example, a user adds a mark on a directory with mask FAN_ATTRIB | FAN_ONDIR and a mount mark with mask FAN_OPEN (without FAN_ONDIR). An opendir() of that directory (which is inside that mount) generates a FAN_OPEN event even though neither of the marks requested to get open events on directories.

Link: https://lore.kernel.org/r/20200319151022.31456-10-amir73il@gmail.com Signed-off-by: Amir Goldstein amir73il@gmail.com Signed-off-by: Jan Kara jack@suse.cz

Conflicts: fs/notify/fanotify/fanotify.c

Signed-off-by: yangerkun yangerkun@huawei.com Reviewed-by: zhangyi (F) yi.zhang@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com --- fs/notify/fanotify/fanotify.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c index ca3405f73264..cdf0dc9ddbbb 100644 --- a/fs/notify/fanotify/fanotify.c +++ b/fs/notify/fanotify/fanotify.c @@ -117,6 +117,12 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info,

/* Apply ignore mask regardless of ISDIR and ON_CHILD flags */ marks_ignored_mask |= mark->ignored_mask; + /* + * If the event is on dir and this mark doesn't care about + * events on dir, don't send it! + */ + if (d_is_dir(path->dentry) && !(mark->mask & FS_ISDIR)) + continue;

/* * If the event is for a child and this mark doesn't care about @@ -130,10 +136,6 @@ static bool fanotify_should_send_event(struct fsnotify_iter_info *iter_info, marks_mask |= mark->mask; }

- if (d_is_dir(path->dentry) && - !(marks_mask & FS_ISDIR & ~marks_ignored_mask)) - return false; - if (event_mask & FAN_ALL_OUTGOING_EVENTS & marks_mask & ~marks_ignored_mask) return true;