aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@g5.osdl.org>2006-06-20 18:37:56 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-20 18:37:56 -0400
commitd9eaec9e295a84a80b663996d0489fcff3a1dca9 (patch)
tree85cfc09bb5f0eb42d3be7dfbddaad31353307796
parentcee4cca740d209bcb4b9857baa2253d5ba4e3fbe (diff)
parent41757106b9ca7867dafb2404d618f947b4786fd7 (diff)
Merge branch 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (25 commits) [PATCH] make set_loginuid obey audit_enabled [PATCH] log more info for directory entry change events [PATCH] fix AUDIT_FILTER_PREPEND handling [PATCH] validate rule fields' types [PATCH] audit: path-based rules [PATCH] Audit of POSIX Message Queue Syscalls v.2 [PATCH] fix se_sen audit filter [PATCH] deprecate AUDIT_POSSBILE [PATCH] inline more audit helpers [PATCH] proc_loginuid_write() uses simple_strtoul() on non-terminated array [PATCH] update of IPC audit record cleanup [PATCH] minor audit updates [PATCH] fix audit_krule_to_{rule,data} return values [PATCH] add filtering by ppid [PATCH] log ppid [PATCH] collect sid of those who send signals to auditd [PATCH] execve argument logging [PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES [PATCH] audit_panic() is audit-internal [PATCH] inotify (5/5): update kernel documentation ... Manual fixup of conflict in unclude/linux/inotify.h
Diffstat
-rw-r--r--Documentation/filesystems/inotify.txt130
-rw-r--r--fs/Kconfig24
-rw-r--r--fs/Makefile1
-rw-r--r--fs/exec.c6
-rw-r--r--fs/inotify.c991
-rw-r--r--fs/inotify_user.c719
-rw-r--r--fs/namei.c2
-rw-r--r--fs/open.c4
-rw-r--r--fs/proc/base.c5
-rw-r--r--fs/xattr.c4
-rw-r--r--include/linux/audit.h99
-rw-r--r--include/linux/fsnotify.h32
-rw-r--r--include/linux/inotify.h108
-rw-r--r--include/linux/sched.h2
-rw-r--r--init/Kconfig3
-rw-r--r--ipc/mqueue.c22
-rw-r--r--ipc/msg.c9
-rw-r--r--ipc/sem.c8
-rw-r--r--ipc/shm.c2
-rw-r--r--kernel/audit.c205
-rw-r--r--kernel/audit.h61
-rw-r--r--kernel/auditfilter.c899
-rw-r--r--kernel/auditsc.c648
-rw-r--r--kernel/signal.c2
-rw-r--r--kernel/sysctl.c4
-rw-r--r--kernel/user.c2
-rw-r--r--security/selinux/ss/services.c2
27 files changed, 2961 insertions, 1033 deletions
diff --git a/Documentation/filesystems/inotify.txt b/Documentation/filesystems/inotify.txt
index 6d501903f68e..59a919f16144 100644
--- a/Documentation/filesystems/inotify.txt
+++ b/Documentation/filesystems/inotify.txt
@@ -69,17 +69,135 @@ Prototypes:
69 int inotify_rm_watch (int fd, __u32 mask); 69 int inotify_rm_watch (int fd, __u32 mask);
70 70
71 71
72(iii) Internal Kernel Implementation 72(iii) Kernel Interface
73 73
74Each inotify instance is associated with an inotify_device structure. 74Inotify's kernel API consists a set of functions for managing watches and an
75event callback.
76
77To use the kernel API, you must first initialize an inotify instance with a set
78of inotify_operations. You are given an opaque inotify_handle, which you use
79for any further calls to inotify.
80
81 struct inotify_handle *ih = inotify_init(my_event_handler);
82
83You must provide a function for processing events and a function for destroying
84the inotify watch.
85
86 void handle_event(struct inotify_watch *watch, u32 wd, u32 mask,
87 u32 cookie, const char *name, struct inode *inode)
88
89 watch - the pointer to the inotify_watch that triggered this call
90 wd - the watch descriptor
91 mask - describes the event that occurred
92 cookie - an identifier for synchronizing events
93 name - the dentry name for affected files in a directory-based event
94 inode - the affected inode in a directory-based event
95
96 void destroy_watch(struct inotify_watch *watch)
97
98You may add watches by providing a pre-allocated and initialized inotify_watch
99structure and specifying the inode to watch along with an inotify event mask.
100You must pin the inode during the call. You will likely wish to embed the
101inotify_watch structure in a structure of your own which contains other
102information about the watch. Once you add an inotify watch, it is immediately
103subject to removal depending on filesystem events. You must grab a reference if
104you depend on the watch hanging around after the call.
105
106 inotify_init_watch(&my_watch->iwatch);
107 inotify_get_watch(&my_watch->iwatch); // optional
108 s32 wd = inotify_add_watch(ih, &my_watch->iwatch, inode, mask);
109 inotify_put_watch(&my_watch->iwatch); // optional
110
111You may use the watch descriptor (wd) or the address of the inotify_watch for
112other inotify operations. You must not directly read or manipulate data in the
113inotify_watch. Additionally, you must not call inotify_add_watch() more than
114once for a given inotify_watch structure, unless you have first called either
115inotify_rm_watch() or inotify_rm_wd().
116
117To determine if you have already registered a watch for a given inode, you may
118call inotify_find_watch(), which gives you both the wd and the watch pointer for
119the inotify_watch, or an error if the watch does not exist.
120
121 wd = inotify_find_watch(ih, inode, &watchp);
122
123You may use container_of() on the watch pointer to access your own data
124associated with a given watch. When an existing watch is found,
125inotify_find_watch() bumps the refcount before releasing its locks. You must
126put that reference with:
127
128 put_inotify_watch(watchp);
129
130Call inotify_find_update_watch() to update the event mask for an existing watch.
131inotify_find_update_watch() returns the wd of the updated watch, or an error if
132the watch does not exist.
133
134 wd = inotify_find_update_watch(ih, inode, mask);
135
136An existing watch may be removed by calling either inotify_rm_watch() or
137inotify_rm_wd().
138
139 int ret = inotify_rm_watch(ih, &my_watch->iwatch);
140 int ret = inotify_rm_wd(ih, wd);
141
142A watch may be removed while executing your event handler with the following:
143
144 inotify_remove_watch_locked(ih, iwatch);
145
146Call inotify_destroy() to remove all watches from your inotify instance and
147release it. If there are no outstanding references, inotify_destroy() will call
148your destroy_watch op for each watch.
149
150 inotify_destroy(ih);
151
152When inotify removes a watch, it sends an IN_IGNORED event to your callback.
153You may use this event as an indication to free the watch memory. Note that
154inotify may remove a watch due to filesystem events, as well as by your request.
155If you use IN_ONESHOT, inotify will remove the watch after the first event, at
156which point you may call the final inotify_put_watch.
157
158(iv) Kernel Interface Prototypes
159
160 struct inotify_handle *inotify_init(struct inotify_operations *ops);
161
162 inotify_init_watch(struct inotify_watch *watch);
163
164 s32 inotify_add_watch(struct inotify_handle *ih,
165 struct inotify_watch *watch,
166 struct inode *inode, u32 mask);
167
168 s32 inotify_find_watch(struct inotify_handle *ih, struct inode *inode,
169 struct inotify_watch **watchp);
170
171 s32 inotify_find_update_watch(struct inotify_handle *ih,
172 struct inode *inode, u32 mask);
173
174 int inotify_rm_wd(struct inotify_handle *ih, u32 wd);
175
176 int inotify_rm_watch(struct inotify_handle *ih,
177 struct inotify_watch *watch);
178
179 void inotify_remove_watch_locked(struct inotify_handle *ih,
180 struct inotify_watch *watch);
181
182 void inotify_destroy(struct inotify_handle *ih);
183
184 void get_inotify_watch(struct inotify_watch *watch);
185 void put_inotify_watch(struct inotify_watch *watch);
186
187
188(v) Internal Kernel Implementation
189
190Each inotify instance is represented by an inotify_handle structure.
191Inotify's userspace consumers also have an inotify_device which is
192associated with the inotify_handle, and on which events are queued.
75 193
76Each watch is associated with an inotify_watch structure. Watches are chained 194Each watch is associated with an inotify_watch structure. Watches are chained
77off of each associated device and each associated inode. 195off of each associated inotify_handle and each associated inode.
78 196
79See fs/inotify.c for the locking and lifetime rules. 197See fs/inotify.c and fs/inotify_user.c for the locking and lifetime rules.
80 198
81 199
82(iv) Rationale 200(vi) Rationale
83 201
84Q: What is the design decision behind not tying the watch to the open fd of 202Q: What is the design decision behind not tying the watch to the open fd of
85 the watched object? 203 the watched object?
@@ -145,7 +263,7 @@ A: The poor user-space interface is the second biggest problem with dnotify.
145 file descriptor-based one that allows basic file I/O and poll/select. 263 file descriptor-based one that allows basic file I/O and poll/select.
146 Obtaining the fd and managing the watches could have been done either via a 264 Obtaining the fd and managing the watches could have been done either via a
147 device file or a family of new system calls. We decided to implement a 265 device file or a family of new system calls. We decided to implement a
148 family of system calls because that is the preffered approach for new kernel 266 family of system calls because that is the preferred approach for new kernel
149 interfaces. The only real difference was whether we wanted to use open(2) 267 interfaces. The only real difference was whether we wanted to use open(2)
150 and ioctl(2) or a couple of new system calls. System calls beat ioctls. 268 and ioctl(2) or a couple of new system calls. System calls beat ioctls.
151 269
diff --git a/fs/Kconfig b/fs/Kconfig
index 572cc435a1bb..20f9b557732d 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -393,18 +393,30 @@ config INOTIFY
393 bool "Inotify file change notification support" 393 bool "Inotify file change notification support"
394 default y 394 default y
395 ---help--- 395 ---help---
396 Say Y here to enable inotify support and the associated system 396 Say Y here to enable inotify support. Inotify is a file change
397 calls. Inotify is a file change notification system and a 397 notification system and a replacement for dnotify. Inotify fixes
398 replacement for dnotify. Inotify fixes numerous shortcomings in 398 numerous shortcomings in dnotify and introduces several new features
399 dnotify and introduces several new features. It allows monitoring 399 including multiple file events, one-shot support, and unmount
400 of both files and directories via a single open fd. Other features
401 include multiple file events, one-shot support, and unmount
402 notification. 400 notification.
403 401
404 For more information, see Documentation/filesystems/inotify.txt 402 For more information, see Documentation/filesystems/inotify.txt
405 403
406 If unsure, say Y. 404 If unsure, say Y.
407 405
406config INOTIFY_USER
407 bool "Inotify support for userspace"
408 depends on INOTIFY
409 default y
410 ---help---
411 Say Y here to enable inotify support for userspace, including the
412 associated system calls. Inotify allows monitoring of both files and
413 directories via a single open fd. Events are read from the file
414 descriptor, which is also select()- and poll()-able.
415
416 For more information, see Documentation/filesystems/inotify.txt
417
418 If unsure, say Y.
419
408config QUOTA 420config QUOTA
409 bool "Quota support" 421 bool "Quota support"
410 help 422 help
diff --git a/fs/Makefile b/fs/Makefile
index 078d3d1191a5..d0ea6bfccf29 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -13,6 +13,7 @@ obj-y := open.o read_write.o file_table.o buffer.o bio.o super.o \
13 ioprio.o pnode.o drop_caches.o splice.o sync.o 13 ioprio.o pnode.o drop_caches.o splice.o sync.o
14 14
15obj-$(CONFIG_INOTIFY) += inotify.o 15obj-$(CONFIG_INOTIFY) += inotify.o
16obj-$(CONFIG_INOTIFY_USER) += inotify_user.o
16obj-$(CONFIG_EPOLL) += eventpoll.o 17obj-$(CONFIG_EPOLL) += eventpoll.o
17obj-$(CONFIG_COMPAT) += compat.o compat_ioctl.o 18obj-$(CONFIG_COMPAT) += compat.o compat_ioctl.o
18 19
diff --git a/fs/exec.c b/fs/exec.c
index 3a79d97ac234..d07858c0b7c4 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -49,6 +49,7 @@
49#include <linux/rmap.h> 49#include <linux/rmap.h>
50#include <linux/acct.h> 50#include <linux/acct.h>
51#include <linux/cn_proc.h> 51#include <linux/cn_proc.h>
52#include <linux/audit.h>
52 53
53#include <asm/uaccess.h> 54#include <asm/uaccess.h>
54#include <asm/mmu_context.h> 55#include <asm/mmu_context.h>
@@ -1085,6 +1086,11 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
1085 /* kernel module loader fixup */ 1086 /* kernel module loader fixup */
1086 /* so we don't try to load run modprobe in kernel space. */ 1087 /* so we don't try to load run modprobe in kernel space. */
1087 set_fs(USER_DS); 1088 set_fs(USER_DS);
1089
1090 retval = audit_bprm(bprm);
1091 if (retval)
1092 return retval;
1093
1088 retval = -ENOENT; 1094 retval = -ENOENT;
1089 for (try=0; try<2; try++) { 1095 for (try=0; try<2; try++) {
1090 read_lock(&binfmt_lock); 1096 read_lock(&binfmt_lock);
diff --git a/fs/inotify.c b/fs/inotify.c
index 732ec4bd5774..723836a1f718 100644
--- a/fs/inotify.c
+++ b/fs/inotify.c
@@ -5,7 +5,10 @@
5 * John McCutchan <ttb@tentacle.dhs.org> 5 * John McCutchan <ttb@tentacle.dhs.org>
6 * Robert Love <rml@novell.com> 6 * Robert Love <rml@novell.com>
7 * 7 *
8 * Kernel API added by: Amy Griffis <amy.griffis@hp.com>
9 *
8 * Copyright (C) 2005 John McCutchan 10 * Copyright (C) 2005 John McCutchan
11 * Copyright 2006 Hewlett-Packard Development Company, L.P.
9 * 12 *
10 * This program is free software; you can redistribute it and/or modify it 13 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the 14 * under the terms of the GNU General Public License as published by the
@@ -20,35 +23,17 @@
20 23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/kernel.h> 25#include <linux/kernel.h>
23#include <linux/sched.h>
24#include <linux/spinlock.h> 26#include <linux/spinlock.h>
25#include <linux/idr.h> 27#include <linux/idr.h>
26#include <linux/slab.h> 28#include <linux/slab.h>
27#include <linux/fs.h> 29#include <linux/fs.h>
28#include <linux/file.h>
29#include <linux/mount.h>
30#include <linux/namei.h>
31#include <linux/poll.h>
32#include <linux/init.h> 30#include <linux/init.h>
33#include <linux/list.h> 31#include <linux/list.h>
34#include <linux/writeback.h> 32#include <linux/writeback.h>
35#include <linux/inotify.h> 33#include <linux/inotify.h>
36#include <linux/syscalls.h>
37
38#include <asm/ioctls.h>
39 34
40static atomic_t inotify_cookie; 35static atomic_t inotify_cookie;
41 36
42static kmem_cache_t *watch_cachep __read_mostly;
43static kmem_cache_t *event_cachep __read_mostly;
44
45static struct vfsmount *inotify_mnt __read_mostly;
46
47/* these are configurable via /proc/sys/fs/inotify/ */
48int inotify_max_user_instances __read_mostly;
49int inotify_max_user_watches __read_mostly;
50int inotify_max_queued_events __read_mostly;
51
52/* 37/*
53 * Lock ordering: 38 * Lock ordering:
54 * 39 *
@@ -56,327 +41,108 @@ int inotify_max_queued_events __read_mostly;
56 * iprune_mutex (synchronize shrink_icache_memory()) 41 * iprune_mutex (synchronize shrink_icache_memory())
57 * inode_lock (protects the super_block->s_inodes list) 42 * inode_lock (protects the super_block->s_inodes list)
58 * inode->inotify_mutex (protects inode->inotify_watches and watches->i_list) 43 * inode->inotify_mutex (protects inode->inotify_watches and watches->i_list)
59 * inotify_dev->mutex (protects inotify_device and watches->d_list) 44 * inotify_handle->mutex (protects inotify_handle and watches->h_list)
45 *
46 * The inode->inotify_mutex and inotify_handle->mutex and held during execution
47 * of a caller's event handler. Thus, the caller must not hold any locks
48 * taken in their event handler while calling any of the published inotify
49 * interfaces.
60 */ 50 */
61 51
62/* 52/*
63 * Lifetimes of the three main data structures--inotify_device, inode, and 53 * Lifetimes of the three main data structures--inotify_handle, inode, and
64 * inotify_watch--are managed by reference count. 54 * inotify_watch--are managed by reference count.
65 * 55 *
66 * inotify_device: Lifetime is from inotify_init() until release. Additional 56 * inotify_handle: Lifetime is from inotify_init() to inotify_destroy().
67 * references can bump the count via get_inotify_dev() and drop the count via 57 * Additional references can bump the count via get_inotify_handle() and drop
68 * put_inotify_dev(). 58 * the count via put_inotify_handle().
69 * 59 *
70 * inotify_watch: Lifetime is from create_watch() to destory_watch(). 60 * inotify_watch: for inotify's purposes, lifetime is from inotify_add_watch()
71 * Additional references can bump the count via get_inotify_watch() and drop 61 * to remove_watch_no_event(). Additional references can bump the count via
72 * the count via put_inotify_watch(). 62 * get_inotify_watch() and drop the count via put_inotify_watch(). The caller
63 * is reponsible for the final put after receiving IN_IGNORED, or when using
64 * IN_ONESHOT after receiving the first event. Inotify does the final put if
65 * inotify_destroy() is called.
