fanotify: add a userspace interface for fanotify notifications

From: Eric Paris <eparis@redhat.com>

notifications from fanotify need a userspace interface.  We are going to
try to do it with sockets.  Scary....

Signed-off-by: Eric Paris <eparis@redhat.com>
---

 fs/notify/Makefile            |    2 
 fs/notify/fanotify.c          |   22 ++++
 fs/notify/fanotify.h          |    3 +
 fs/notify/group.c             |    9 ++
 fs/notify/group_user.c        |  156 +++++++++++++++++++++++++++
 fs/notify/notification_user.c |  239 +++++++++++++++++++++++++++++++++++++++++
 6 files changed, 430 insertions(+), 1 deletions(-)
 create mode 100644 fs/notify/group_user.c
 create mode 100644 fs/notify/notification_user.c


diff --git a/fs/notify/Makefile b/fs/notify/Makefile
index c467c97..21ca1da 100644
--- a/fs/notify/Makefile
+++ b/fs/notify/Makefile
@@ -3,4 +3,4 @@ obj-$(CONFIG_INOTIFY_USER)	+= inotify_user.o
 
 obj-$(CONFIG_DNOTIFY)		+= dnotify.o
 
-obj-$(CONFIG_FANOTIFY)		+= fanotify.o notification.o group.o
+obj-$(CONFIG_FANOTIFY)		+= fanotify.o notification.o notification_user.o group.o group_user.o
diff --git a/fs/notify/fanotify.c b/fs/notify/fanotify.c
index b7a55bc..efb7bd6 100644
--- a/fs/notify/fanotify.c
+++ b/fs/notify/fanotify.c
@@ -89,6 +89,28 @@ EXPORT_SYMBOL_GPL(fanotify);
 
 static __init int fanotify_init(void)
 {
+	int rc;
+
+	fanotify_fs_root = securityfs_create_dir("fanotify", NULL);
+	if (IS_ERR(fanotify_fs_root)) {
+		printk(KERN_ERR "fanotify: failed to create root directory: %ld\n", PTR_ERR(fanotify_fs_root));
+		return PTR_ERR(fanotify_fs_root);
+	}
+
+	rc = fanotify_register_init();
+	if (rc) {
+		securityfs_remove(fanotify_fs_root);
+		fanotify_fs_root = NULL;
+		return rc;
+	}
+
+	rc = fanotify_notification_init();
+	if (rc) {
+		fanotify_register_uninit();
+		securityfs_remove(fanotify_fs_root);
+		fanotify_fs_root = NULL;
+		return rc;
+	}
 	return 0;
 }
 __initcall(fanotify_init);
diff --git a/fs/notify/fanotify.h b/fs/notify/fanotify.h
index 5a7f1f6..db4f0ab 100644
--- a/fs/notify/fanotify.h
+++ b/fs/notify/fanotify.h
@@ -66,6 +66,9 @@ extern struct list_head fanotify_groups;
 extern __init int fanotify_register_init(void);
 extern __init int fanotify_register_uninit(void);
 
+extern int fanotify_notification_user_destroy(struct fanotify_group *group);
+extern int fanotify_notification_user_create(struct fanotify_group *group);
+
 extern int fanotify_check_notif_queue(struct fanotify_group *group);
 extern void fanotify_get_event(struct fanotify_event *event);
 extern void fanotify_put_event(struct fanotify_event *event);
diff --git a/fs/notify/group.c b/fs/notify/group.c
index 32367ab..03eaa8b 100644
--- a/fs/notify/group.c
+++ b/fs/notify/group.c
@@ -44,6 +44,8 @@ void fanotify_get_group(struct fanotify_group *group)
 
 void fanotify_kill_group(struct fanotify_group *group)
 {
+	fanotify_notification_user_destroy(group);
+
 	securityfs_remove(group->subdir);
 	group->subdir = NULL;
 
@@ -101,12 +103,19 @@ int fanotify_register_group(char *name, unsigned int mask)
 
 	group->subdir = subdir;
 
