git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Miklos Szeredi <mszeredi@redhat.com>
	Tue, 9 Sep 2025 14:30:47 +0000 (16:30 +0200)
committer	Jan Kara <jack@suse.cz>
	Thu, 11 Sep 2025 14:34:50 +0000 (16:34 +0200)
commit	b8cf8fda522d5a37f8948ad8a19a1113cc38710f
tree	28c43a44916d12465427a2271badab0dc777eb4f	tree \| snapshot
parent	62e59ffe8787b5550ccff70c30b6f6be6a3ac3dd	commit \| diff

fanotify: add watchdog for permission events

This is to make it easier to debug issues with AV software, which time and
again deadlocks with no indication of where the issue comes from, and the
kernel being blamed for the deadlock. Then we need to analyze dumps to
prove that the kernel is not in fact at fault.

The deadlock comes from recursion: handling the event triggers another
permission event, in some roundabout way, obviously, otherwise it would
have been found in testing.

With this patch a warning is printed when permission event is received by
userspace but not answered for more than the timeout specified in
/proc/sys/fs/fanotify/watchdog_timeout. The watchdog can be turned off by
setting the timeout to zero (which is the default).

The timeout is very coarse (T <= t < 2T) but I guess it's good enough for
the purpose.

Overhead should be minimal.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Link: https://patch.msgid.link/20250909143053.112171-1-mszeredi@redhat.com
Signed-off-by: Jan Kara <jack@suse.cz>

fs/notify/fanotify/fanotify.h		diff \| blob \| blame \| history
fs/notify/fanotify/fanotify_user.c		diff \| blob \| blame \| history
include/linux/fsnotify_backend.h		diff \| blob \| blame \| history