73 * 66 *
74 * inode: Pinned so long as the inode is associated with a watch, from 67 * inode: Pinned so long as the inode is associated with a watch, from
75 * create_watch() to put_inotify_watch(). 68 * inotify_add_watch() to the final put_inotify_watch().
76 */ 69 */
77 70
78/* 71/*
79 * struct inotify_device - represents an inotify instance 72 * struct inotify_handle - represents an inotify instance
80 * 73 *
81 * This structure is protected by the mutex 'mutex'. 74 * This structure is protected by the mutex 'mutex'.
82 */ 75 */
83struct inotify_device { 76struct inotify_handle {
84 wait_queue_head_t wq; /* wait queue for i/o */
85 struct idr idr; /* idr mapping wd -> watch */ 77 struct idr idr; /* idr mapping wd -> watch */
86 struct mutex mutex; /* protects this bad boy */ 78 struct mutex mutex; /* protects this bad boy */
87 struct list_head events; /* list of queued events */
88 struct list_head watches; /* list of watches */ 79 struct list_head watches; /* list of watches */
89 atomic_t count; /* reference count */ 80 atomic_t count; /* reference count */
90 struct user_struct *user; /* user who opened this dev */
91 unsigned int queue_size; /* size of the queue (bytes) */
92 unsigned int event_count; /* number of pending events */
93 unsigned int max_events; /* maximum number of events */
94 u32 last_wd; /* the last wd allocated */ 81 u32 last_wd; /* the last wd allocated */
82 const struct inotify_operations *in_ops; /* inotify caller operations */
95}; 83};
96 84
97/* 85static inline void get_inotify_handle(struct inotify_handle *ih)
98 * struct inotify_kernel_event - An inotify event, originating from a watch and
99 * queued for user-space. A list of these is attached to each instance of the
100 * device. In read(), this list is walked and all events that can fit in the
101 * buffer are returned.
102 *
103 * Protected by dev->mutex of the device in which we are queued.
104 */
105struct inotify_kernel_event {
106 struct inotify_event event; /* the user-space event */
107 struct list_head list; /* entry in inotify_device's list */
108 char *name; /* filename, if any */
109};
110
111/*
112 * struct inotify_watch - represents a watch request on a specific inode
113 *
114 * d_list is protected by dev->mutex of the associated watch->dev.
115 * i_list and mask are protected by inode->inotify_mutex of the associated inode.
116 * dev, inode, and wd are never written to once the watch is created.
117 */
118struct inotify_watch {
119 struct list_head d_list; /* entry in inotify_device's list */
120 struct list_head i_list; /* entry in inode's list */
121 atomic_t count; /* reference count */
122 struct inotify_device *dev; /* associated device */
123 struct inode *inode; /* associated inode */
124 s32 wd; /* watch descriptor */
125 u32 mask; /* event mask for this watch */
126};
127
128#ifdef CONFIG_SYSCTL
129
130#include <linux/sysctl.h>
131
132static int zero;
133
134ctl_table inotify_table[] = {
135 {
136 .ctl_name = INOTIFY_MAX_USER_INSTANCES,
137 .procname = "max_user_instances",
138 .data = &inotify_max_user_instances,
139 .maxlen = sizeof(int),
140 .mode = 0644,
141 .proc_handler = &proc_dointvec_minmax,
142 .strategy = &sysctl_intvec,
143 .extra1 = &zero,
144 },
145 {
146 .ctl_name = INOTIFY_MAX_USER_WATCHES,
147 .procname = "max_user_watches",
148 .data = &inotify_max_user_watches,
149 .maxlen = sizeof(int),
150 .mode = 0644,
151 .proc_handler = &proc_dointvec_minmax,
152 .strategy = &sysctl_intvec,
153 .extra1 = &zero,
154 },
155 {
156 .ctl_name = INOTIFY_MAX_QUEUED_EVENTS,
157 .procname = "max_queued_events",
158 .data = &inotify_max_queued_events,
159 .maxlen = sizeof(int),
160 .mode = 0644,
161 .proc_handler = &proc_dointvec_minmax,
162 .strategy = &sysctl_intvec,
163 .extra1 = &zero
164 },
165 { .ctl_name = 0 }
166};
167#endif /* CONFIG_SYSCTL */
168
169static inline void get_inotify_dev(struct inotify_device *dev)
170{ 86{
171 atomic_inc(&dev->count); 87 atomic_inc(&ih->count);
172} 88}
173 89
174static inline void put_inotify_dev(struct inotify_device *dev) 90static inline void put_inotify_handle(struct inotify_handle *ih)
175{ 91{
176 if (atomic_dec_and_test(&dev->count)) { 92 if (atomic_dec_and_test(&ih->count)) {
177 atomic_dec(&dev->user->inotify_devs); 93 idr_destroy(&ih->idr);
178 free_uid(dev->user); 94 kfree(ih);
179 idr_destroy(&dev->idr);
180 kfree(dev);
181 } 95 }
182} 96}
183 97
184static inline void get_inotify_watch(struct inotify_watch *watch) 98/**
99 * get_inotify_watch - grab a reference to an inotify_watch
100 * @watch: watch to grab
101 */
102void get_inotify_watch(struct inotify_watch *watch)
185{ 103{
186 atomic_inc(&watch->count); 104 atomic_inc(&watch->count);
187} 105}
106EXPORT_SYMBOL_GPL(get_inotify_watch);
188 107
189/* 108/**
190 * put_inotify_watch - decrements the ref count on a given watch. cleans up 109 * put_inotify_watch - decrements the ref count on a given watch. cleans up
191 * the watch and its references if the count reaches zero. 110 * watch references if the count reaches zero. inotify_watch is freed by
111 * inotify callers via the destroy_watch() op.
112 * @watch: watch to release
192 */ 113 */
193static inline void put_inotify_watch(struct inotify_watch *watch) 114void put_inotify_watch(struct inotify_watch *watch)
194{ 115{
195 if (atomic_dec_and_test(&watch->count)) { 116 if (atomic_dec_and_test(&watch->count)) {
196 put_inotify_dev(watch->dev); 117 struct inotify_handle *ih = watch->ih;
197 iput(watch->inode);
198 kmem_cache_free(watch_cachep, watch);
199 }
200}
201
202/*
203 * kernel_event - create a new kernel event with the given parameters
204 *
205 * This function can sleep.
206 */
207static struct inotify_kernel_event * kernel_event(s32 wd, u32 mask, u32 cookie,
208 const char *name)
209{
210 struct inotify_kernel_event *kevent;
211
212 kevent = kmem_cache_alloc(event_cachep, GFP_KERNEL);
213 if (unlikely(!kevent))
214 return NULL;
215
216 /* we hand this out to user-space, so zero it just in case */
217 memset(&kevent->event, 0, sizeof(struct inotify_event));
218
219 kevent->event.wd = wd;
220 kevent->event.mask = mask;
221 kevent->event.cookie = cookie;
222
223 INIT_LIST_HEAD(&kevent->list);
224
225 if (name) {
226 size_t len, rem, event_size = sizeof(struct inotify_event);
227
228 /*
229 * We need to pad the filename so as to properly align an
230 * array of inotify_event structures. Because the structure is
231 * small and the common case is a small filename, we just round
232 * up to the next multiple of the structure's sizeof. This is
233 * simple and safe for all architectures.
234 */
235 len = strlen(name) + 1;
236 rem = event_size - len;
237 if (len > event_size) {
238 rem = event_size - (len % event_size);
239 if (len % event_size == 0)
240 rem = 0;
241 }
242
243 kevent->name = kmalloc(len + rem, GFP_KERNEL);
244 if (unlikely(!kevent->name)) {
245 kmem_cache_free(event_cachep, kevent);
246 return NULL;
247 }
248 memcpy(kevent->name, name, len);
249 if (rem)
250 memset(kevent->name + len, 0, rem);
251 kevent->event.len = len + rem;
252 } else {
253 kevent->event.len = 0;
254 kevent->name = NULL;
255 }
256
257 return kevent;
258}
259
260/*
261 * inotify_dev_get_event - return the next event in the given dev's queue
262 *
263 * Caller must hold dev->mutex.
264 */
265static inline struct inotify_kernel_event *
266inotify_dev_get_event(struct inotify_device *dev)
267{
268 return list_entry(dev->events.next, struct inotify_kernel_event, list);
269}
270
271/*
272 * inotify_dev_queue_event - add a new event to the given device
273 *
274 * Caller must hold dev->mutex. Can sleep (calls kernel_event()).
275 */
276static void inotify_dev_queue_event(struct inotify_device *dev,
277 struct inotify_watch *watch, u32 mask,
278 u32 cookie, const char *name)
279{
280 struct inotify_kernel_event *kevent, *last;
281
282 /* coalescing: drop this event if it is a dupe of the previous */
283 last = inotify_dev_get_event(dev);
284 if (last && last->event.mask == mask && last->event.wd == watch->wd &&
285 last->event.cookie == cookie) {
286 const char *lastname = last->name;
287
288 if (!name && !lastname)
289 return;
290 if (name && lastname && !strcmp(lastname, name))
291 return;
292 }
293
294 /* the queue overflowed and we already sent the Q_OVERFLOW event */
295 if (unlikely(dev->event_count > dev->max_events))
296 return;
297
298 /* if the queue overflows, we need to notify user space */
299 if (unlikely(dev->event_count == dev->max_events))
300 kevent = kernel_event(-1, IN_Q_OVERFLOW, cookie, NULL);
301 else
302 kevent = kernel_event(watch->wd, mask, cookie, name);
303
304 if (unlikely(!kevent))
305 return;
306
307 /* queue the event and wake up anyone waiting */
308 dev->event_count++;
309 dev->queue_size += sizeof(struct inotify_event) + kevent->event.len;
310 list_add_tail(&kevent->list, &dev->events);
311 wake_up_interruptible(&dev->wq);
312}
313
314/*
315 * remove_kevent - cleans up and ultimately frees the given kevent
316 *
317 * Caller must hold dev->mutex.
318 */
319static void remove_kevent(struct inotify_device *dev,
320 struct inotify_kernel_event *kevent)
321{
322 list_del(&kevent->list);
323
324 dev->event_count--;
325 dev->queue_size -= sizeof(struct inotify_event) + kevent->event.len;
326
327 kfree(kevent->name);
328 kmem_cache_free(event_cachep, kevent);
329}
330 118
331/* 119 iput(watch->inode);
332 * inotify_dev_event_dequeue - destroy an event on the given device 120 ih->in_ops->destroy_watch(watch);
333 * 121 put_inotify_handle(ih);
334 * Caller must hold dev->mutex.
335 */
336static void inotify_dev_event_dequeue(struct inotify_device *dev)
337{
338 if (!list_empty(&dev->events)) {
339 struct inotify_kernel_event *kevent;
340 kevent = inotify_dev_get_event(dev);
341 remove_kevent(dev, kevent);
342 } 122 }
343} 123}
124EXPORT_SYMBOL_GPL(put_inotify_watch);
344 125
345/* 126/*
346 * inotify_dev_get_wd - returns the next WD for use by the given dev 127 * inotify_handle_get_wd - returns the next WD for use by the given handle
347 * 128 *
348 * Callers must hold dev->mutex. This function can sleep. 129 * Callers must hold ih->mutex. This function can sleep.
349 */ 130 */
350static int inotify_dev_get_wd(struct inotify_device *dev, 131static int inotify_handle_get_wd(struct inotify_handle *ih,
351 struct inotify_watch *watch) 132 struct inotify_watch *watch)
352{ 133{
353 int ret; 134 int ret;
354 135
355 do { 136 do {
356 if (unlikely(!idr_pre_get(&dev->idr, GFP_KERNEL))) 137 if (unlikely(!idr_pre_get(&ih->idr, GFP_KERNEL)))
357 return -ENOSPC; 138 return -ENOSPC;
358 ret = idr_get_new_above(&dev->idr, watch, dev->last_wd+1, &watch->wd); 139 ret = idr_get_new_above(&ih->idr, watch, ih->last_wd+1, &watch->wd);
359 } while (ret == -EAGAIN); 140 } while (ret == -EAGAIN);
360 141
361 return ret; 142 if (likely(!ret))
362} 143 ih->last_wd = watch->wd;
363 144
364/* 145 return ret;
365 * find_inode - resolve a user-given path to a specific inode and return a nd
366 */
367static int find_inode(const char __user *dirname, struct nameidata *nd,
368 unsigned flags)
369{
370 int error;
371
372 error = __user_walk(dirname, flags, nd);
373 if (error)
374 return error;
375 /* you can only watch an inode if you have read permissions on it */
376 error = vfs_permission(nd, MAY_READ);
377 if (error)
378 path_release(nd);
379 return error;
380} 146}
381 147
382/* 148/*
@@ -422,67 +188,18 @@ static void set_dentry_child_flags(struct inode *inode, int watched)
422} 188}
423 189
424/* 190/*
425 * create_watch - creates a watch on the given device. 191 * inotify_find_handle - find the watch associated with the given inode and
426 * 192 * handle
427 * Callers must hold dev->mutex. Calls inotify_dev_get_wd() so may sleep.
428 * Both 'dev' and 'inode' (by way of nameidata) need to be pinned.
429 */
430static struct inotify_watch *create_watch(struct inotify_device *dev,
431 u32 mask, struct inode *inode)
432{
433 struct inotify_watch *watch;
434 int ret;
435
436 if (atomic_read(&dev->user->inotify_watches) >=
437 inotify_max_user_watches)
438 return ERR_PTR(-ENOSPC);
439
440 watch = kmem_cache_alloc(watch_cachep, GFP_KERNEL);
441 if (unlikely(!watch))
442 return ERR_PTR(-ENOMEM);
443
444 ret = inotify_dev_get_wd(dev, watch);
445 if (unlikely(ret)) {
446 kmem_cache_free(watch_cachep, watch);
447 return ERR_PTR(ret);
448 }
449
450 dev->last_wd = watch->wd;
451 watch->mask = mask;
452 atomic_set(&watch->count, 0);
453 INIT_LIST_HEAD(&watch->d_list);
454 INIT_LIST_HEAD(&watch->i_list);
455
456 /* save a reference to device and bump the count to make it official */
457 get_inotify_dev(dev);
458 watch->dev = dev;
459
460 /*
461 * Save a reference to the inode and bump the ref count to make it
462 * official. We hold a reference to nameidata, which makes this safe.
463 */
464 watch->inode = igrab(inode);
465
466 /* bump our own count, corresponding to our entry in dev->watches */
467 get_inotify_watch(watch);
468
469 atomic_inc(&dev->user->inotify_watches);
470
471 return watch;
472}
473
474/*
475 * inotify_find_dev - find the watch associated with the given inode and dev
476 * 193 *
477 * Callers must hold inode->inotify_mutex. 194 * Callers must hold inode->inotify_mutex.
478 */ 195 */
479static struct inotify_watch *inode_find_dev(struct inode *inode, 196static struct inotify_watch *inode_find_handle(struct inode *inode,
480 struct inotify_device *dev) 197 struct inotify_handle *ih)
481{ 198{
482 struct inotify_watch *watch; 199 struct inotify_watch *watch;
483 200
484 list_for_each_entry(watch, &inode->inotify_watches, i_list) { 201 list_for_each_entry(watch, &inode->inotify_watches, i_list) {
485 if (watch->dev == dev) 202 if (watch->ih == ih)
486 return watch; 203 return watch;
487 } 204 }
488 205
@@ -490,40 +207,40 @@ static struct inotify_watch *inode_find_dev(struct inode *inode,
490} 207}
491 208
492/* 209/*
493 * remove_watch_no_event - remove_watch() without the IN_IGNORED event. 210 * remove_watch_no_event - remove watch without the IN_IGNORED event.
211 *
212 * Callers must hold both inode->inotify_mutex and ih->mutex.
494 */ 213 */
495static void remove_watch_no_event(struct inotify_watch *watch, 214static void remove_watch_no_event(struct inotify_watch *watch,
496 struct inotify_device *dev) 215 struct inotify_handle *ih)
497{ 216{
498 list_del(&watch->i_list); 217 list_del(&watch->i_list);
499 list_del(&watch->d_list); 218 list_del(&watch->h_list);
500 219
501 if (!inotify_inode_watched(watch->inode)) 220 if (!inotify_inode_watched(watch->inode))
502 set_dentry_child_flags(watch->inode, 0); 221 set_dentry_child_flags(watch->inode, 0);
503 222
504 atomic_dec(&dev->user->inotify_watches); 223 idr_remove(&ih->idr, watch->wd);
505 idr_remove(&dev->idr, watch->wd);
506 put_inotify_watch(watch);
507} 224}
508 225
509/* 226/**
510 * remove_watch - Remove a watch from both the device and the inode. Sends 227 * inotify_remove_watch_locked - Remove a watch from both the handle and the
511 * the IN_IGNORED event to the given device signifying that the inode is no 228 * inode. Sends the IN_IGNORED event signifying that the inode is no longer
512 * longer watched. 229 * watched. May be invoked from a caller's event handler.
513 * 230 * @ih: inotify handle associated with watch
514 * Callers must hold both inode->inotify_mutex and dev->mutex. We drop a 231 * @watch: watch to remove
515 * reference to the inode before returning.
516 * 232 *
517 * The inode is not iput() so as to remain atomic. If the inode needs to be 233 * Callers must hold both inode->inotify_mutex and ih->mutex.
518 * iput(), the call returns one. Otherwise, it returns zero.