+	rc = fanotify_notification_user_create(group);
+	if (rc)
+		goto out_clean_subdir;
+
 	/* add it */
 	list_add_rcu(&group->group_list, &fanotify_groups);
 	mutex_unlock(&fanotify_grp_mutex);
 
 	return 0;
 
+out_clean_subdir:
+	securityfs_remove(group->subdir);
+	group->subdir = NULL;
 out_free_name:
 	kfree(group->name);
 out:
diff --git a/fs/notify/group_user.c b/fs/notify/group_user.c
new file mode 100644
index 0000000..e248a8a
--- /dev/null
+++ b/fs/notify/group_user.c
@@ -0,0 +1,156 @@
+/*
+ *  Copyright (C) 2008 Red Hat, Inc., Eric Paris <eparis@redhat.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2, or (at your option)
+ *  any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; see the file COPYING.  If not, write to
+ *  the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include <linux/dcache.h>
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/list.h>
+#include <linux/module.h>
+#include <linux/mount.h>
+#include <linux/mutex.h>
+#include <linux/namei.h>
+#include <linux/poll.h>
+#include <linux/sched.h>
+#include <linux/slab.h>
+#include <linux/security.h>
+#include <linux/types.h>
+#include <linux/uaccess.h>
+#include <linux/wait.h>
+
+#include <linux/fanotify.h>
+#include "fanotify.h"
+
+static struct dentry *d_register;
+static struct dentry *d_unregister;
+
+static ssize_t fanotify_register_write(struct file *file, const char __user *buf, size_t lenp, loff_t *offset)
+{
+	char *p;
+	char *group_name;
+	unsigned int mask;
+	int rc = 0;
+
+	p = simple_transaction_get(file, buf, lenp);
+	if (IS_ERR(p))
+		return PTR_ERR(p);
+
+	group_name = kzalloc(lenp, GFP_KERNEL);
+	if (!group_name) {
+		rc = -ENOMEM;
+		goto out;
+	}
+
+	rc = sscanf(p, "%s %x\n", group_name, &mask);
+	if (rc != 2) {
+		if (rc >= 0)
+			rc = -EPROTO;
+		goto out;
+	}
+
+	// FIXME do mask validation
+	rc = fanotify_register_group(group_name, mask);
+	if (rc)
+		goto out;
+
+	rc = lenp;
+
+out:
+	kfree(group_name);
+	return rc;
+}
+
+static ssize_t fanotify_unregister_write(struct file *file, const char __user *buf, size_t lenp, loff_t *offset)
+{
+	char *p;
+	char *group_name;
+	unsigned int mask;
+	int rc = 0;
+
+	group_name = kzalloc(lenp, GFP_KERNEL);
+	if (!group_name)
+		return -ENOMEM;
+
+	p = simple_transaction_get(file, buf, lenp);
+	if (IS_ERR(p)) {
+		rc = PTR_ERR(p);
+		goto out;
+	}
+
+	rc = sscanf(p, "%s %x\n", group_name, &mask);
+	if (rc != 2) {
+		if (rc >= 0)
+			rc = -EPROTO;
+		goto out;
+	}
+
+	rc = fanotify_unregister_group(group_name, mask);
+	if (rc)
+		goto out;
+
+	return lenp;
+out:
+	kfree(group_name);
+	return rc;
+}
+
+static struct file_operations fanotify_register_fops = {
+	.write =	fanotify_register_write,
+	.release = 	simple_transaction_release,
+};
+
+static struct file_operations fanotify_unregister_fops = {
+	.write =	fanotify_unregister_write,
+	.release = 	simple_transaction_release,
+};
+
+__init int fanotify_register_uninit(void)
+{
+	if (d_register);
+		securityfs_remove(d_register);
+	d_register = NULL;
+
+	if (d_unregister);
+		securityfs_remove(d_unregister);
+	d_unregister = NULL;
+
+	cleanup_srcu_struct(&fanotify_grp_srcu_struct);
+
+	return 0;
+}
+__init int fanotify_register_init(void)
+{
+	d_register = securityfs_create_file("register", S_IRUSR|S_IWUSR, fanotify_fs_root, NULL, &fanotify_register_fops);
+	if (IS_ERR(d_register)) {
