\n

-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEq1nRK9aeMoq1VSgcnJ2qBz9kQNkFAmSoBkcACgkQnJ2qBz9k
 QNlG/wgA0J4gULTDiNu4xEQxmBWvQIzWTM9U9bfmCdGeuoMiAvwtTJszNGaEHYb3
 7rMHgvTKW9ap4u1/K9OCQin/TdQOyDgNcxbJIG1oU+qPiNcCHSpvnhVDxAhTGfEj
 TIZYYFNoihbEuEioFD0FojAU6tH17MJu9eUJ1qoHJSMqJLXRToWKezxMwPBIfpzp
 1kld9+1oRD4GLNK28PUGKk9St6G6uwcsDmdfPZHwYlTjQOlZ4Z7OFc//oKbRQqmc
 CFKkV5fn8zMVmAhsxhQ6VvZakgFINrDdqGOHibMVNYRLf0wqh45Oo2e6HKE2FH9b
 xRPQTbJf23xPC1c/g/W5aTO4ruc+XQ==
 =XP4O
 -----END PGP SIGNATURE-----

Merge tag 'fsnotify_for_v6.5-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs

Pull fsnotify fix from Jan Kara:
 "A fix for fanotify to disallow creating of mount or superblock marks
  for kernel internal pseudo filesystems"

* tag 'fsnotify_for_v6.5-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
  fanotify: disallow mount/sb marks on kernel internal pseudo fs

fs/notify/fanotify/fanotify_user.c

@@ -1622,6 +1622,20 @@ static int fanotify_events_supported(struct fsnotify_group *group,
 	    path->mnt->mnt_sb->s_type->fs_flags & FS_DISALLOW_NOTIFY_PERM)
 		return -EINVAL;
 
+	/*
+	 * mount and sb marks are not allowed on kernel internal pseudo fs,
+	 * like pipe_mnt, because that would subscribe to events on all the
+	 * anonynous pipes in the system.
+	 *
+	 * SB_NOUSER covers all of the internal pseudo fs whose objects are not
+	 * exposed to user's mount namespace, but there are other SB_KERNMOUNT
+	 * fs, like nsfs, debugfs, for which the value of allowing sb and mount
+	 * mark is questionable. For now we leave them alone.
+	 */
+	if (mark_type != FAN_MARK_INODE &&
+	    path->mnt->mnt_sb->s_flags & SB_NOUSER)
+		return -EINVAL;
+
 	/*
 	 * We shouldn't have allowed setting dirent events and the directory
 	 * flags FAN_ONDIR and FAN_EVENT_ON_CHILD in mask of non-dir inode,