519 */ 234 */
520static void remove_watch(struct inotify_watch *watch,struct inotify_device *dev) 235void inotify_remove_watch_locked(struct inotify_handle *ih,
236 struct inotify_watch *watch)
521{ 237{
522 inotify_dev_queue_event(dev, watch, IN_IGNORED, 0, NULL); 238 remove_watch_no_event(watch, ih);
523 remove_watch_no_event(watch, dev); 239 ih->in_ops->handle_event(watch, watch->wd, IN_IGNORED, 0, NULL, NULL);
524} 240}
241EXPORT_SYMBOL_GPL(inotify_remove_watch_locked);
525 242
526/* Kernel API */ 243/* Kernel API for producing events */
527 244
528/* 245/*
529 * inotify_d_instantiate - instantiate dcache entry for inode 246 * inotify_d_instantiate - instantiate dcache entry for inode
@@ -563,9 +280,10 @@ void inotify_d_move(struct dentry *entry)
563 * @mask: event mask describing this event 280 * @mask: event mask describing this event
564 * @cookie: cookie for synchronization, or zero 281 * @cookie: cookie for synchronization, or zero
565 * @name: filename, if any 282 * @name: filename, if any
283 * @n_inode: inode associated with name
566 */ 284 */
567void inotify_inode_queue_event(struct inode *inode, u32 mask, u32 cookie, 285void inotify_inode_queue_event(struct inode *inode, u32 mask, u32 cookie,
568 const char *name) 286 const char *name, struct inode *n_inode)
569{ 287{
570 struct inotify_watch *watch, *next; 288 struct inotify_watch *watch, *next;
571 289
@@ -576,14 +294,13 @@ void inotify_inode_queue_event(struct inode *inode, u32 mask, u32 cookie,
576 list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) { 294 list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) {
577 u32 watch_mask = watch->mask; 295 u32 watch_mask = watch->mask;
578 if (watch_mask & mask) { 296 if (watch_mask & mask) {
579 struct inotify_device *dev = watch->dev; 297 struct inotify_handle *ih= watch->ih;
580 get_inotify_watch(watch); 298 mutex_lock(&ih->mutex);
581 mutex_lock(&dev->mutex);
582 inotify_dev_queue_event(dev, watch, mask, cookie, name);
583 if (watch_mask & IN_ONESHOT) 299 if (watch_mask & IN_ONESHOT)
584 remove_watch_no_event(watch, dev); 300 remove_watch_no_event(watch, ih);
585 mutex_unlock(&dev->mutex); 301 ih->in_ops->handle_event(watch, watch->wd, mask, cookie,
586 put_inotify_watch(watch); 302 name, n_inode);
303 mutex_unlock(&ih->mutex);
587 } 304 }
588 } 305 }
589 mutex_unlock(&inode->inotify_mutex); 306 mutex_unlock(&inode->inotify_mutex);
@@ -613,7 +330,8 @@ void inotify_dentry_parent_queue_event(struct dentry *dentry, u32 mask,
613 if (inotify_inode_watched(inode)) { 330 if (inotify_inode_watched(inode)) {
614 dget(parent); 331 dget(parent);
615 spin_unlock(&dentry->d_lock); 332 spin_unlock(&dentry->d_lock);
616 inotify_inode_queue_event(inode, mask, cookie, name); 333 inotify_inode_queue_event(inode, mask, cookie, name,
334 dentry->d_inode);
617 dput(parent); 335 dput(parent);
618 } else 336 } else
619 spin_unlock(&dentry->d_lock); 337 spin_unlock(&dentry->d_lock);
@@ -665,7 +383,7 @@ void inotify_unmount_inodes(struct list_head *list)
665 383
666 need_iput_tmp = need_iput; 384 need_iput_tmp = need_iput;
667 need_iput = NULL; 385 need_iput = NULL;
668 /* In case the remove_watch() drops a reference. */ 386 /* In case inotify_remove_watch_locked() drops a reference. */
669 if (inode != need_iput_tmp) 387 if (inode != need_iput_tmp)
670 __iget(inode); 388 __iget(inode);
671 else 389 else
@@ -694,11 +412,12 @@ void inotify_unmount_inodes(struct list_head *list)
694 mutex_lock(&inode->inotify_mutex); 412 mutex_lock(&inode->inotify_mutex);
695 watches = &inode->inotify_watches; 413 watches = &inode->inotify_watches;
696 list_for_each_entry_safe(watch, next_w, watches, i_list) { 414 list_for_each_entry_safe(watch, next_w, watches, i_list) {
697 struct inotify_device *dev = watch->dev; 415 struct inotify_handle *ih= watch->ih;
698 mutex_lock(&dev->mutex); 416 mutex_lock(&ih->mutex);
699 inotify_dev_queue_event(dev, watch, IN_UNMOUNT,0,NULL); 417 ih->in_ops->handle_event(watch, watch->wd, IN_UNMOUNT, 0,
700 remove_watch(watch, dev); 418 NULL, NULL);
701 mutex_unlock(&dev->mutex); 419 inotify_remove_watch_locked(ih, watch);
420 mutex_unlock(&ih->mutex);
702 } 421 }
703 mutex_unlock(&inode->inotify_mutex); 422 mutex_unlock(&inode->inotify_mutex);
704 iput(inode); 423 iput(inode);
@@ -718,432 +437,292 @@ void inotify_inode_is_dead(struct inode *inode)
718 437
719 mutex_lock(&inode->inotify_mutex); 438 mutex_lock(&inode->inotify_mutex);
720 list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) { 439 list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) {
721 struct inotify_device *dev = watch->dev; 440 struct inotify_handle *ih = watch->ih;
722 mutex_lock(&dev->mutex); 441 mutex_lock(&ih->mutex);
723 remove_watch(watch, dev); 442 inotify_remove_watch_locked(ih, watch);
724 mutex_unlock(&dev->mutex); 443 mutex_unlock(&ih->mutex);
725 } 444 }
726 mutex_unlock(&inode->inotify_mutex); 445 mutex_unlock(&inode->inotify_mutex);
727} 446}
728EXPORT_SYMBOL_GPL(inotify_inode_is_dead); 447EXPORT_SYMBOL_GPL(inotify_inode_is_dead);
729 448
730/* Device Interface */ 449/* Kernel Consumer API */
731 450
732static unsigned int inotify_poll(struct file *file, poll_table *wait) 451/**
452 * inotify_init - allocate and initialize an inotify instance
453 * @ops: caller's inotify operations
454 */
455struct inotify_handle *inotify_init(const struct inotify_operations *ops)
733{ 456{
734 struct inotify_device *dev = file->private_data; 457 struct inotify_handle *ih;
735 int ret = 0;
736 458
737 poll_wait(file, &dev->wq, wait); 459 ih = kmalloc(sizeof(struct inotify_handle), GFP_KERNEL);
738 mutex_lock(&dev->mutex); 460 if (unlikely(!ih))
739 if (!list_empty(&dev->events)) 461 return ERR_PTR(-ENOMEM);
740 ret = POLLIN | POLLRDNORM;
741 mutex_unlock(&dev->mutex);
742 462
743 return ret; 463 idr_init(&ih->idr);
464 INIT_LIST_HEAD(&ih->watches);
465 mutex_init(&ih->mutex);
466 ih->last_wd = 0;
467 ih->in_ops = ops;
468 atomic_set(&ih->count, 0);
469 get_inotify_handle(ih);
470
471 return ih;
744} 472}
473EXPORT_SYMBOL_GPL(inotify_init);
745 474
746static ssize_t inotify_read(struct file *file, char __user *buf, 475/**
747 size_t count, loff_t *pos) 476 * inotify_init_watch - initialize an inotify watch
477 * @watch: watch to initialize
478 */
479void inotify_init_watch(struct inotify_watch *watch)
748{ 480{
749 size_t event_size = sizeof (struct inotify_event); 481 INIT_LIST_HEAD(&watch->h_list);
750 struct inotify_device *dev; 482 INIT_LIST_HEAD(&watch->i_list);
751 char __user *start; 483 atomic_set(&watch->count, 0);
752 int ret; 484 get_inotify_watch(watch); /* initial get */
753 DEFINE_WAIT(wait);
754
755 start = buf;
756 dev = file->private_data;
757
758 while (1) {
759 int events;
760
761 prepare_to_wait(&dev->wq, &wait, TASK_INTERRUPTIBLE);
762
763 mutex_lock(&dev->mutex);
764 events = !list_empty(&dev->events);
765 mutex_unlock(&dev->mutex);
766 if (events) {
767 ret = 0;
768 break;
769 }
770
771 if (file->f_flags & O_NONBLOCK) {
772 ret = -EAGAIN;
773 break;
774 }
775
776 if (signal_pending(current)) {
777 ret = -EINTR;
778 break;
779 }
780
781 schedule();
782 }
783
784 finish_wait(&dev->wq, &wait);
785 if (ret)
786 return ret;
787
788 mutex_lock(&dev->mutex);
789 while (1) {
790 struct inotify_kernel_event *kevent;
791
792 ret = buf - start;
793 if (list_empty(&dev->events))
794 break;
795
796 kevent = inotify_dev_get_event(dev);
797 if (event_size + kevent->event.len > count)
798 break;
799
800 if (copy_to_user(buf, &kevent->event, event_size)) {
801 ret = -EFAULT;
802 break;
803 }
804 buf += event_size;
805 count -= event_size;
806
807 if (kevent->name) {
808 if (copy_to_user(buf, kevent->name, kevent->event.len)){
809 ret = -EFAULT;
810 break;
811 }
812 buf += kevent->event.len;
813 count -= kevent->event.len;
814 }
815
816 remove_kevent(dev, kevent);
817 }
818 mutex_unlock(&dev->mutex);
819
820 return ret;
821} 485}
486EXPORT_SYMBOL_GPL(inotify_init_watch);
822 487
823static int inotify_release(struct inode *ignored, struct file *file) 488/**
489 * inotify_destroy - clean up and destroy an inotify instance
490 * @ih: inotify handle
491 */
492void inotify_destroy(struct inotify_handle *ih)
824{ 493{
825 struct inotify_device *dev = file->private_data;
826
827 /* 494 /*
828 * Destroy all of the watches on this device. Unfortunately, not very 495 * Destroy all of the watches for this handle. Unfortunately, not very
829 * pretty. We cannot do a simple iteration over the list, because we 496 * pretty. We cannot do a simple iteration over the list, because we
830 * do not know the inode until we iterate to the watch. But we need to 497 * do not know the inode until we iterate to the watch. But we need to
831 * hold inode->inotify_mutex before dev->mutex. The following works. 498 * hold inode->inotify_mutex before ih->mutex. The following works.
832 */ 499 */
833 while (1) { 500 while (1) {
834 struct inotify_watch *watch; 501 struct inotify_watch *watch;
835 struct list_head *watches; 502 struct list_head *watches;
836 struct inode *inode; 503 struct inode *inode;
837 504
838 mutex_lock(&dev->mutex); 505 mutex_lock(&ih->mutex);
839 watches = &dev->watches; 506 watches = &ih->watches;
840 if (list_empty(watches)) { 507 if (list_empty(watches)) {
841 mutex_unlock(&dev->mutex); 508 mutex_unlock(&ih->mutex);
842 break; 509 break;
843 } 510 }
844 watch = list_entry(watches->next, struct inotify_watch, d_list); 511 watch = list_entry(watches->next, struct inotify_watch, h_list);
845 get_inotify_watch(watch); 512 get_inotify_watch(watch);
846 mutex_unlock(&dev->mutex); 513 mutex_unlock(&ih->mutex);
847 514
848 inode = watch->inode; 515 inode = watch->inode;
849 mutex_lock(&inode->inotify_mutex); 516 mutex_lock(&inode->inotify_mutex);
850 mutex_lock(&dev->mutex); 517 mutex_lock(&ih->mutex);
851 518
852 /* make sure we didn't race with another list removal */ 519 /* make sure we didn't race with another list removal */
853 if (likely(idr_find(&dev->idr, watch->wd))) 520 if (likely(idr_find(&ih->idr, watch->wd))) {
854 remove_watch_no_event(watch, dev); 521 remove_watch_no_event(watch, ih);
522 put_inotify_watch(watch);
523 }
855 524
856 mutex_unlock(&dev->mutex); 525 mutex_unlock(&ih->mutex);
857 mutex_unlock(&inode->inotify_mutex); 526 mutex_unlock(&inode->inotify_mutex);
858 put_inotify_watch(watch); 527 put_inotify_watch(watch);
859 } 528 }
860 529
861 /* destroy all of the events on this device */ 530 /* free this handle: the put matching the get in inotify_init() */
862 mutex_lock(&dev->mutex); 531 put_inotify_handle(ih);
863 while (!list_empty(&dev->events))
864 inotify_dev_event_dequeue(dev);
865 mutex_unlock(&dev->mutex);
866
867 /* free this device: the put matching the get in inotify_init() */
868 put_inotify_dev(dev);
869
870 return 0;
871} 532}
533EXPORT_SYMBOL_GPL(inotify_destroy);
872 534
873/* 535/**
874 * inotify_ignore - remove a given wd from this inotify instance. 536 * inotify_find_watch - find an existing watch for an (ih,inode) pair
537 * @ih: inotify handle
538 * @inode: inode to watch
539 * @watchp: pointer to existing inotify_watch
875 * 540 *
876 * Can sleep. 541 * Caller must pin given inode (via nameidata).
877 */ 542 */
878static int inotify_ignore(struct inotify_device *dev, s32 wd) 543s32 inotify_find_watch(struct inotify_handle *ih, struct inode *inode,
544 struct inotify_watch **watchp)
879{ 545{
880 struct inotify_watch *watch; 546 struct inotify_watch *old;
881 struct inode *inode; 547 int ret = -ENOENT;
882
883 mutex_lock(&dev->mutex);
884 watch = idr_find(&dev->idr, wd);
885 if (unlikely(!watch)) {
886 mutex_unlock(&dev->mutex);
887 return -EINVAL;
888 }
889 get_inotify_watch(watch);
890 inode = watch->inode;
891 mutex_unlock(&dev->mutex);
892 548
893 mutex_lock(&inode->inotify_mutex); 549 mutex_lock(&inode->inotify_mutex);
894 mutex_lock(&dev->mutex); 550 mutex_lock(&ih->mutex);
895 551
896 /* make sure that we did not race */ 552 old = inode_find_handle(inode, ih);
897 if (likely(idr_find(&dev->idr, wd) == watch)) 553 if (unlikely(old)) {
898 remove_watch(watch, dev); 554 get_inotify_watch(old); /* caller must put watch */
555 *watchp = old;
556 ret = old->wd;
557 }
899 558
900 mutex_unlock(&dev->mutex); 559 mutex_unlock(&ih->mutex);
901 mutex_unlock(&inode->inotify_mutex); 560 mutex_unlock(&inode->inotify_mutex);
902 put_inotify_watch(watch);
903 561
904 return 0; 562 return ret;
905} 563}
564EXPORT_SYMBOL_GPL(inotify_find_watch);
906 565
907static long inotify_ioctl(struct file *file, unsigned int cmd, 566/**
908 unsigned long arg) 567 * inotify_find_update_watch - find and update the mask of an existing watch
568 * @ih: inotify handle
569 * @inode: inode's watch to update
570 * @mask: mask of events to watch
571 *
572 * Caller must pin given inode (via nameidata).
573 */
574s32 inotify_find_update_watch(struct inotify_handle *ih, struct inode *inode,
575 u32 mask)
909{ 576{
910 struct inotify_device *dev; 577 struct inotify_watch *old;
911 void __user *p; 578 int mask_add = 0;
912 int ret = -ENOTTY; 579 int ret;
913
914 dev = file->private_data;
915 p = (void __user *) arg;
916
917 switch (cmd) {
918 case FIONREAD:
919 ret = put_user(dev->queue_size, (int __user *) p);
920 break;
921 }
922
923 return ret;
924}
925 580
926static const struct file_operations inotify_fops = { 581 if (mask & IN_MASK_ADD)
927 .poll = inotify_poll, 582 mask_add = 1;
928 .read = inotify_read,
929 .release = inotify_release,
930 .unlocked_ioctl = inotify_ioctl,
931 .compat_ioctl = inotify_ioctl,
932};
933 583
934asmlinkage long sys_inotify_init(void) 584 /* don't allow invalid bits: we don't want flags set */
935{ 585 mask &= IN_ALL_EVENTS | IN_ONESHOT;
936 struct inotify_device *dev; 586 if (unlikely(!mask))
937 struct user_struct *user; 587 return -EINVAL;
938 struct file *filp;
939 int fd, ret;
940
941 fd = get_unused_fd();
942 if (fd < 0)
943 return fd;
944
945 filp = get_empty_filp();
946 if (!filp) {
947 ret = -ENFILE;
948 goto out_put_fd;
949 }
950 588
951 user = get_uid(current->user); 589 mutex_lock(&inode->inotify_mutex);
952 if (unlikely(atomic_read(&user->inotify_devs) >= 590 mutex_lock(&ih->mutex);
953 inotify_max_user_instances)) {
954 ret = -EMFILE;
955 goto out_free_uid;
956 }
957 591
958 dev = kmalloc(sizeof(struct inotify_device), GFP_KERNEL); 592 /*
959 if (unlikely(!dev)) { 593 * Handle the case of re-adding a watch on an (inode,ih) pair that we
960 ret = -ENOMEM; 594 * are already watching. We just update the mask and return its wd.