+		printk(KERN_ERR "fanotify: failed to create register file: %ld\n", PTR_ERR(d_register));
+		fanotify_register_uninit();
+		return PTR_ERR(d_register);
+	}
+
+	d_unregister = securityfs_create_file("unregister", S_IRUSR|S_IWUSR, fanotify_fs_root, NULL, &fanotify_unregister_fops);
+	if (IS_ERR(d_unregister)) {
+		printk(KERN_ERR "fanotify: failed to create unregister file: %ld\n", PTR_ERR(d_unregister));
+		securityfs_remove(d_register);
+		return PTR_ERR(d_unregister);
+	}
+
+	init_srcu_struct(&fanotify_grp_srcu_struct);
+
+	return 0;
+}
diff --git a/fs/notify/notification_user.c b/fs/notify/notification_user.c
new file mode 100644
index 0000000..01f512f
--- /dev/null
+++ b/fs/notify/notification_user.c
@@ -0,0 +1,239 @@
+/*
+ *  Copyright (C) 2008 Red Hat, Inc., Eric Paris <eparis@redhat.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2, or (at your option)
+ *  any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; see the file COPYING.  If not, write to
+ *  the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include <linux/dcache.h>
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/kernel.h>
+#include <linux/list.h>
+#include <linux/mount.h>
+#include <linux/mutex.h>
+#include <linux/namei.h>
+#include <linux/poll.h>
+#include <linux/sched.h>
+#include <linux/security.h>
+#include <linux/types.h>
+#include <linux/uaccess.h>
+#include <linux/wait.h>
+
+#include <linux/fanotify.h>
+#include "fanotify.h"
+
+/*
+ * MAX_MESG_LEN is calculated by hand based on the snprintf below. PLEASE
+ * UPDATE ME IF YOU CHANGE THE SNPRINTF !!!!!111111oneone11!!!!!!!
+ *
+ *    %d  = 11 characters
+ *    %ld = 19 characters
+ *    %x  = 8 characters
+ *
+ * "fd=%d "	= 15 characters
+ * "mask=%x "	= 14 characters
+ * "\n "	=  2 characters
+ * NULL		=  1 character
+ * 
+ * MAX_MESG_LEN = 32
+ */
+#define MAX_MESG_LEN 32
+
+static ssize_t fanotify_notification_read(struct file *file, char __user *buf, size_t lenp, loff_t *offset)
+{
+	struct fanotify_group *group = file->f_path.dentry->d_inode->i_private;
+	struct file *new_file;
+	struct fanotify_event *event = NULL;
+	int client_fd;
+	int len, rc = 0;
+	char *output;
+	struct dentry *dentry;
+	struct vfsmount *mnt;
+
+	BUG_ON(!group);
+
+	if (unlikely(!lenp))
+		return 0;
+
+	/* make sure lenp can hold the whole message */
+	if (lenp < MAX_MESG_LEN)
+		return -ENOMEM;
+
+	if (lenp > PAGE_SIZE)
+		lenp = PAGE_SIZE;
+
+	output = kmalloc(lenp, GFP_KERNEL);
+	if (!output)
+		return -ENOMEM;
+
+	if (fanotify_check_notif_queue(group)) {
+		event = remove_event_from_group_notification(group);
+		mutex_unlock(&group->notification_mutex);
+	} else {
+		if (file->f_flags & O_NONBLOCK) {
+			rc = -EAGAIN;
+			goto out;
+		}
+		rc = wait_event_interruptible(group->notification_waitq, fanotify_check_notif_queue(group));
+		if (!rc) {
+			event = remove_event_from_group_notification(group);
+			mutex_unlock(&group->notification_mutex);
+		} else {
+			/* we took a signal waiting.... */
+			goto out;
+		}
+	}
+
+	BUG_ON(!event);
+
+	client_fd = get_unused_fd();
+	if (client_fd < 0) {
+		rc = client_fd;
+		goto out;
+	}
+
+	/*
+	 * we need a new file handle for the userspace program so it can read even if it was
+	 * originally opened O_WRONLY.
+	 */
+	dentry = dget(event->path.dentry);
+	mnt = mntget(event->path.mnt);
