Jan, This v2 is following a two years leap from the RFC path [1]. the code is based on the mntns fix patches I posted and is available on my github [2]. Since then, Christian added support for open_by_handle_at(2) to admin inside userns, which makes watching FS_USERNS_MOUNT sb more useful. And this should also be useful for Miklos' mntns mount tree watch inside userns. Tested sb/mount watches inside userns manually with fsnotifywatch -S and -M with some changes to inotify-tools [3]. Ran mount-notify test manually inside userns and saw that it works after this change. I was going to write a variant of mount-notify selftest that clones also a userns, but did not get to it. Christian, Miklos, If you guys have interest and time in this work, it would be nice if you can help with this test variant or give me some pointers. I can work on the test and address review comments when I get back from vacation around rc5 time, but wanted to get this out soon for review. Thanks, Amir. changes since v1: - Split cleanup patch (Jan) - Logic simplified a bit - Add support for mntns marks inside userns [1] https://lore.kernel.org/linux-fsdevel/20230416060722.1912831-1-amir73il@xxxxxxxxx/ [2] https://github.com/amir73il/linux/commits/fanotify_userns/ [3] https://github.com/amir73il/inotify-tools/commits/fanotify_userns/ Amir Goldstein (2): fanotify: remove redundant permission checks fanotify: support watching filesystems and mounts inside userns fs/notify/fanotify/fanotify.c | 1 + fs/notify/fanotify/fanotify_user.c | 47 ++++++++++++++++++------------ include/linux/fanotify.h | 5 ++-- include/linux/fsnotify_backend.h | 1 + 4 files changed, 32 insertions(+), 22 deletions(-) -- 2.34.1