961 goto out_free_uid; 595 */
596 old = inode_find_handle(inode, ih);
597 if (unlikely(!old)) {
598 ret = -ENOENT;
599 goto out;
962 } 600 }
963 601
964 filp->f_op = &inotify_fops; 602 if (mask_add)
965 filp->f_vfsmnt = mntget(inotify_mnt); 603 old->mask |= mask;
966 filp->f_dentry = dget(inotify_mnt->mnt_root); 604 else
967 filp->f_mapping = filp->f_dentry->d_inode->i_mapping; 605 old->mask = mask;
968 filp->f_mode = FMODE_READ; 606 ret = old->wd;
969 filp->f_flags = O_RDONLY; 607out:
970 filp->private_data = dev; 608 mutex_unlock(&ih->mutex);
971 609 mutex_unlock(&inode->inotify_mutex);
972 idr_init(&dev->idr);
973 INIT_LIST_HEAD(&dev->events);
974 INIT_LIST_HEAD(&dev->watches);
975 init_waitqueue_head(&dev->wq);
976 mutex_init(&dev->mutex);
977 dev->event_count = 0;
978 dev->queue_size = 0;
979 dev->max_events = inotify_max_queued_events;
980 dev->user = user;
981 dev->last_wd = 0;
982 atomic_set(&dev->count, 0);
983
984 get_inotify_dev(dev);
985 atomic_inc(&user->inotify_devs);
986 fd_install(fd, filp);
987
988 return fd;
989out_free_uid:
990 free_uid(user);
991 put_filp(filp);
992out_put_fd:
993 put_unused_fd(fd);
994 return ret; 610 return ret;
995} 611}
612EXPORT_SYMBOL_GPL(inotify_find_update_watch);
996 613
997asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask) 614/**
615 * inotify_add_watch - add a watch to an inotify instance
616 * @ih: inotify handle
617 * @watch: caller allocated watch structure
618 * @inode: inode to watch
619 * @mask: mask of events to watch
620 *
621 * Caller must pin given inode (via nameidata).
622 * Caller must ensure it only calls inotify_add_watch() once per watch.
623 * Calls inotify_handle_get_wd() so may sleep.
624 */
625s32 inotify_add_watch(struct inotify_handle *ih, struct inotify_watch *watch,
626 struct inode *inode, u32 mask)
998{ 627{
999 struct inotify_watch *watch, *old; 628 int ret = 0;
1000 struct inode *inode;
1001 struct inotify_device *dev;
1002 struct nameidata nd;
1003 struct file *filp;
1004 int ret, fput_needed;
1005 int mask_add = 0;
1006 unsigned flags = 0;
1007
1008 filp = fget_light(fd, &fput_needed);
1009 if (unlikely(!filp))
1010 return -EBADF;
1011
1012 /* verify that this is indeed an inotify instance */
1013 if (unlikely(filp->f_op != &inotify_fops)) {
1014 ret = -EINVAL;
1015 goto fput_and_out;
1016 }
1017
1018 if (!(mask & IN_DONT_FOLLOW))
1019 flags |= LOOKUP_FOLLOW;
1020 if (mask & IN_ONLYDIR)
1021 flags |= LOOKUP_DIRECTORY;
1022
1023 ret = find_inode(path, &nd, flags);
1024 if (unlikely(ret))
1025 goto fput_and_out;
1026 629
1027 /* inode held in place by reference to nd; dev by fget on fd */ 630 /* don't allow invalid bits: we don't want flags set */
1028 inode = nd.dentry->d_inode; 631 mask &= IN_ALL_EVENTS | IN_ONESHOT;
1029 dev = filp->private_data; 632 if (unlikely(!mask))
633 return -EINVAL;
634 watch->mask = mask;
1030 635
1031 mutex_lock(&inode->inotify_mutex); 636 mutex_lock(&inode->inotify_mutex);
1032 mutex_lock(&dev->mutex); 637 mutex_lock(&ih->mutex);
1033
1034 if (mask & IN_MASK_ADD)
1035 mask_add = 1;
1036 638
1037 /* don't let user-space set invalid bits: we don't want flags set */ 639 /* Initialize a new watch */
1038 mask &= IN_ALL_EVENTS | IN_ONESHOT; 640 ret = inotify_handle_get_wd(ih, watch);
1039 if (unlikely(!mask)) { 641 if (unlikely(ret))
1040 ret = -EINVAL;
1041 goto out; 642 goto out;
1042 } 643 ret = watch->wd;
644
645 /* save a reference to handle and bump the count to make it official */
646 get_inotify_handle(ih);
647 watch->ih = ih;
1043 648
1044 /* 649 /*
1045 * Handle the case of re-adding a watch on an (inode,dev) pair that we 650 * Save a reference to the inode and bump the ref count to make it
1046 * are already watching. We just update the mask and return its wd. 651 * official. We hold a reference to nameidata, which makes this safe.
1047 */ 652 */
1048 old = inode_find_dev(inode, dev); 653 watch->inode = igrab(inode);
1049 if (unlikely(old)) {
1050 if (mask_add)
1051 old->mask |= mask;
1052 else
1053 old->mask = mask;
1054 ret = old->wd;
1055 goto out;
1056 }
1057
1058 watch = create_watch(dev, mask, inode);
1059 if (unlikely(IS_ERR(watch))) {
1060 ret = PTR_ERR(watch);
1061 goto out;
1062 }
1063 654
1064 if (!inotify_inode_watched(inode)) 655 if (!inotify_inode_watched(inode))
1065 set_dentry_child_flags(inode, 1); 656 set_dentry_child_flags(inode, 1);
1066 657
1067 /* Add the watch to the device's and the inode's list */ 658 /* Add the watch to the handle's and the inode's list */
1068 list_add(&watch->d_list, &dev->watches); 659 list_add(&watch->h_list, &ih->watches);
1069 list_add(&watch->i_list, &inode->inotify_watches); 660 list_add(&watch->i_list, &inode->inotify_watches);
1070 ret = watch->wd;
1071out: 661out:
1072 mutex_unlock(&dev->mutex); 662 mutex_unlock(&ih->mutex);
1073 mutex_unlock(&inode->inotify_mutex); 663 mutex_unlock(&inode->inotify_mutex);
1074 path_release(&nd);
1075fput_and_out:
1076 fput_light(filp, fput_needed);
1077 return ret; 664 return ret;
1078} 665}
666EXPORT_SYMBOL_GPL(inotify_add_watch);
1079 667
1080asmlinkage long sys_inotify_rm_watch(int fd, u32 wd) 668/**
669 * inotify_rm_wd - remove a watch from an inotify instance
670 * @ih: inotify handle
671 * @wd: watch descriptor to remove
672 *
673 * Can sleep.
674 */
675int inotify_rm_wd(struct inotify_handle *ih, u32 wd)
1081{ 676{
1082 struct file *filp; 677 struct inotify_watch *watch;
1083 struct inotify_device *dev; 678 struct inode *inode;
1084 int ret, fput_needed;
1085
1086 filp = fget_light(fd, &fput_needed);
1087 if (unlikely(!filp))
1088 return -EBADF;
1089 679
1090 /* verify that this is indeed an inotify instance */ 680 mutex_lock(&ih->mutex);
1091 if (unlikely(filp->f_op != &inotify_fops)) { 681 watch = idr_find(&ih->idr, wd);
1092 ret = -EINVAL; 682 if (unlikely(!watch)) {
1093 goto out; 683 mutex_unlock(&ih->mutex);
684 return -EINVAL;
1094 } 685 }
686 get_inotify_watch(watch);
687 inode = watch->inode;
688 mutex_unlock(&ih->mutex);
1095 689
1096 dev = filp->private_data; 690 mutex_lock(&inode->inotify_mutex);
1097 ret = inotify_ignore(dev, wd); 691 mutex_lock(&ih->mutex);
1098 692
1099out: 693 /* make sure that we did not race */
1100 fput_light(filp, fput_needed); 694 if (likely(idr_find(&ih->idr, wd) == watch))
1101 return ret; 695 inotify_remove_watch_locked(ih, watch);
696
697 mutex_unlock(&ih->mutex);
698 mutex_unlock(&inode->inotify_mutex);
699 put_inotify_watch(watch);
700
701 return 0;
1102} 702}
703EXPORT_SYMBOL_GPL(inotify_rm_wd);
1103 704
1104static struct super_block * 705/**
1105inotify_get_sb(struct file_system_type *fs_type, int flags, 706 * inotify_rm_watch - remove a watch from an inotify instance
1106 const char *dev_name, void *data) 707 * @ih: inotify handle
708 * @watch: watch to remove
709 *
710 * Can sleep.
711 */
712int inotify_rm_watch(struct inotify_handle *ih,
713 struct inotify_watch *watch)
1107{ 714{
1108 return get_sb_pseudo(fs_type, "inotify", NULL, 0xBAD1DEA); 715 return inotify_rm_wd(ih, watch->wd);
1109} 716}
1110 717EXPORT_SYMBOL_GPL(inotify_rm_watch);
1111static struct file_system_type inotify_fs_type = {
1112 .name = "inotifyfs",
1113 .get_sb = inotify_get_sb,
1114 .kill_sb = kill_anon_super,
1115};
1116 718
1117/* 719/*
1118 * inotify_setup - Our initialization function. Note that we cannnot return 720 * inotify_setup - core initialization function
1119 * error because we have compiled-in VFS hooks. So an (unlikely) failure here
1120 * must result in panic().
1121 */ 721 */
1122static int __init inotify_setup(void) 722static int __init inotify_setup(void)
1123{ 723{
1124 int ret;
1125
1126 ret = register_filesystem(&inotify_fs_type);
1127 if (unlikely(ret))
1128 panic("inotify: register_filesystem returned %d!\n", ret);
1129
1130 inotify_mnt = kern_mount(&inotify_fs_type);
1131 if (IS_ERR(inotify_mnt))
1132 panic("inotify: kern_mount ret %ld!\n", PTR_ERR(inotify_mnt));
1133
1134 inotify_max_queued_events = 16384;
1135 inotify_max_user_instances = 128;
1136 inotify_max_user_watches = 8192;
1137
1138 atomic_set(&inotify_cookie, 0); 724 atomic_set(&inotify_cookie, 0);
1139 725
1140 watch_cachep = kmem_cache_create("inotify_watch_cache",
1141 sizeof(struct inotify_watch),
1142 0, SLAB_PANIC, NULL, NULL);
1143 event_cachep = kmem_cache_create("inotify_event_cache",
1144 sizeof(struct inotify_kernel_event),
1145 0, SLAB_PANIC, NULL, NULL);
1146
1147 return 0; 726 return 0;
1148} 727}
1149 728
diff --git a/fs/inotify_user.c b/fs/inotify_user.c
new file mode 100644
index 000000000000..9e9931e2badd
--- /dev/null
+++ b/fs/inotify_user.c
@@ -0,0 +1,719 @@
1/*
2 * fs/inotify_user.c - inotify support for userspace
3 *
4 * Authors:
5 * John McCutchan <ttb@tentacle.dhs.org>
6 * Robert Love <rml@novell.com>
7 *
8 * Copyright (C) 2005 John McCutchan
9 * Copyright 2006 Hewlett-Packard Development Company, L.P.
10 *
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the
13 * Free Software Foundation; either version 2, or (at your option) any
14 * later version.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 */
21
22#include <linux/kernel.h>
23#include <linux/sched.h>
24#include <linux/slab.h>
25#include <linux/fs.h>
26#include <linux/file.h>
27#include <linux/mount.h>
28#include <linux/namei.h>
29#include <linux/poll.h>
30#include <linux/init.h>
31#include <linux/list.h>
32#include <linux/inotify.h>
33#include <linux/syscalls.h>
34
35#include <asm/ioctls.h>
36
37static kmem_cache_t *watch_cachep __read_mostly;
38static kmem_cache_t *event_cachep __read_mostly;
39
40static struct vfsmount *inotify_mnt __read_mostly;
41
42/* these are configurable via /proc/sys/fs/inotify/ */
43int inotify_max_user_instances __read_mostly;
44int inotify_max_user_watches __read_mostly;
45int inotify_max_queued_events __read_mostly;
46
47/*
48 * Lock ordering:
49 *
50 * inotify_dev->up_mutex (ensures we don't re-add the same watch)
51 * inode->inotify_mutex (protects inode's watch list)
52 * inotify_handle->mutex (protects inotify_handle's watch list)
53 * inotify_dev->ev_mutex (protects device's event queue)
54 */
55
56/*
57 * Lifetimes of the main data structures:
58 *
59 * inotify_device: Lifetime is managed by reference count, from
60 * sys_inotify_init() until release. Additional references can bump the count
61 * via get_inotify_dev() and drop the count via put_inotify_dev().
62 *
63 * inotify_user_watch: Lifetime is from create_watch() to the receipt of an
64 * IN_IGNORED event from inotify, or when using IN_ONESHOT, to receipt of the
65 * first event, or to inotify_destroy().
66 */
67
68/*
69 * struct inotify_device - represents an inotify instance
70 *
71 * This structure is protected by the mutex 'mutex'.
72 */
73struct inotify_device {
74 wait_queue_head_t wq; /* wait queue for i/o */
75 struct mutex ev_mutex; /* protects event queue */
76 struct mutex up_mutex; /* synchronizes watch updates */
77 struct list_head events; /* list of queued events */
78 atomic_t count; /* reference count */
79 struct user_struct *user; /* user who opened this dev */
80 struct inotify_handle *ih; /* inotify handle */
81 unsigned int queue_size; /* size of the queue (bytes) */
82 unsigned int event_count; /* number of pending events */
83 unsigned int max_events; /* maximum number of events */
84};
85
86/*
87 * struct inotify_kernel_event - An inotify event, originating from a watch and
88 * queued for user-space. A list of these is attached to each instance of the
89 * device. In read(), this list is walked and all events that can fit in the
90 * buffer are returned.
91 *
92 * Protected by dev->ev_mutex of the device in which we are queued.
93 */
94struct inotify_kernel_event {
95 struct inotify_event event; /* the user-space event */
96 struct list_head list; /* entry in inotify_device's list */
97 char *name; /* filename, if any */
98};
99
100/*
101 * struct inotify_user_watch - our version of an inotify_watch, we add
102 * a reference to the associated inotify_device.
103 */
104struct inotify_user_watch {
105 struct inotify_device *dev; /* associated device */
106 struct inotify_watch wdata; /* inotify watch data */
107};
108
109#ifdef CONFIG_SYSCTL
110
111#include <linux/sysctl.h>
112
113static int zero;
114
115ctl_table inotify_table[] = {
116 {
117 .ctl_name = INOTIFY_MAX_USER_INSTANCES,
118 .procname = "max_user_instances",
119 .data = &inotify_max_user_instances,
120 .maxlen = sizeof(int),
121 .mode = 0644,
122 .proc_handler = &proc_dointvec_minmax,
123 .strategy = &sysctl_intvec,
124 .extra1 = &zero,
125 },
126 {
127 .ctl_name = INOTIFY_MAX_USER_WATCHES,
128 .procname = "max_user_watches",
129 .data = &inotify_max_user_watches,
130 .maxlen = sizeof(int),
131 .mode = 0644,
132 .proc_handler = &proc_dointvec_minmax,
133 .strategy = &sysctl_intvec,
134 .extra1 = &zero,
135 },
136 {
137 .ctl_name = INOTIFY_MAX_QUEUED_EVENTS,
138 .procname = "max_queued_events",
139 .data = &inotify_max_queued_events,
140 .maxlen = sizeof(int),
141 .mode = 0644,
142 .proc_handler = &proc_dointvec_minmax,
143 .strategy = &sysctl_intvec,
144 .extra1 = &zero
145 },
146 { .ctl_name = 0 }
147};
148#endif /* CONFIG_SYSCTL */
149
150static inline void get_inotify_dev(struct inotify_device *dev)
151{
152 atomic_inc(&dev->count);
153}
154
155static inline void put_inotify_dev(struct inotify_device *dev)
156{
157 if (atomic_dec_and_test(&dev->count)) {
158 atomic_dec(&dev->user->inotify_devs);
159 free_uid(dev->user);
160 kfree(dev);
161 }
162}
163
164/*
165 * free_inotify_user_watch - cleans up the watch and its references
166 */
167static void free_inotify_user_watch(struct inotify_watch *w)
168{
169 struct inotify_user_watch *watch;
170 struct inotify_device *dev;
171
172 watch = container_of(w, struct inotify_user_watch, wdata);
173 dev = watch->dev;
174
175 atomic_dec(&dev->user->inotify_watches);
176 put_inotify_dev(dev);
177 kmem_cache_free(watch_cachep, watch);
178}
179
180/*
181 * kernel_event - create a new kernel event with the given parameters
182 *
183 * This function can sleep.
184 */
185static struct inotify_kernel_event * kernel_event(s32 wd, u32 mask, u32 cookie,
186 const char *name)
187{
188 struct inotify_kernel_event *kevent;
189
190 kevent = kmem_cache_alloc(event_cachep, GFP_KERNEL);
191 if (unlikely(!kevent))
192 return NULL;
193
194 /* we hand this out to user-space, so zero it just in case */
195 memset(&kevent->event, 0, sizeof(struct inotify_event));
196
197 kevent->event.wd = wd;
198 kevent->event.mask = mask;
199 kevent->event.cookie = cookie;
200
201 INIT_LIST_HEAD(&kevent->list);
202
203 if (name) {
204 size_t len, rem, event_size = sizeof(struct inotify_event);
205
206 /*
207 * We need to pad the filename so as to properly align an
208 * array of inotify_event structures. Because the structure is
209 * small and the common case is a small filename, we just round
210 * up to the next multiple of the structure's sizeof. This is
211 * simple and safe for all architectures.