+	new_file = dentry_open(dentry, mnt, O_RDONLY);
+	if (IS_ERR(new_file)) {
+		/*
+		 * we still send an event even if we can't open the file.  this
+		 * can happen for say tasks are gone and we try to open their
+		 * /proc entries or we try to open a WRONLY file like in sysfs
+		 * we just send the errno to userspace since there isn't much
+		 * else we can do.
+		 */
+		put_unused_fd(client_fd);
+		client_fd = PTR_ERR(new_file);
+	} else {
+		fd_install(client_fd, new_file);
+	}
+
+	/*
+	 * Build metadata string to send to the listener
+	 * IF YOU CHANGE THIS STRING UPDATE MAX_MSG_LEN!!!!!!11111!!!!
+	 */
+	rc = snprintf(output, lenp-1, "fd=%d mask=%x\n", client_fd, event->mask);
+	if (rc < 0)
+		goto out;
+	output[rc] = '\0';
+	len = rc + 1;
+
+	rc = copy_to_user(buf, output, len);
+	if (!rc)
+		rc = len;
+out:
+	fanotify_put_event(event);
+	kfree(output);
+	return rc;
+}
+
+static unsigned int fanotify_notification_poll(struct file *file, struct poll_table_struct *polltbl)
+{
+	struct fanotify_group *group = file->f_path.dentry->d_inode->i_private;
+	int ret = 0;
+
+	BUG_ON(!group);
+
+	poll_wait(file, &group->notification_waitq, polltbl);
+	if (fanotify_check_notif_queue(group)) {
+		ret = POLLIN | POLLRDNORM;
+		mutex_unlock(&group->notification_mutex);
+	}
+
+	return ret;
+}
+
+static int fanotify_notification_open(struct inode *inode, struct file *file)
+{
+	struct fanotify_group *fgroup = inode->i_private;
+	struct fanotify_group *lgroup;
+	struct task_struct *tsk = current;
+	int found = 0;
+
+	/*
+	 * we can't trust fgroup as this open might be simultaneous with an
+	 * unregister.  Since unregister is done with the mutex and makes
+	 * sure there are no users if we get() the group under a mutex it
+	 * can't disappear under us.
+	 */
+	mutex_lock(&fanotify_grp_mutex);
+	list_for_each_entry(lgroup, &fanotify_groups, group_list) {
+		if (lgroup == fgroup) {
+			tsk->flags |= PF_NOFACCESS;
+			fanotify_get_group(lgroup);
+			found = 1;
+			break;
+		}
+	}
+	mutex_unlock(&fanotify_grp_mutex);
+
+	if (!found)
+		return -EINVAL;
+
+	return 0;
+}
+
+static int fanotify_notification_release(struct inode *inode, struct file *file)
+{
+	struct fanotify_group *group = inode->i_private;
+	struct task_struct *tsk = current;
+
+	BUG_ON(!group);
+
+	fanotify_put_group(group);
+	tsk->flags &= ~PF_NOFACCESS;
+
+	return 0;
+}
+
+static struct file_operations notification_fops = {
+	.open =		fanotify_notification_open,
+	.release =	fanotify_notification_release,
+	.read =		fanotify_notification_read,
+	.poll =		fanotify_notification_poll
+};
+
+int fanotify_notification_user_destroy(struct fanotify_group *group)
+{
+	securityfs_remove(group->notification);
+	group->notification = NULL;
+
+	return 0;
+}
+
+int fanotify_notification_user_create(struct fanotify_group *group)
+{
+	struct dentry *notification_file;
+
+	group->notification = NULL;
+
+	notification_file = securityfs_create_file("notification", S_IRUSR|S_IWUSR, group->subdir, group, &notification_fops);
+	if (IS_ERR(notification_file))
+		return PTR_ERR(notification_file);
+
+	group->notification = notification_file;
+
+	/* initialize the notification list elements */
+	INIT_LIST_HEAD(&group->notification_list);
+	mutex_init(&group->notification_mutex);
+	init_waitqueue_head(&group->notification_waitq);
+
+	return 0;
+}