> On 6/23/25, 11:32 PM, "Amir Goldstein" <amir73il@xxxxxxxxx <mailto:amir73il@xxxxxxxxx>> wrote: > > On Mon, Jun 23, 2025 at 9:26 PM Ibrahim Jirdeh <ibrahimjirdeh@xxxxxxxx> wrote: > > > > Currently the default response for pending events is FAN\_ALLOW. > > This makes default close response configurable. The main goal > > of these changes would be to provide better handling for pending > > events for lazy file loading use cases which may back fanotify > > events by a long-lived daemon. For earlier discussion see: > > [https://lore.kernel.org/linux-fsdevel/6za2mngeqslmqjg3icoubz37hbbxi6bi44canfsg2aajgkialt@c3ujlrjzkppr/](https://lore.kernel.org/linux-fsdevel/6za2mngeqslmqjg3icoubz37hbbxi6bi44canfsg2aajgkialt@c3ujlrjzkppr/) > > These lore links are typically placed at the commit message tail block > if related to a suggestion you would typically use: > > Suggested-by: Amir Goldstein <amir73il@xxxxxxxxx> > Link: [https://lore.kernel.org/linux-fsdevel/CAOQ4uxi6PvAcT1vL0d0e+7YjvkfU-kwFVVMAN-tc-FKXe1wtSg@xxxxxxxxxxxxxx/](https://lore.kernel.org/linux-fsdevel/CAOQ4uxi6PvAcT1vL0d0e+7YjvkfU-kwFVVMAN-tc-FKXe1wtSg@xxxxxxxxxxxxxx/) > Signed-off-by: Ibrahim Jirdeh <ibrahimjirdeh@xxxxxxxx> > > This way reviewers whose response is "what a terrible idea!" can > point their arrows at me instead of you ;) > > Note that this is a more accurate link to the message where the default > response API was proposed, so readers won't need to sift through > this long thread to find the reference. > > > > > This implements the first approach outlined there of providing > > configuration for response on group close. This is supported by > > writing a response with > > .fd = FAN\_NOFD > > .response = FAN\_DENY | FAN\_DEFAULT > > which modifies the group property default\_response > > > > Signed-off-by: Ibrahim Jirdeh <ibrahimjirdeh@xxxxxxxx> > > --- > > fs/notify/fanotify/fanotify\_user.c | 14 ++++++++++++-- > > include/linux/fanotify.h | 2 +- > > include/linux/fsnotify\_backend.h | 1 + > > include/uapi/linux/fanotify.h | 1 + > > tools/include/uapi/linux/fanotify.h | 1 + > > 5 files changed, 16 insertions(+), 3 deletions(-) > > > > diff --git a/fs/notify/fanotify/fanotify\_user.c b/fs/notify/fanotify/fanotify\_user.c > > index b192ee068a7a..02669abff4a5 100644 > > --- a/fs/notify/fanotify/fanotify\_user.c > > +++ b/fs/notify/fanotify/fanotify\_user.c > > @@ -378,6 +378,13 @@ static int process\_access\_response(struct fsnotify\_group \*group, > > return -EINVAL; > > } > > > > + if (response & FAN\_DEFAULT) { > > + if (fd != FAN\_NOFD) > > + return -EINVAL; > > > I think we also need to check that no bits other than the allowed bits > for default response > are set, for example, if user attempts to do: > .response = FAN\_DENY | FAN\_AUDIT | FAN\_DEFAULT > > But that opens up the question, do we want to also allow custom > error in default response, e.g.: > .response = FAN\_DENY\_ERRNO(EAGAIN) | FAN\_DEFAULT > > Anyway, we do not have to implement custom default error from the > start. It will complicate the implementation a bit, but as long as you deny > setting the default response with unsupported flags, we can extend it later. Sure I can update this to disallow unexpected bits when updating default response. It does make sense to me to also support custom error in default response, I can help with exending the feature either as a later part of this series, or as future follow up. Also will update the links and commit tail block as you've suggested. > > > > + group->default\_response = response & FANOTIFY\_RESPONSE\_ACCESS; > > + return 0; > > + } > > + > > if ((response & FAN\_AUDIT) && !FAN\_GROUP\_FLAG(group, FAN\_ENABLE\_AUDIT)) > > return -EINVAL; > > > > @@ -1023,7 +1030,8 @@ static int fanotify\_release(struct inode \*ignored, struct file \*file) > > event = list\_first\_entry(&group->fanotify\_data.access\_list, > > struct fanotify\_perm\_event, fae.fse.list); > > list\_del\_init(&event->fae.fse.list); > > - finish\_permission\_event(group, event, FAN\_ALLOW, NULL); > > + finish\_permission\_event(group, event, > > + group->default\_response, NULL); > > spin\_lock(&group->notification\_lock); > > } > > > > @@ -1040,7 +1048,7 @@ static int fanotify\_release(struct inode \*ignored, struct file \*file) > > fsnotify\_destroy\_event(group, fsn\_event); > > } else { > > finish\_permission\_event(group, FANOTIFY\_PERM(event), > > - FAN\_ALLOW, NULL); > > + group->default\_response, NULL); > > } > > spin\_lock(&group->notification\_lock); > > } > > @@ -1640,6 +1648,8 @@ SYSCALL\_DEFINE2(fanotify\_init, unsigned int, flags, unsigned int, event\_f\_flags) > > goto out\_destroy\_group; > > } > > > > + group->default\_response = FAN\_ALLOW; > > + > > BUILD\_BUG\_ON(!(FANOTIFY\_ADMIN\_INIT\_FLAGS & FAN\_UNLIMITED\_QUEUE)); > > if (flags & FAN\_UNLIMITED\_QUEUE) { > > group->max\_events = UINT\_MAX; > > diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h > > index 879cff5eccd4..182fc574b848 100644 > > --- a/include/linux/fanotify.h > > +++ b/include/linux/fanotify.h > > @@ -134,7 +134,7 @@ > > > > /\* These masks check for invalid bits in permission responses. \*/ > > #define FANOTIFY\_RESPONSE\_ACCESS (FAN\_ALLOW | FAN\_DENY) > > -#define FANOTIFY\_RESPONSE\_FLAGS (FAN\_AUDIT | FAN\_INFO) > > +#define FANOTIFY\_RESPONSE\_FLAGS (FAN\_AUDIT | FAN\_INFO | FAN\_DEFAULT) > > #define FANOTIFY\_RESPONSE\_VALID\_MASK \\ > > (FANOTIFY\_RESPONSE\_ACCESS | FANOTIFY\_RESPONSE\_FLAGS | \\ > > (FAN\_ERRNO\_MASK << FAN\_ERRNO\_SHIFT)) > > diff --git a/include/linux/fsnotify\_backend.h b/include/linux/fsnotify\_backend.h > > index d4034ddaf392..9683396acda6 100644 > > --- a/include/linux/fsnotify\_backend.h > > +++ b/include/linux/fsnotify\_backend.h > > @@ -231,6 +231,7 @@ struct fsnotify\_group { > > unsigned int max\_events; /\* maximum events allowed on the list \*/ > > enum fsnotify\_group\_prio priority; /\* priority for sending events \*/ > > bool shutdown; /\* group is being shut down, don't queue more events \*/ > > + unsigned int default\_response; /\* default response sent on group close \*/ > > > > #define FSNOTIFY\_GROUP\_USER 0x01 /\* user allocated group \*/ > > #define FSNOTIFY\_GROUP\_DUPS 0x02 /\* allow multiple marks per object \*/ > > diff --git a/include/uapi/linux/fanotify.h b/include/uapi/linux/fanotify.h > > index e710967c7c26..7badde273a66 100644 > > --- a/include/uapi/linux/fanotify.h > > +++ b/include/uapi/linux/fanotify.h > > @@ -254,6 +254,7 @@ struct fanotify\_response\_info\_audit\_rule { > > > > #define FAN\_AUDIT 0x10 /\* Bitmask to create audit record for result \*/ > > #define FAN\_INFO 0x20 /\* Bitmask to indicate additional information \*/ > > +#define FAN\_DEFAULT 0x30 /\* Bitmask to set default response on close \*/ > > > > /\* No fd set in event \*/ > > #define FAN\_NOFD -1 > > diff --git a/tools/include/uapi/linux/fanotify.h b/tools/include/uapi/linux/fanotify.h > > index e710967c7c26..7badde273a66 100644 > > --- a/tools/include/uapi/linux/fanotify.h > > +++ b/tools/include/uapi/linux/fanotify.h > > @@ -254,6 +254,7 @@ struct fanotify\_response\_info\_audit\_rule { > > > > #define FAN\_AUDIT 0x10 /\* Bitmask to create audit record for result \*/ > > #define FAN\_INFO 0x20 /\* Bitmask to indicate additional information \*/ > > +#define FAN\_DEFAULT 0x30 /\* Bitmask to set default response on close \*/ > > > > /\* No fd set in event \*/ > > #define FAN\_NOFD -1 > > -- > > 2.47.1