212 */
213 len = strlen(name) + 1;
214 rem = event_size - len;
215 if (len > event_size) {
216 rem = event_size - (len % event_size);
217 if (len % event_size == 0)
218 rem = 0;
219 }
220
221 kevent->name = kmalloc(len + rem, GFP_KERNEL);
222 if (unlikely(!kevent->name)) {
223 kmem_cache_free(event_cachep, kevent);
224 return NULL;
225 }
226 memcpy(kevent->name, name, len);
227 if (rem)
228 memset(kevent->name + len, 0, rem);
229 kevent->event.len = len + rem;
230 } else {
231 kevent->event.len = 0;
232 kevent->name = NULL;
233 }
234
235 return kevent;
236}
237
238/*
239 * inotify_dev_get_event - return the next event in the given dev's queue
240 *
241 * Caller must hold dev->ev_mutex.
242 */
243static inline struct inotify_kernel_event *
244inotify_dev_get_event(struct inotify_device *dev)
245{
246 return list_entry(dev->events.next, struct inotify_kernel_event, list);
247}
248
249/*
250 * inotify_dev_queue_event - event handler registered with core inotify, adds
251 * a new event to the given device
252 *
253 * Can sleep (calls kernel_event()).
254 */
255static void inotify_dev_queue_event(struct inotify_watch *w, u32 wd, u32 mask,
256 u32 cookie, const char *name,
257 struct inode *ignored)
258{
259 struct inotify_user_watch *watch;
260 struct inotify_device *dev;
261 struct inotify_kernel_event *kevent, *last;
262
263 watch = container_of(w, struct inotify_user_watch, wdata);
264 dev = watch->dev;
265
266 mutex_lock(&dev->ev_mutex);
267
268 /* we can safely put the watch as we don't reference it while
269 * generating the event
270 */
271 if (mask & IN_IGNORED || mask & IN_ONESHOT)
272 put_inotify_watch(w); /* final put */
273
274 /* coalescing: drop this event if it is a dupe of the previous */
275 last = inotify_dev_get_event(dev);
276 if (last && last->event.mask == mask && last->event.wd == wd &&
277 last->event.cookie == cookie) {
278 const char *lastname = last->name;
279
280 if (!name && !lastname)
281 goto out;
282 if (name && lastname && !strcmp(lastname, name))
283 goto out;
284 }
285
286 /* the queue overflowed and we already sent the Q_OVERFLOW event */
287 if (unlikely(dev->event_count > dev->max_events))
288 goto out;
289
290 /* if the queue overflows, we need to notify user space */
291 if (unlikely(dev->event_count == dev->max_events))
292 kevent = kernel_event(-1, IN_Q_OVERFLOW, cookie, NULL);
293 else
294 kevent = kernel_event(wd, mask, cookie, name);
295
296 if (unlikely(!kevent))
297 goto out;
298
299 /* queue the event and wake up anyone waiting */
300 dev->event_count++;
301 dev->queue_size += sizeof(struct inotify_event) + kevent->event.len;
302 list_add_tail(&kevent->list, &dev->events);
303 wake_up_interruptible(&dev->wq);
304
305out:
306 mutex_unlock(&dev->ev_mutex);
307}
308
309/*
310 * remove_kevent - cleans up and ultimately frees the given kevent
311 *
312 * Caller must hold dev->ev_mutex.
313 */
314static void remove_kevent(struct inotify_device *dev,
315 struct inotify_kernel_event *kevent)
316{
317 list_del(&kevent->list);
318
319 dev->event_count--;
320 dev->queue_size -= sizeof(struct inotify_event) + kevent->event.len;
321
322 kfree(kevent->name);
323 kmem_cache_free(event_cachep, kevent);
324}
325
326/*
327 * inotify_dev_event_dequeue - destroy an event on the given device
328 *
329 * Caller must hold dev->ev_mutex.
330 */
331static void inotify_dev_event_dequeue(struct inotify_device *dev)
332{
333 if (!list_empty(&dev->events)) {
334 struct inotify_kernel_event *kevent;
335 kevent = inotify_dev_get_event(dev);
336 remove_kevent(dev, kevent);
337 }
338}
339
340/*
341 * find_inode - resolve a user-given path to a specific inode and return a nd
342 */
343static int find_inode(const char __user *dirname, struct nameidata *nd,
344 unsigned flags)
345{
346 int error;
347
348 error = __user_walk(dirname, flags, nd);
349 if (error)
350 return error;
351 /* you can only watch an inode if you have read permissions on it */
352 error = vfs_permission(nd, MAY_READ);
353 if (error)
354 path_release(nd);
355 return error;
356}
357
358/*
359 * create_watch - creates a watch on the given device.
360 *
361 * Callers must hold dev->up_mutex.
362 */
363static int create_watch(struct inotify_device *dev, struct inode *inode,
364 u32 mask)
365{
366 struct inotify_user_watch *watch;
367 int ret;
368
369 if (atomic_read(&dev->user->inotify_watches) >=
370 inotify_max_user_watches)
371 return -ENOSPC;
372
373 watch = kmem_cache_alloc(watch_cachep, GFP_KERNEL);
374 if (unlikely(!watch))
375 return -ENOMEM;
376
377 /* save a reference to device and bump the count to make it official */
378 get_inotify_dev(dev);
379 watch->dev = dev;
380
381 atomic_inc(&dev->user->inotify_watches);
382
383 inotify_init_watch(&watch->wdata);
384 ret = inotify_add_watch(dev->ih, &watch->wdata, inode, mask);
385 if (ret < 0)
386 free_inotify_user_watch(&watch->wdata);
387
388 return ret;
389}
390
391/* Device Interface */
392
393static unsigned int inotify_poll(struct file *file, poll_table *wait)
394{
395 struct inotify_device *dev = file->private_data;
396 int ret = 0;
397
398 poll_wait(file, &dev->wq, wait);
399 mutex_lock(&dev->ev_mutex);
400 if (!list_empty(&dev->events))
401 ret = POLLIN | POLLRDNORM;
402 mutex_unlock(&dev->ev_mutex);
403
404 return ret;
405}
406
407static ssize_t inotify_read(struct file *file, char __user *buf,
408 size_t count, loff_t *pos)
409{
410 size_t event_size = sizeof (struct inotify_event);
411 struct inotify_device *dev;
412 char __user *start;
413 int ret;
414 DEFINE_WAIT(wait);
415
416 start = buf;
417 dev = file->private_data;
418
419 while (1) {
420 int events;
421
422 prepare_to_wait(&dev->wq, &wait, TASK_INTERRUPTIBLE);
423
424 mutex_lock(&dev->ev_mutex);
425 events = !list_empty(&dev->events);
426 mutex_unlock(&dev->ev_mutex);
427 if (events) {
428 ret = 0;
429 break;
430 }
431
432 if (file->f_flags & O_NONBLOCK) {
433 ret = -EAGAIN;
434 break;
435 }
436
437 if (signal_pending(current)) {
438 ret = -EINTR;
439 break;
440 }
441
442 schedule();
443 }
444
445 finish_wait(&dev->wq, &wait);
446 if (ret)
447 return ret;
448
449 mutex_lock(&dev->ev_mutex);
450 while (1) {
451 struct inotify_kernel_event *kevent;
452
453 ret = buf - start;
454 if (list_empty(&dev->events))
455 break;
456
457 kevent = inotify_dev_get_event(dev);
458 if (event_size + kevent->event.len > count)
459 break;
460
461 if (copy_to_user(buf, &kevent->event, event_size)) {
462 ret = -EFAULT;
463 break;
464 }
465 buf += event_size;
466 count -= event_size;
467
468 if (kevent->name) {
469 if (copy_to_user(buf, kevent->name, kevent->event.len)){
470 ret = -EFAULT;
471 break;
472 }
473 buf += kevent->event.len;
474 count -= kevent->event.len;
475 }
476
477 remove_kevent(dev, kevent);
478 }
479 mutex_unlock(&dev->ev_mutex);
480
481 return ret;
482}
483
484static int inotify_release(struct inode *ignored, struct file *file)
485{
486 struct inotify_device *dev = file->private_data;
487
488 inotify_destroy(dev->ih);
489
490 /* destroy all of the events on this device */
491 mutex_lock(&dev->ev_mutex);
492 while (!list_empty(&dev->events))
493 inotify_dev_event_dequeue(dev);
494 mutex_unlock(&dev->ev_mutex);
495
496 /* free this device: the put matching the get in inotify_init() */
497 put_inotify_dev(dev);
498
499 return 0;
500}
501
502static long inotify_ioctl(struct file *file, unsigned int cmd,
503 unsigned long arg)
504{
505 struct inotify_device *dev;
506 void __user *p;
507 int ret = -ENOTTY;
508
509 dev = file->private_data;
510 p = (void __user *) arg;
511
512 switch (cmd) {
513 case FIONREAD:
514 ret = put_user(dev->queue_size, (int __user *) p);
515 break;
516 }
517
518 return ret;
519}
520
521static const struct file_operations inotify_fops = {
522 .poll = inotify_poll,
523 .read = inotify_read,
524 .release = inotify_release,
525 .unlocked_ioctl = inotify_ioctl,
526 .compat_ioctl = inotify_ioctl,
527};
528
529static const struct inotify_operations inotify_user_ops = {
530 .handle_event = inotify_dev_queue_event,
531 .destroy_watch = free_inotify_user_watch,
532};
533
534asmlinkage long sys_inotify_init(void)
535{
536 struct inotify_device *dev;
537 struct inotify_handle *ih;
538 struct user_struct *user;
539 struct file *filp;
540 int fd, ret;
541
542 fd = get_unused_fd();
543 if (fd < 0)
544 return fd;
545
546 filp = get_empty_filp();
547 if (!filp) {
548 ret = -ENFILE;
549 goto out_put_fd;
550 }
551
552 user = get_uid(current->user);
553 if (unlikely(atomic_read(&user->inotify_devs) >=
554 inotify_max_user_instances)) {
555 ret = -EMFILE;
556 goto out_free_uid;
557 }
558
559 dev = kmalloc(sizeof(struct inotify_device), GFP_KERNEL);
560 if (unlikely(!dev)) {
561 ret = -ENOMEM;
562 goto out_free_uid;
563 }
564
565 ih = inotify_init(&inotify_user_ops);
566 if (unlikely(IS_ERR(ih))) {
567 ret = PTR_ERR(ih);
568 goto out_free_dev;
569 }
570 dev->ih = ih;
571
572 filp->f_op = &inotify_fops;
573 filp->f_vfsmnt = mntget(inotify_mnt);
574 filp->f_dentry = dget(inotify_mnt->mnt_root);
575 filp->f_mapping = filp->f_dentry->d_inode->i_mapping;
576 filp->f_mode = FMODE_READ;
577 filp->f_flags = O_RDONLY;
578 filp->private_data = dev;
579
580 INIT_LIST_HEAD(&dev->events);
581 init_waitqueue_head(&dev->wq);
582 mutex_init(&dev->ev_mutex);
583 mutex_init(&dev->up_mutex);
584 dev->event_count = 0;
585 dev->queue_size = 0;
586 dev->max_events = inotify_max_queued_events;
587 dev->user = user;
588 atomic_set(&dev->count, 0);
589
590 get_inotify_dev(dev);
591 atomic_inc(&user->inotify_devs);
592 fd_install(fd, filp);
593
594 return fd;
595out_free_dev:
596 kfree(dev);
597out_free_uid:
598 free_uid(user);
599 put_filp(filp);
600out_put_fd:
601 put_unused_fd(fd);
602 return ret;
603}
604
605asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
606{
607 struct inode *inode;
608 struct inotify_device *dev;
609 struct nameidata nd;
610 struct file *filp;
611 int ret, fput_needed;
612 unsigned flags = 0;
613
614 filp = fget_light(fd, &fput_needed);
615 if (unlikely(!filp))
616 return -EBADF;
617
618 /* verify that this is indeed an inotify instance */
619 if (unlikely(filp->f_op != &inotify_fops)) {
620 ret = -EINVAL;
621 goto fput_and_out;
622 }
623
624 if (!(mask & IN_DONT_FOLLOW))
625 flags |= LOOKUP_FOLLOW;
626 if (mask & IN_ONLYDIR)
627 flags |= LOOKUP_DIRECTORY;
628
629 ret = find_inode(path, &nd, flags);
630 if (unlikely(ret))
631 goto fput_and_out;
632
633 /* inode held in place by reference to nd; dev by fget on fd */
634 inode = nd.dentry->d_inode;
635 dev = filp->private_data;
636
637 mutex_lock(&dev->up_mutex);
638 ret = inotify_find_update_watch(dev->ih, inode, mask);
639 if (ret == -ENOENT)
640 ret = create_watch(dev, inode, mask);
641 mutex_unlock(&dev->up_mutex);
642
643 path_release(&nd);
644fput_and_out:
645 fput_light(filp, fput_needed);
646 return ret;
647}
648
649asmlinkage long sys_inotify_rm_watch(int fd, u32 wd)
650{
651 struct file *filp;
652 struct inotify_device *dev;
653 int ret, fput_needed;
654
655 filp = fget_light(fd, &fput_needed);
656 if (unlikely(!filp))
657 return -EBADF;
658
659 /* verify that this is indeed an inotify instance */
660 if (unlikely(filp->f_op != &inotify_fops)) {
661 ret = -EINVAL;
662 goto out;
663 }
664
665 dev = filp->private_data;
666
667 /* we free our watch data when we get IN_IGNORED */
668 ret = inotify_rm_wd(dev->ih, wd);
669
670out:
671 fput_light(filp, fput_needed);
672 return ret;
673}
674
675static struct super_block *
676inotify_get_sb(struct file_system_type *fs_type, int flags,
677 const char *dev_name, void *data)
678{
679 return get_sb_pseudo(fs_type, "inotify", NULL, 0xBAD1DEA);
680}
681
682static struct file_system_type inotify_fs_type = {
683 .name = "inotifyfs",
684 .get_sb = inotify_get_sb,
685 .kill_sb = kill_anon_super,
686};
687
688/*
689 * inotify_user_setup - Our initialization function. Note that we cannnot return
690 * error because we have compiled-in VFS hooks. So an (unlikely) failure here
691 * must result in panic().
692 */
693static int __init inotify_user_setup(void)
694{
695 int ret;
696
697 ret = register_filesystem(&inotify_fs_type);
698 if (unlikely(ret))
699 panic("inotify: register_filesystem returned %d!\n", ret);
700
701 inotify_mnt = kern_mount(&inotify_fs_type);
702 if (IS_ERR(inotify_mnt))
703 panic("inotify: kern_mount ret %ld!\n", PTR_ERR(inotify_mnt));
704
705 inotify_max_queued_events = 16384;
706 inotify_max_user_instances = 128;
707 inotify_max_user_watches = 8192;
708
709 watch_cachep = kmem_cache_create("inotify_watch_cache",
710 sizeof(struct inotify_user_watch),
711 0, SLAB_PANIC, NULL, NULL);
712 event_cachep = kmem_cache_create("inotify_event_cache",
713 sizeof(struct inotify_kernel_event),
714 0, SLAB_PANIC, NULL, NULL);
715
716 return 0;
717}
718
719module_init(inotify_user_setup);
diff --git a/fs/namei.c b/fs/namei.c
index d6e2ee251736..184fe4acf824 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1127,7 +1127,7 @@ out:
1127 if (likely(retval == 0)) { 1127 if (likely(retval == 0)) {
1128 if (unlikely(current->audit_context && nd && nd->dentry && 1128 if (unlikely(current->audit_context && nd && nd->dentry &&
1129 nd->dentry->d_inode)) 1129 nd->dentry->d_inode))
1130 audit_inode(name, nd->dentry->d_inode, flags); 1130 audit_inode(name, nd->dentry->d_inode);
1131 } 1131 }
1132out_fail: 1132out_fail:
1133 return retval; 1133 return retval;
diff --git a/fs/open.c b/fs/open.c
index 317b7c7f38a7..4f178acd4c09 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -633,7 +633,7 @@ asmlinkage long sys_fchmod(unsigned int fd, mode_t mode)
633 dentry = file->f_dentry; 633 dentry = file->f_dentry;
634 inode = dentry->d_inode; 634 inode = dentry->d_inode;
635 635
636 audit_inode(NULL, inode, 0); 636 audit_inode(NULL, inode);
637 637
638 err = -EROFS; 638 err = -EROFS;
639 if (IS_RDONLY(inode)) 639 if (IS_RDONLY(inode))
@@ -786,7 +786,7 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
786 if (file) { 786 if (file) {
787 struct dentry * dentry; 787 struct dentry * dentry;
788 dentry = file->f_dentry; 788 dentry = file->f_dentry;
789 audit_inode(NULL, dentry->d_inode, 0); 789 audit_inode(NULL, dentry->d_inode);
790 error = chown_common(dentry, user, group); 790 error = chown_common(dentry, user, group);
791 fput(file); 791 fput(file);
792 } 792 }
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 6cc77dc3f3ff..6afff725a8c9 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1019,8 +1019,8 @@ static ssize_t proc_loginuid_write(struct file * file, const char __user * buf,
1019 if (current != task) 1019 if (current != task)
1020 return -EPERM; 1020 return -EPERM;
1021 1021
1022 if (count > PAGE_SIZE) 1022 if (count >= PAGE_SIZE)
1023 count = PAGE_SIZE; 1023 count = PAGE_SIZE - 1;
1024 1024
1025 if (*ppos != 0) { 1025 if (*ppos != 0) {
1026 /* No partial writes. */ 1026 /* No partial writes. */
@@ -1033,6 +1033,7 @@ static ssize_t proc_loginuid_write(struct file * file, const char __user * buf,
1033 if (copy_from_user(page, buf, count)) 1033 if (copy_from_user(page, buf, count))
1034 goto out_free_page; 1034 goto out_free_page;
1035 1035
1036 page[count] = '\0';
1036 loginuid = simple_strtoul(page, &tmp, 10); 1037 loginuid = simple_strtoul(page, &tmp, 10);
1037 if (tmp == page) { 1038 if (tmp == page) {
1038 length = -EINVAL; 1039 length = -EINVAL;
diff --git a/fs/xattr.c b/fs/xattr.c
index e416190f5e9c..c32f15b5f60f 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -242,7 +242,7 @@ sys_fsetxattr(int fd, char __user *name, void __user *value,
242 if (!f) 242 if (!f)
243 return error; 243 return error;
244 dentry = f->f_dentry; 244 dentry = f->f_dentry;
245 audit_inode(NULL, dentry->d_inode, 0); 245 audit_inode(NULL, dentry->d_inode);
246 error = setxattr(dentry, name, value, size, flags); 246 error = setxattr(dentry, name, value, size, flags);
247 fput(f); 247 fput(f);
248 return error; 248 return error;
@@ -469,7 +469,7 @@ sys_fremovexattr(int fd, char __user *name)
469 if (!f) 469 if (!f)
470 return error; 470 return error;
471 dentry = f->f_dentry; 471 dentry = f->f_dentry;
472 audit_inode(NULL, dentry->d_inode, 0); 472 audit_inode(NULL, dentry->d_inode);
473 error = removexattr(dentry, name); 473 error = removexattr(dentry, name);
474 fput(f); 474 fput(f);
475 return error; 475 return error;
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 14259f6db5bc..e051ff9c5b50 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -82,7 +82,12 @@
82#define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */ 82#define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */
83#define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */ 83#define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */
84#define AUDIT_CWD 1307 /* Current working directory */ 84#define AUDIT_CWD 1307 /* Current working directory */
85#define AUDIT_EXECVE 1309 /* execve arguments */
85#define AUDIT_IPC_SET_PERM 1311 /* IPC new permissions record type */ 86#define AUDIT_IPC_SET_PERM 1311 /* IPC new permissions record type */
87#define AUDIT_MQ_OPEN 1312 /* POSIX MQ open record type */
88#define AUDIT_MQ_SENDRECV 1313 /* POSIX MQ send/receive record type */
89#define AUDIT_MQ_NOTIFY 1314 /* POSIX MQ notify record type */
90#define AUDIT_MQ_GETSETATTR 1315 /* POSIX MQ get/set attribute record type */
86 91
87#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ 92#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
88#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ 93#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
@@ -150,6 +155,7 @@
150#define AUDIT_SE_TYPE 15 /* security label type */ 155#define AUDIT_SE_TYPE 15 /* security label type */
151#define AUDIT_SE_SEN 16 /* security label sensitivity label */ 156#define AUDIT_SE_SEN 16 /* security label sensitivity label */
152#define AUDIT_SE_CLR 17 /* security label clearance label */ 157#define AUDIT_SE_CLR 17 /* security label clearance label */
158#define AUDIT_PPID 18
153 159
154 /* These are ONLY useful when checking 160 /* These are ONLY useful when checking
155 * at syscall exit time (AUDIT_AT_EXIT). */ 161 * at syscall exit time (AUDIT_AT_EXIT). */
@@ -158,6 +164,7 @@
158#define AUDIT_INODE 102 164#define AUDIT_INODE 102
159#define AUDIT_EXIT 103 165#define AUDIT_EXIT 103
160#define AUDIT_SUCCESS 104 /* exit >= 0; value ignored */ 166#define AUDIT_SUCCESS 104 /* exit >= 0; value ignored */
167#define AUDIT_WATCH 105
161 168
162#define AUDIT_ARG0 200 169#define AUDIT_ARG0 200
163#define AUDIT_ARG1 (AUDIT_ARG0+1) 170#define AUDIT_ARG1 (AUDIT_ARG0+1)
@@ -277,12 +284,16 @@ struct audit_rule { /* for AUDIT_LIST, AUDIT_ADD, and AUDIT_DEL */
277struct audit_sig_info { 284struct audit_sig_info {
278 uid_t uid; 285 uid_t uid;
279 pid_t pid; 286 pid_t pid;
287 char ctx[0];
280}; 288};
281 289
282struct audit_buffer; 290struct audit_buffer;
283struct audit_context; 291struct audit_context;
284struct inode; 292struct inode;
285struct netlink_skb_parms; 293struct netlink_skb_parms;
294struct linux_binprm;
295struct mq_attr;
296struct mqstat;
286 297
287#define AUDITSC_INVALID 0 298#define AUDITSC_INVALID 0
288#define AUDITSC_SUCCESS 1 299#define AUDITSC_SUCCESS 1
@@ -297,15 +308,19 @@ extern void audit_syscall_entry(int arch,
297 int major, unsigned long a0, unsigned long a1, 308 int major, unsigned long a0, unsigned long a1,
298 unsigned long a2, unsigned long a3); 309 unsigned long a2, unsigned long a3);
299extern void audit_syscall_exit(int failed, long return_code); 310extern void audit_syscall_exit(int failed, long return_code);
300extern void audit_getname(const char *name); 311extern void __audit_getname(const char *name);
301extern void audit_putname(const char *name); 312extern void audit_putname(const char *name);
302extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); 313extern void __audit_inode(const char *name, const struct inode *inode);
303extern void __audit_inode_child(const char *dname, const struct inode *inode, 314extern void __audit_inode_child(const char *dname, const struct inode *inode,
304 unsigned long pino); 315 unsigned long pino);
305static inline void audit_inode(const char *name, const struct inode *inode, 316static inline void audit_getname(const char *name)
306 unsigned flags) { 317{
307 if (unlikely(current->audit_context)) 318 if (unlikely(current->audit_context))
308 __audit_inode(name, inode, flags); 319 __audit_getname(name);
320}
321static inline void audit_inode(const char *name, const struct inode *inode) {
322 if (unlikely(current->audit_context))
323 __audit_inode(name, inode);
309} 324}
310static inline void audit_inode_child(const char *dname, 325static inline void audit_inode_child(const char *dname,
311 const struct inode *inode, 326 const struct inode *inode,
@@ -320,13 +335,61 @@ extern void auditsc_get_stamp(struct audit_context *ctx,
320 struct timespec *t, unsigned int *serial); 335 struct timespec *t, unsigned int *serial);
321extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); 336extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
322extern uid_t audit_get_loginuid(struct audit_context *ctx); 337extern uid_t audit_get_loginuid(struct audit_context *ctx);
323extern int audit_ipc_obj(struct kern_ipc_perm *ipcp); 338extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp);
324extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp); 339extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
340extern int audit_bprm(struct linux_binprm *bprm);
325extern int audit_socketcall(int nargs, unsigned long *args); 341extern int audit_socketcall(int nargs, unsigned long *args);
326extern int audit_sockaddr(int len, void *addr); 342extern int audit_sockaddr(int len, void *addr);
327extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); 343extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
328extern void audit_signal_info(int sig, struct task_struct *t);
329extern int audit_set_macxattr(const char *name); 344extern int audit_set_macxattr(const char *name);
345extern int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr);
346extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout);
347extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout);
348extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification);
349extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
350
351static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
352{
353 if (unlikely(current->audit_context))
354 return __audit_ipc_obj(ipcp);
355 return 0;
356}
357static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
358{
359 if (unlikely(current->audit_context))
360 return __audit_ipc_set_perm(qbytes, uid, gid, mode);
361 return 0;
362}
363static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
364{
365 if (unlikely(current->audit_context))
366 return __audit_mq_open(oflag, mode, u_attr);
367 return 0;
368}
369static inline int audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout)
370{
371 if (unlikely(current->audit_context))
372 return __audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout);
373 return 0;
374}
375static inline int audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout)
376{
377 if (unlikely(current->audit_context))
378 return __audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout);
379 return 0;
380}
381static inline int audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
382{
383 if (unlikely(current->audit_context))
384 return __audit_mq_notify(mqdes, u_notification);
385 return 0;
386}
387static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
388{
389 if (unlikely(current->audit_context))
390 return __audit_mq_getsetattr(mqdes, mqstat);
391 return 0;
392}
330#else 393#else
331#define audit_alloc(t) ({ 0; }) 394#define audit_alloc(t) ({ 0; })
332#define audit_free(t) do { ; } while (0) 395#define audit_free(t) do { ; } while (0)
@@ -334,19 +397,24 @@ extern int audit_set_macxattr(const char *name);
334#define audit_syscall_exit(f,r) do { ; } while (0) 397#define audit_syscall_exit(f,r) do { ; } while (0)
335#define audit_getname(n) do { ; } while (0) 398#define audit_getname(n) do { ; } while (0)
336#define audit_putname(n) do { ; } while (0) 399#define audit_putname(n) do { ; } while (0)
337#define __audit_inode(n,i,f) do { ; } while (0) 400#define __audit_inode(n,i) do { ; } while (0)
338#define __audit_inode_child(d,i,p) do { ; } while (0) 401#define __audit_inode_child(d,i,p) do { ; } while (0)
339#define audit_inode(n,i,f) do { ; } while (0) 402#define audit_inode(n,i) do { ; } while (0)
340#define audit_inode_child(d,i,p) do { ; } while (0) 403#define audit_inode_child(d,i,p) do { ; } while (0)
341#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) 404#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
342#define audit_get_loginuid(c) ({ -1; }) 405#define audit_get_loginuid(c) ({ -1; })
343#define audit_ipc_obj(i) ({ 0; }) 406#define audit_ipc_obj(i) ({ 0; })
344#define audit_ipc_set_perm(q,u,g,m,i) ({ 0; }) 407#define audit_ipc_set_perm(q,u,g,m) ({ 0; })
408#define audit_bprm(p) ({ 0; })
345#define audit_socketcall(n,a) ({ 0; }) 409#define audit_socketcall(n,a) ({ 0; })
346#define audit_sockaddr(len, addr) ({ 0; }) 410#define audit_sockaddr(len, addr) ({ 0; })
347#define audit_avc_path(dentry, mnt) ({ 0; }) 411#define audit_avc_path(dentry, mnt) ({ 0; })
348#define audit_signal_info(s,t) do { ; } while (0)
349#define audit_set_macxattr(n) do { ; } while (0) 412#define audit_set_macxattr(n) do { ; } while (0)
413#define audit_mq_open(o,m,a) ({ 0; })
414#define audit_mq_timedsend(d,l,p,t) ({ 0; })
415#define audit_mq_timedreceive(d,l,p,t) ({ 0; })
416#define audit_mq_notify(d,n) ({ 0; })
417#define audit_mq_getsetattr(d,s) ({ 0; })
350#endif 418#endif
351 419
352#ifdef CONFIG_AUDIT 420#ifdef CONFIG_AUDIT
@@ -364,8 +432,11 @@ extern void audit_log_end(struct audit_buffer *ab);
364extern void audit_log_hex(struct audit_buffer *ab, 432extern void audit_log_hex(struct audit_buffer *ab,
365 const unsigned char *buf, 433 const unsigned char *buf,
366 size_t len); 434 size_t len);
367extern void audit_log_untrustedstring(struct audit_buffer *ab, 435extern const char * audit_log_untrustedstring(struct audit_buffer *ab,
368 const char *string); 436 const char *string);
437extern const char * audit_log_n_untrustedstring(struct audit_buffer *ab,
438 size_t n,
439 const char *string);
369extern void audit_log_d_path(struct audit_buffer *ab, 440extern void audit_log_d_path(struct audit_buffer *ab,
370 const char *prefix, 441 const char *prefix,
371 struct dentry *dentry, 442 struct dentry *dentry,
@@ -383,8 +454,8 @@ extern int audit_receive_filter(int type, int pid, int uid, int seq,
383#define audit_log_end(b) do { ; } while (0) 454#define audit_log_end(b) do { ; } while (0)
384#define audit_log_hex(a,b,l) do { ; } while (0) 455#define audit_log_hex(a,b,l) do { ; } while (0)
385#define audit_log_untrustedstring(a,s) do { ; } while (0) 456#define audit_log_untrustedstring(a,s) do { ; } while (0)
457#define audit_log_n_untrustedstring(a,n,s) do { ; } while (0)
386#define audit_log_d_path(b,p,d,v) do { ; } while (0) 458#define audit_log_d_path(b,p,d,v) do { ; } while (0)
387#define audit_panic(m) do { ; } while (0)
388#endif 459#endif
389#endif 460#endif
390#endif 461#endif
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h
index 11438eff4d44..cc5dec70c32c 100644
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@ -54,19 +54,20 @@ static inline void fsnotify_move(struct inode *old_dir, struct inode *new_dir,
54 54
55 if (isdir) 55 if (isdir)
56 isdir = IN_ISDIR; 56 isdir = IN_ISDIR;
57 inotify_inode_queue_event(old_dir, IN_MOVED_FROM|isdir,cookie,old_name); 57 inotify_inode_queue_event(old_dir, IN_MOVED_FROM|isdir,cookie,old_name,
58 inotify_inode_queue_event(new_dir, IN_MOVED_TO|isdir, cookie, new_name); 58 source);
59 inotify_inode_queue_event(new_dir, IN_MOVED_TO|isdir, cookie, new_name,
60 source);
59 61
60 if (target) { 62 if (target) {
61 inotify_inode_queue_event(target, IN_DELETE_SELF, 0, NULL); 63 inotify_inode_queue_event(target, IN_DELETE_SELF, 0, NULL, NULL);
62 inotify_inode_is_dead(target); 64 inotify_inode_is_dead(target);
63 } 65 }
64 66
65 if (source) { 67 if (source) {
66 inotify_inode_queue_event(source, IN_MOVE_SELF, 0, NULL); 68 inotify_inode_queue_event(source, IN_MOVE_SELF, 0, NULL, NULL);
67 } 69 }
68 audit_inode_child(old_name, source, old_dir->i_ino); 70 audit_inode_child(new_name, source, new_dir->i_ino);
69 audit_inode_child(new_name, target, new_dir->i_ino);
70} 71}
71 72
72/* 73/*
@@ -85,7 +86,7 @@ static inline void fsnotify_nameremove(struct dentry *dentry, int isdir)
85 */ 86 */
86static inline void fsnotify_inoderemove(struct inode *inode) 87static inline void fsnotify_inoderemove(struct inode *inode)
87{ 88{
88 inotify_inode_queue_event(inode, IN_DELETE_SELF, 0, NULL); 89 inotify_inode_queue_event(inode, IN_DELETE_SELF, 0, NULL, NULL);
89 inotify_inode_is_dead(inode); 90 inotify_inode_is_dead(inode);
90} 91}
91 92
@@ -95,7 +96,8 @@ static inline void fsnotify_inoderemove(struct inode *inode)
95static inline void fsnotify_create(struct inode *inode, struct dentry *dentry) 96static inline void fsnotify_create(struct inode *inode, struct dentry *dentry)
96{ 97{
97 inode_dir_notify(inode, DN_CREATE); 98 inode_dir_notify(inode, DN_CREATE);
98 inotify_inode_queue_event(inode, IN_CREATE, 0, dentry->d_name.name); 99 inotify_inode_queue_event(inode, IN_CREATE, 0, dentry->d_name.name,
100 dentry->d_inode);
99 audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino); 101 audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino);
100} 102}
101 103
@@ -106,7 +108,7 @@ static inline void fsnotify_mkdir(struct inode *inode, struct dentry *dentry)
106{ 108{
107 inode_dir_notify(inode, DN_CREATE); 109 inode_dir_notify(inode, DN_CREATE);
108 inotify_inode_queue_event(inode, IN_CREATE | IN_ISDIR, 0, 110 inotify_inode_queue_event(inode, IN_CREATE | IN_ISDIR, 0,
109 dentry->d_name.name); 111 dentry->d_name.name, dentry->d_inode);
110 audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino); 112 audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino);
111} 113}
112 114
@@ -123,7 +125,7 @@ static inline void fsnotify_access(struct dentry *dentry)
123 125
124 dnotify_parent(dentry, DN_ACCESS); 126 dnotify_parent(dentry, DN_ACCESS);
125 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name); 127 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name);
126 inotify_inode_queue_event(inode, mask, 0, NULL); 128 inotify_inode_queue_event(inode, mask, 0, NULL, NULL);
127} 129}
128 130
129/* 131/*
@@ -139,7 +141,7 @@ static inline void fsnotify_modify(struct dentry *dentry)
139 141
140 dnotify_parent(dentry, DN_MODIFY); 142 dnotify_parent(dentry, DN_MODIFY);
141 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name); 143 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name);
142 inotify_inode_queue_event(inode, mask, 0, NULL); 144 inotify_inode_queue_event(inode, mask, 0, NULL, NULL);
143} 145}
144 146
145/* 147/*
@@ -154,7 +156,7 @@ static inline void fsnotify_open(struct dentry *dentry)
154 mask |= IN_ISDIR; 156 mask |= IN_ISDIR;
155 157
156 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name); 158 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name);
157 inotify_inode_queue_event(inode, mask, 0, NULL); 159 inotify_inode_queue_event(inode, mask, 0, NULL, NULL);
158} 160}
159 161
160/* 162/*
@@ -172,7 +174,7 @@ static inline void fsnotify_close(struct file *file)
172 mask |= IN_ISDIR; 174 mask |= IN_ISDIR;
173 175
174 inotify_dentry_parent_queue_event(dentry, mask, 0, name); 176 inotify_dentry_parent_queue_event(dentry, mask, 0, name);
175 inotify_inode_queue_event(inode, mask, 0, NULL); 177 inotify_inode_queue_event(inode, mask, 0, NULL, NULL);
176} 178}
177 179
178/* 180/*
@@ -187,7 +189,7 @@ static inline void fsnotify_xattr(struct dentry *dentry)
187 mask |= IN_ISDIR; 189 mask |= IN_ISDIR;
188 190
189 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name); 191 inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name);
190 inotify_inode_queue_event(inode, mask, 0, NULL); 192 inotify_inode_queue_event(inode, mask, 0, NULL, NULL);
191} 193}
192 194
193/* 195/*
@@ -234,7 +236,7 @@ static inline void fsnotify_change(struct dentry *dentry, unsigned int ia_valid)
234 if (in_mask) { 236 if (in_mask) {
235 if (S_ISDIR(inode->i_mode)) 237 if (S_ISDIR(inode->i_mode))
236 in_mask |= IN_ISDIR; 238 in_mask |= IN_ISDIR;
237 inotify_inode_queue_event(inode, in_mask, 0, NULL); 239 inotify_inode_queue_event(inode, in_mask, 0, NULL, NULL);
238 inotify_dentry_parent_queue_event(dentry, in_mask, 0, 240 inotify_dentry_parent_queue_event(dentry, in_mask, 0,
239 dentry->d_name.name); 241 dentry->d_name.name);
240 } 242 }
diff --git a/include/linux/inotify.h b/include/linux/inotify.h
index 71aa1553ef38..d4f48c6402e6 100644
--- a/include/linux/inotify.h
+++ b/include/linux/inotify.h
@@ -68,18 +68,65 @@ struct inotify_event {
68#include <linux/dcache.h> 68#include <linux/dcache.h>
69#include <linux/fs.h> 69#include <linux/fs.h>
70 70
71/*
72 * struct inotify_watch - represents a watch request on a specific inode
73 *
74 * h_list is protected by ih->mutex of the associated inotify_handle.
75 * i_list, mask are protected by inode->inotify_mutex of the associated inode.
76 * ih, inode, and wd are never written to once the watch is created.
77 *
78 * Callers must use the established inotify interfaces to access inotify_watch
79 * contents. The content of this structure is private to the inotify
80 * implementation.
81 */
82struct inotify_watch {
83 struct list_head h_list; /* entry in inotify_handle's list */
84 struct list_head i_list; /* entry in inode's list */
85 atomic_t count; /* reference count */
86 struct inotify_handle *ih; /* associated inotify handle */
87 struct inode *inode; /* associated inode */
88 __s32 wd; /* watch descriptor */
89 __u32 mask; /* event mask for this watch */
90};
91
92struct inotify_operations {
93 void (*handle_event)(struct inotify_watch *, u32, u32, u32,
94 const char *, struct inode *);
95 void (*destroy_watch)(struct inotify_watch *);
96};
97
71#ifdef CONFIG_INOTIFY 98#ifdef CONFIG_INOTIFY
72 99
100/* Kernel API for producing events */
101
73extern void inotify_d_instantiate(struct dentry *, struct inode *); 102extern void inotify_d_instantiate(struct dentry *, struct inode *);
74extern void inotify_d_move(struct dentry *); 103extern void inotify_d_move(struct dentry *);
75extern void inotify_inode_queue_event(struct inode *, __u32, __u32, 104extern void inotify_inode_queue_event(struct inode *, __u32, __u32,
76 const char *); 105 const char *, struct inode *);
77extern void inotify_dentry_parent_queue_event(struct dentry *, __u32, __u32, 106extern void inotify_dentry_parent_queue_event(struct dentry *, __u32, __u32,
78 const char *); 107 const char *);
79extern void inotify_unmount_inodes(struct list_head *); 108extern void inotify_unmount_inodes(struct list_head *);
80extern void inotify_inode_is_dead(struct inode *); 109extern void inotify_inode_is_dead(struct inode *);
81extern u32 inotify_get_cookie(void); 110extern u32 inotify_get_cookie(void);
82 111
112/* Kernel Consumer API */
113
114extern struct inotify_handle *inotify_init(const struct inotify_operations *);
115extern void inotify_init_watch(struct inotify_watch *);
116extern void inotify_destroy(struct inotify_handle *);
117extern __s32 inotify_find_watch(struct inotify_handle *, struct inode *,
118 struct inotify_watch **);
119extern __s32 inotify_find_update_watch(struct inotify_handle *, struct inode *,
120 u32);
121extern __s32 inotify_add_watch(struct inotify_handle *, struct inotify_watch *,
122 struct inode *, __u32);
123extern int inotify_rm_watch(struct inotify_handle *, struct inotify_watch *);
124extern int inotify_rm_wd(struct inotify_handle *, __u32);
125extern void inotify_remove_watch_locked(struct inotify_handle *,
126 struct inotify_watch *);
127extern void get_inotify_watch(struct inotify_watch *);
128extern void put_inotify_watch(struct inotify_watch *);
129
83#else 130#else
84 131
85static inline void inotify_d_instantiate(struct dentry *dentry, 132static inline void inotify_d_instantiate(struct dentry *dentry,
@@ -93,7 +140,8 @@ static inline void inotify_d_move(struct dentry *dentry)
93 140
94static inline void inotify_inode_queue_event(struct inode *inode, 141static inline void inotify_inode_queue_event(struct inode *inode,
95 __u32 mask, __u32 cookie, 142 __u32 mask, __u32 cookie,
96 const char *filename) 143 const char *filename,
144 struct inode *n_inode)
97{ 145{
98} 146}
99 147
@@ -116,6 +164,62 @@ static inline u32 inotify_get_cookie(void)
116 return 0; 164 return 0;
117} 165}
118 166
167static inline struct inotify_handle *inotify_init(const struct inotify_operations *ops)
168{
169 return ERR_PTR(-EOPNOTSUPP);
170}
171
172static inline void inotify_init_watch(struct inotify_watch *watch)
173{
174}
175
176static inline void inotify_destroy(struct inotify_handle *ih)
177{
178}
179
180static inline __s32 inotify_find_watch(struct inotify_handle *ih, struct inode *inode,
181 struct inotify_watch **watchp)
182{
183 return -EOPNOTSUPP;
184}
185
186static inline __s32 inotify_find_update_watch(struct inotify_handle *ih,
187 struct inode *inode, u32 mask)
188{
189 return -EOPNOTSUPP;
190}
191
192static inline __s32 inotify_add_watch(struct inotify_handle *ih,
193 struct inotify_watch *watch,
194 struct inode *inode, __u32 mask)
195{
196 return -EOPNOTSUPP;
197}
198
199static inline int inotify_rm_watch(struct inotify_handle *ih,
200 struct inotify_watch *watch)
201{
202 return -EOPNOTSUPP;
203}
204
205static inline int inotify_rm_wd(struct inotify_handle *ih, __u32 wd)
206{
207 return -EOPNOTSUPP;
208}
209
210static inline void inotify_remove_watch_locked(struct inotify_handle *ih,
211 struct inotify_watch *watch)
212{
213}
214
215static inline void get_inotify_watch(struct inotify_watch *watch)
216{
217}
218
219static inline void put_inotify_watch(struct inotify_watch *watch)
220{
221}
222
119#endif /* CONFIG_INOTIFY */ 223#endif /* CONFIG_INOTIFY */
120 224
121#endif /* __KERNEL __ */ 225#endif /* __KERNEL __ */
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 701b8cbceb05..267f15257040 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -494,7 +494,7 @@ struct user_struct {
494 atomic_t processes; /* How many processes does this user have? */ 494 atomic_t processes; /* How many processes does this user have? */
495 atomic_t files; /* How many open files does this user have? */ 495 atomic_t files; /* How many open files does this user have? */
496 atomic_t sigpending; /* How many pending signals does this user have? */ 496 atomic_t sigpending; /* How many pending signals does this user have? */
497#ifdef CONFIG_INOTIFY 497#ifdef CONFIG_INOTIFY_USER
498 atomic_t inotify_watches; /* How many inotify watches does this user have? */ 498 atomic_t inotify_watches; /* How many inotify watches does this user have? */
499 atomic_t inotify_devs; /* How many inotify devs does this user have opened? */ 499 atomic_t inotify_devs; /* How many inotify devs does this user have opened? */
500#endif 500#endif
diff --git a/init/Kconfig b/init/Kconfig
index a7697787946a..df864a358221 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -182,7 +182,8 @@ config AUDITSYSCALL
182 help 182 help
183 Enable low-overhead system-call auditing infrastructure that 183 Enable low-overhead system-call auditing infrastructure that
184 can be used independently or with another kernel subsystem, 184 can be used independently or with another kernel subsystem,
185 such as SELinux. 185 such as SELinux. To use audit's filesystem watch feature, please
186 ensure that INOTIFY is configured.
186 187
187config IKCONFIG 188config IKCONFIG
188 bool "Kernel .config support" 189 bool "Kernel .config support"
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 41ecbd440fed..1511714a9585 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -8,6 +8,8 @@
8 * Lockless receive & send, fd based notify: 8 * Lockless receive & send, fd based notify:
9 * Manfred Spraul (manfred@colorfullife.com) 9 * Manfred Spraul (manfred@colorfullife.com)
10 * 10 *
11 * Audit: George Wilson (ltcgcw@us.ibm.com)
12 *
11 * This file is released under the GPL. 13 * This file is released under the GPL.
12 */ 14 */
13 15
@@ -24,6 +26,7 @@
24#include <linux/skbuff.h> 26#include <linux/skbuff.h>
25#include <linux/netlink.h> 27#include <linux/netlink.h>
26#include <linux/syscalls.h> 28#include <linux/syscalls.h>
29#include <linux/audit.h>
27#include <linux/signal.h> 30#include <linux/signal.h>
28#include <linux/mutex.h> 31#include <linux/mutex.h>
29 32
@@ -657,6 +660,10 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
657 char *name; 660 char *name;
658 int fd, error; 661 int fd, error;
659 662
663 error = audit_mq_open(oflag, mode, u_attr);
664 if (error != 0)
665 return error;
666
660 if (IS_ERR(name = getname(u_name))) 667 if (IS_ERR(name = getname(u_name)))
661 return PTR_ERR(name); 668 return PTR_ERR(name);
662 669
@@ -814,6 +821,10 @@ asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr,
814 long timeout; 821 long timeout;
815 int ret; 822 int ret;
816 823
824 ret = audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout);
825 if (ret != 0)
826 return ret;
827
817 if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX)) 828 if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX))
818 return -EINVAL; 829 return -EINVAL;
819 830
@@ -896,6 +907,10 @@ asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
896 struct mqueue_inode_info *info; 907 struct mqueue_inode_info *info;
897 struct ext_wait_queue wait; 908 struct ext_wait_queue wait;
898 909
910 ret = audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout);
911 if (ret != 0)
912 return ret;
913
899 timeout = prepare_timeout(u_abs_timeout); 914 timeout = prepare_timeout(u_abs_timeout);
900 915
901 ret = -EBADF; 916 ret = -EBADF;
@@ -975,6 +990,10 @@ asmlinkage long sys_mq_notify(mqd_t mqdes,
975 struct mqueue_inode_info *info; 990 struct mqueue_inode_info *info;
976 struct sk_buff *nc; 991 struct sk_buff *nc;
977 992
993 ret = audit_mq_notify(mqdes, u_notification);
994 if (ret != 0)
995 return ret;
996
978 nc = NULL; 997 nc = NULL;
979 sock = NULL; 998 sock = NULL;
980 if (u_notification != NULL) { 999 if (u_notification != NULL) {
@@ -1115,6 +1134,9 @@ asmlinkage long sys_mq_getsetattr(mqd_t mqdes,
1115 omqstat = info->attr; 1134 omqstat = info->attr;
1116 omqstat.mq_flags = filp->f_flags & O_NONBLOCK; 1135 omqstat.mq_flags = filp->f_flags & O_NONBLOCK;
1117 if (u_mqstat) { 1136 if (u_mqstat) {
1137 ret = audit_mq_getsetattr(mqdes, &mqstat);
1138 if (ret != 0)
1139 goto out;
1118 if (mqstat.mq_flags & O_NONBLOCK) 1140 if (mqstat.mq_flags & O_NONBLOCK)
1119 filp->f_flags |= O_NONBLOCK; 1141 filp->f_flags |= O_NONBLOCK;
1120 else 1142 else
diff --git a/ipc/msg.c b/ipc/msg.c
index 7d1340ccb16b..00f015a092d2 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -454,6 +454,11 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf)
454 err = audit_ipc_obj(ipcp); 454 err = audit_ipc_obj(ipcp);
455 if (err) 455 if (err)
456 goto out_unlock_up; 456 goto out_unlock_up;
457 if (cmd==IPC_SET) {
458 err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode);
459 if (err)
460 goto out_unlock_up;
461 }
457 462
458 err = -EPERM; 463 err = -EPERM;
459 if (current->euid != ipcp->cuid && 464 if (current->euid != ipcp->cuid &&
@@ -468,10 +473,6 @@ asmlinkage long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf)
468 switch (cmd) { 473 switch (cmd) {
469 case IPC_SET: 474 case IPC_SET:
470 { 475 {
471 err = audit_ipc_set_perm(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode, ipcp);
472 if (err)
473 goto out_unlock_up;
474
475 err = -EPERM; 476 err = -EPERM;
476 if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE)) 477 if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE))
477 goto out_unlock_up; 478 goto out_unlock_up;
diff --git a/ipc/sem.c b/ipc/sem.c
index 7919f8ece6ba..fce0bc8b5ad6 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -828,6 +828,11 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun
828 if (err) 828 if (err)
829 goto out_unlock; 829 goto out_unlock;
830 830
831 if (cmd == IPC_SET) {
832 err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode);
833 if (err)
834 goto out_unlock;
835 }
831 if (current->euid != ipcp->cuid && 836 if (current->euid != ipcp->cuid &&
832 current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { 837 current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) {
833 err=-EPERM; 838 err=-EPERM;
@@ -844,9 +849,6 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun
844 err = 0; 849 err = 0;
845 break; 850 break;
846 case IPC_SET: 851 case IPC_SET:
847 err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode, ipcp);
848 if (err)
849 goto out_unlock;
850 ipcp->uid = setbuf.uid; 852 ipcp->uid = setbuf.uid;
851 ipcp->gid = setbuf.gid; 853 ipcp->gid = setbuf.gid;
852 ipcp->mode = (ipcp->mode & ~S_IRWXUGO) 854 ipcp->mode = (ipcp->mode & ~S_IRWXUGO)
diff --git a/ipc/shm.c b/ipc/shm.c
index 809896851902..4f133d24030f 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -643,7 +643,7 @@ asmlinkage long sys_shmctl (int shmid, int cmd, struct shmid_ds __user *buf)
643 err = audit_ipc_obj(&(shp->shm_perm)); 643 err = audit_ipc_obj(&(shp->shm_perm));
644 if (err) 644 if (err)
645 goto out_unlock_up; 645 goto out_unlock_up;
646 err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode, &(shp->shm_perm)); 646 err = audit_ipc_set_perm(0, setbuf.uid, setbuf.gid, setbuf.mode);
647 if (err) 647 if (err)
648 goto out_unlock_up; 648 goto out_unlock_up;
649 err=-EPERM; 649 err=-EPERM;
diff --git a/kernel/audit.c b/kernel/audit.c
index df57b493e1cb..7dfac7031bd7 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -56,6 +56,7 @@
56#include <linux/skbuff.h> 56#include <linux/skbuff.h>
57#include <linux/netlink.h> 57#include <linux/netlink.h>
58#include <linux/selinux.h> 58#include <linux/selinux.h>
59#include <linux/inotify.h>
59 60
60#include "audit.h" 61#include "audit.h"
61 62
@@ -89,6 +90,7 @@ static int audit_backlog_wait_overflow = 0;
89/* The identity of the user shutting down the audit system. */ 90/* The identity of the user shutting down the audit system. */
90uid_t audit_sig_uid = -1; 91uid_t audit_sig_uid = -1;
91pid_t audit_sig_pid = -1; 92pid_t audit_sig_pid = -1;
93u32 audit_sig_sid = 0;
92 94
93/* Records can be lost in several ways: 95/* Records can be lost in several ways:
94 0) [suppressed in audit_alloc] 96 0) [suppressed in audit_alloc]
@@ -102,6 +104,12 @@ static atomic_t audit_lost = ATOMIC_INIT(0);
102/* The netlink socket. */ 104/* The netlink socket. */
103static struct sock *audit_sock; 105static struct sock *audit_sock;
104 106
107/* Inotify handle. */
108struct inotify_handle *audit_ih;
109
110/* Hash for inode-based rules */
111struct list_head audit_inode_hash[AUDIT_INODE_BUCKETS];
112
105/* The audit_freelist is a list of pre-allocated audit buffers (if more 113/* The audit_freelist is a list of pre-allocated audit buffers (if more
106 * than AUDIT_MAXFREE are in use, the audit buffer is freed instead of 114 * than AUDIT_MAXFREE are in use, the audit buffer is freed instead of
107 * being placed on the freelist). */ 115 * being placed on the freelist). */
@@ -114,10 +122,8 @@ static struct task_struct *kauditd_task;
114static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait); 122static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
115static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait); 123static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
116 124
117/* The netlink socket is only to be read by 1 CPU, which lets us assume 125/* Serialize requests from userspace. */
118 * that list additions and deletions never happen simultaneously in 126static DEFINE_MUTEX(audit_cmd_mutex);
119 * auditsc.c */
120DEFINE_MUTEX(audit_netlink_mutex);
121 127
122/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting 128/* AUDIT_BUFSIZ is the size of the temporary buffer used for formatting
123 * audit records. Since printk uses a 1024 byte buffer, this buffer 129 * audit records. Since printk uses a 1024 byte buffer, this buffer
@@ -250,7 +256,7 @@ static int audit_set_rate_limit(int limit, uid_t loginuid, u32 sid)
250 "audit_rate_limit=%d old=%d by auid=%u", 256 "audit_rate_limit=%d old=%d by auid=%u",
251 limit, old, loginuid); 257 limit, old, loginuid);
252 audit_rate_limit = limit; 258 audit_rate_limit = limit;
253 return old; 259 return 0;
254} 260}
255 261
256static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid) 262static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid)
@@ -273,7 +279,7 @@ static int audit_set_backlog_limit(int limit, uid_t loginuid, u32 sid)
273 "audit_backlog_limit=%d old=%d by auid=%u", 279 "audit_backlog_limit=%d old=%d by auid=%u",
274 limit, old, loginuid); 280 limit, old, loginuid);
275 audit_backlog_limit = limit; 281 audit_backlog_limit = limit;
276 return old; 282 return 0;
277} 283}
278 284
279static int audit_set_enabled(int state, uid_t loginuid, u32 sid) 285static int audit_set_enabled(int state, uid_t loginuid, u32 sid)
@@ -299,7 +305,7 @@ static int audit_set_enabled(int state, uid_t loginuid, u32 sid)
299 "audit_enabled=%d old=%d by auid=%u", 305 "audit_enabled=%d old=%d by auid=%u",
300 state, old, loginuid); 306 state, old, loginuid);
301 audit_enabled = state; 307 audit_enabled = state;
302 return old; 308 return 0;
303} 309}
304 310
305static int audit_set_failure(int state, uid_t loginuid, u32 sid) 311static int audit_set_failure(int state, uid_t loginuid, u32 sid)
@@ -327,7 +333,7 @@ static int audit_set_failure(int state, uid_t loginuid, u32 sid)
327 "audit_failure=%d old=%d by auid=%u", 333 "audit_failure=%d old=%d by auid=%u",
328 state, old, loginuid); 334 state, old, loginuid);
329 audit_failure = state; 335 audit_failure = state;
330 return old; 336 return 0;
331} 337}
332 338
333static int kauditd_thread(void *dummy) 339static int kauditd_thread(void *dummy)
@@ -363,9 +369,52 @@ static int kauditd_thread(void *dummy)
363 remove_wait_queue(&kauditd_wait, &wait); 369 remove_wait_queue(&kauditd_wait, &wait);
364 } 370 }
365 } 371 }
372}
373
374int audit_send_list(void *_dest)
375{
376 struct audit_netlink_list *dest = _dest;
377 int pid = dest->pid;
378 struct sk_buff *skb;
379
380 /* wait for parent to finish and send an ACK */
381 mutex_lock(&audit_cmd_mutex);
382 mutex_unlock(&audit_cmd_mutex);
383
384 while ((skb = __skb_dequeue(&dest->q)) != NULL)
385 netlink_unicast(audit_sock, skb, pid, 0);
386
387 kfree(dest);
388
366 return 0; 389 return 0;
367} 390}
368 391
392struct sk_buff *audit_make_reply(int pid, int seq, int type, int done,
393 int multi, void *payload, int size)
394{
395 struct sk_buff *skb;
396 struct nlmsghdr *nlh;
397 int len = NLMSG_SPACE(size);
398 void *data;
399 int flags = multi ? NLM_F_MULTI : 0;
400 int t = done ? NLMSG_DONE : type;
401
402 skb = alloc_skb(len, GFP_KERNEL);
403 if (!skb)
404 return NULL;
405
406 nlh = NLMSG_PUT(skb, pid, seq, t, size);
407 nlh->nlmsg_flags = flags;
408 data = NLMSG_DATA(nlh);
409 memcpy(data, payload, size);
410 return skb;
411
412nlmsg_failure: /* Used by NLMSG_PUT */
413 if (skb)
414 kfree_skb(skb);
415 return NULL;
416}
417
369/** 418/**
370 * audit_send_reply - send an audit reply message via netlink 419 * audit_send_reply - send an audit reply message via netlink
371 * @pid: process id to send reply to 420 * @pid: process id to send reply to
@@ -383,29 +432,13 @@ void audit_send_reply(int pid, int seq, int type, int done, int multi,
383 void *payload, int size) 432 void *payload, int size)
384{ 433{
385 struct sk_buff *skb; 434 struct sk_buff *skb;
386 struct nlmsghdr *nlh; 435 skb = audit_make_reply(pid, seq, type, done, multi, payload, size);
387 int len = NLMSG_SPACE(size);
388 void *data;
389 int flags = multi ? NLM_F_MULTI : 0;
390 int t = done ? NLMSG_DONE : type;
391
392 skb = alloc_skb(len, GFP_KERNEL);
393 if (!skb) 436 if (!skb)
394 return; 437 return;
395
396 nlh = NLMSG_PUT(skb, pid, seq, t, size);
397 nlh->nlmsg_flags = flags;
398 data = NLMSG_DATA(nlh);
399 memcpy(data, payload, size);
400
401 /* Ignore failure. It'll only happen if the sender goes away, 438 /* Ignore failure. It'll only happen if the sender goes away,
402 because our timeout is set to infinite. */ 439 because our timeout is set to infinite. */
403 netlink_unicast(audit_sock, skb, pid, 0); 440 netlink_unicast(audit_sock, skb, pid, 0);
404 return; 441 return;
405
406nlmsg_failure: /* Used by NLMSG_PUT */
407 if (skb)
408 kfree_skb(skb);
409} 442}
410 443
411/* 444/*
@@ -451,7 +484,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
451 struct audit_buffer *ab; 484 struct audit_buffer *ab;
452 u16 msg_type = nlh->nlmsg_type; 485 u16 msg_type = nlh->nlmsg_type;
453 uid_t loginuid; /* loginuid of sender */ 486 uid_t loginuid; /* loginuid of sender */
454 struct audit_sig_info sig_data; 487 struct audit_sig_info *sig_data;
488 char *ctx;
489 u32 len;
455 490
456 err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type); 491 err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type);
457 if (err) 492 if (err)
@@ -503,12 +538,9 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
503 if (status_get->mask & AUDIT_STATUS_PID) { 538 if (status_get->mask & AUDIT_STATUS_PID) {
504 int old = audit_pid; 539 int old = audit_pid;
505 if (sid) { 540 if (sid) {
506 char *ctx = NULL; 541 if ((err = selinux_ctxid_to_string(
507 u32 len;
508 int rc;
509 if ((rc = selinux_ctxid_to_string(
510 sid, &ctx, &len))) 542 sid, &ctx, &len)))
511 return rc; 543 return err;
512 else 544 else
513 audit_log(NULL, GFP_KERNEL, 545 audit_log(NULL, GFP_KERNEL,
514 AUDIT_CONFIG_CHANGE, 546 AUDIT_CONFIG_CHANGE,
@@ -523,10 +555,10 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
523 audit_pid = status_get->pid; 555 audit_pid = status_get->pid;
524 } 556 }
525 if (status_get->mask & AUDIT_STATUS_RATE_LIMIT) 557 if (status_get->mask & AUDIT_STATUS_RATE_LIMIT)
526 audit_set_rate_limit(status_get->rate_limit, 558 err = audit_set_rate_limit(status_get->rate_limit,
527 loginuid, sid); 559 loginuid, sid);
528 if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT) 560 if (status_get->mask & AUDIT_STATUS_BACKLOG_LIMIT)
529 audit_set_backlog_limit(status_get->backlog_limit, 561 err = audit_set_backlog_limit(status_get->backlog_limit,
530 loginuid, sid); 562 loginuid, sid);
531 break; 563 break;
532 case AUDIT_USER: 564 case AUDIT_USER:
@@ -544,8 +576,6 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
544 "user pid=%d uid=%u auid=%u", 576 "user pid=%d uid=%u auid=%u",
545 pid, uid, loginuid); 577 pid, uid, loginuid);
546 if (sid) { 578 if (sid) {
547 char *ctx = NULL;
548 u32 len;
549 if (selinux_ctxid_to_string( 579 if (selinux_ctxid_to_string(
550 sid, &ctx, &len)) { 580 sid, &ctx, &len)) {
551 audit_log_format(ab, 581 audit_log_format(ab,
@@ -584,10 +614,21 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
584 loginuid, sid); 614 loginuid, sid);
585 break; 615 break;
586 case AUDIT_SIGNAL_INFO: 616 case AUDIT_SIGNAL_INFO:
587 sig_data.uid = audit_sig_uid; 617 err = selinux_ctxid_to_string(audit_sig_sid, &ctx, &len);
588 sig_data.pid = audit_sig_pid; 618 if (err)
619 return err;
620 sig_data = kmalloc(sizeof(*sig_data) + len, GFP_KERNEL);
621 if (!sig_data) {
622 kfree(ctx);
623 return -ENOMEM;
624 }
625 sig_data->uid = audit_sig_uid;
626 sig_data->pid = audit_sig_pid;
627 memcpy(sig_data->ctx, ctx, len);
628 kfree(ctx);
589 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO, 629 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
590 0, 0, &sig_data, sizeof(sig_data)); 630 0, 0, sig_data, sizeof(*sig_data) + len);
631 kfree(sig_data);
591 break; 632 break;
592 default: 633 default:
593 err = -EINVAL; 634 err = -EINVAL;
@@ -629,20 +670,30 @@ static void audit_receive(struct sock *sk, int length)
629 struct sk_buff *skb; 670 struct sk_buff *skb;
630 unsigned int qlen; 671 unsigned int qlen;
631 672
632 mutex_lock(&audit_netlink_mutex); 673 mutex_lock(&audit_cmd_mutex);
633 674
634 for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) { 675 for (qlen = skb_queue_len(&sk->sk_receive_queue); qlen; qlen--) {
635 skb = skb_dequeue(&sk->sk_receive_queue); 676 skb = skb_dequeue(&sk->sk_receive_queue);
636 audit_receive_skb(skb); 677 audit_receive_skb(skb);
637 kfree_skb(skb); 678 kfree_skb(skb);
638 } 679 }
639 mutex_unlock(&audit_netlink_mutex); 680 mutex_unlock(&audit_cmd_mutex);
640} 681}
641 682
683#ifdef CONFIG_AUDITSYSCALL
684static const struct inotify_operations audit_inotify_ops = {
685 .handle_event = audit_handle_ievent,
686 .destroy_watch = audit_free_parent,
687};
688#endif
642 689
643/* Initialize audit support at boot time. */ 690/* Initialize audit support at boot time. */
644static int __init audit_init(void) 691static int __init audit_init(void)
645{ 692{
693#ifdef CONFIG_AUDITSYSCALL
694 int i;
695#endif
696
646 printk(KERN_INFO "audit: initializing netlink socket (%s)\n", 697 printk(KERN_INFO "audit: initializing netlink socket (%s)\n",
647 audit_default ? "enabled" : "disabled"); 698 audit_default ? "enabled" : "disabled");
648 audit_sock = netlink_kernel_create(NETLINK_AUDIT, 0, audit_receive, 699 audit_sock = netlink_kernel_create(NETLINK_AUDIT, 0, audit_receive,
@@ -661,6 +712,16 @@ static int __init audit_init(void)
661 selinux_audit_set_callback(&selinux_audit_rule_update); 712 selinux_audit_set_callback(&selinux_audit_rule_update);
662 713
663 audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized"); 714 audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized");
715
716#ifdef CONFIG_AUDITSYSCALL
717 audit_ih = inotify_init(&audit_inotify_ops);
718 if (IS_ERR(audit_ih))
719 audit_panic("cannot initialize inotify handle");
720
721 for (i = 0; i < AUDIT_INODE_BUCKETS; i++)
722 INIT_LIST_HEAD(&audit_inode_hash[i]);
723#endif
724
664 return 0; 725 return 0;
665} 726}
666__initcall(audit_init); 727__initcall(audit_init);
@@ -690,10 +751,12 @@ static void audit_buffer_free(struct audit_buffer *ab)
690 kfree_skb(ab->skb); 751 kfree_skb(ab->skb);
691 752
692 spin_lock_irqsave(&audit_freelist_lock, flags); 753 spin_lock_irqsave(&audit_freelist_lock, flags);
693 if (++audit_freelist_count > AUDIT_MAXFREE) 754 if (audit_freelist_count > AUDIT_MAXFREE)
694 kfree(ab); 755 kfree(ab);
695 else 756 else {
757 audit_freelist_count++;
696 list_add(&ab->list, &audit_freelist); 758 list_add(&ab->list, &audit_freelist);
759 }
697 spin_unlock_irqrestore(&audit_freelist_lock, flags); 760 spin_unlock_irqrestore(&audit_freelist_lock, flags);
698} 761}
699 762
@@ -988,28 +1051,76 @@ void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf,
988 skb_put(skb, len << 1); /* new string is twice the old string */ 1051 skb_put(skb, len << 1); /* new string is twice the old string */
989} 1052}
990 1053
1054/*
1055 * Format a string of no more than slen characters into the audit buffer,
1056 * enclosed in quote marks.
1057 */
1058static void audit_log_n_string(struct audit_buffer *ab, size_t slen,
1059 const char *string)
1060{
1061 int avail, new_len;
1062 unsigned char *ptr;
1063 struct sk_buff *skb;
1064
1065 BUG_ON(!ab->skb);
1066 skb = ab->skb;
1067 avail = skb_tailroom(skb);
1068 new_len = slen + 3; /* enclosing quotes + null terminator */
1069 if (new_len > avail) {
1070 avail = audit_expand(ab, new_len);
1071 if (!avail)
1072 return;
1073 }
1074 ptr = skb->tail;
1075 *ptr++ = '"';
1076 memcpy(ptr, string, slen);
1077 ptr += slen;
1078 *ptr++ = '"';
1079 *ptr = 0;
1080 skb_put(skb, slen + 2); /* don't include null terminator */
1081}
1082
991/** 1083/**
992 * audit_log_unstrustedstring - log a string that may contain random characters 1084 * audit_log_n_unstrustedstring - log a string that may contain random characters
993 * @ab: audit_buffer 1085 * @ab: audit_buffer
1086 * @len: lenth of string (not including trailing null)
994 * @string: string to be logged 1087 * @string: string to be logged
995 * 1088 *
996 * This code will escape a string that is passed to it if the string 1089 * This code will escape a string that is passed to it if the string
997 * contains a control character, unprintable character, double quote mark, 1090 * contains a control character, unprintable character, double quote mark,
998 * or a space. Unescaped strings will start and end with a double quote mark. 1091 * or a space. Unescaped strings will start and end with a double quote mark.
999 * Strings that are escaped are printed in hex (2 digits per char). 1092 * Strings that are escaped are printed in hex (2 digits per char).
1093 *
1094 * The caller specifies the number of characters in the string to log, which may
1095 * or may not be the entire string.
1000 */ 1096 */
1001void audit_log_untrustedstring(struct audit_buffer *ab, const char *string) 1097const char *audit_log_n_untrustedstring(struct audit_buffer *ab, size_t len,
1098 const char *string)
1002{ 1099{
1003 const unsigned char *p = string; 1100 const unsigned char *p = string;
1004 1101
1005 while (*p) { 1102 while (*p) {
1006 if (*p == '"' || *p < 0x21 || *p > 0x7f) { 1103 if (*p == '"' || *p < 0x21 || *p > 0x7f) {
1007 audit_log_hex(ab, string, strlen(string)); 1104 audit_log_hex(ab, string, len);
1008 return; 1105 return string + len + 1;
1009 } 1106 }
1010 p++; 1107 p++;
1011 } 1108 }
1012 audit_log_format(ab, "\"%s\"", string); 1109 audit_log_n_string(ab, len, string);
1110 return p + 1;
1111}
1112
1113/**
1114 * audit_log_unstrustedstring - log a string that may contain random characters
1115 * @ab: audit_buffer
1116 * @string: string to be logged
1117 *
1118 * Same as audit_log_n_unstrustedstring(), except that strlen is used to
1119 * determine string length.
1120 */
1121const char *audit_log_untrustedstring(struct audit_buffer *ab, const char *string)
1122{
1123 return audit_log_n_untrustedstring(ab, strlen(string), string);
1013} 1124}
1014 1125
1015/* This is a helper-function to print the escaped d_path */ 1126/* This is a helper-function to print the escaped d_path */
diff --git a/kernel/audit.h b/kernel/audit.h
index 6f733920fd32..8323e4132a33 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -19,9 +19,9 @@
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */ 20 */
21 21
22#include <linux/mutex.h>
23#include <linux/fs.h> 22#include <linux/fs.h>
24#include <linux/audit.h> 23#include <linux/audit.h>
24#include <linux/skbuff.h>
25 25
26/* 0 = no checking 26/* 0 = no checking
27 1 = put_count checking 27 1 = put_count checking
@@ -53,6 +53,18 @@ enum audit_state {
53}; 53};
54 54
55/* Rule lists */ 55/* Rule lists */
56struct audit_parent;
57
58struct audit_watch {
59 atomic_t count; /* reference count */
60 char *path; /* insertion path */
61 dev_t dev; /* associated superblock device */
62 unsigned long ino; /* associated inode number */
63 struct audit_parent *parent; /* associated parent */
64 struct list_head wlist; /* entry in parent->watches list */
65 struct list_head rules; /* associated rules */
66};
67
56struct audit_field { 68struct audit_field {
57 u32 type; 69 u32 type;
58 u32 val; 70 u32 val;
@@ -70,6 +82,9 @@ struct audit_krule {
70 u32 buflen; /* for data alloc on list rules */ 82 u32 buflen; /* for data alloc on list rules */
71 u32 field_count; 83 u32 field_count;
72 struct audit_field *fields; 84 struct audit_field *fields;
85 struct audit_field *inode_f; /* quick access to an inode field */
86 struct audit_watch *watch; /* associated watch */
87 struct list_head rlist; /* entry in audit_watch.rules list */
73}; 88};
74 89
75struct audit_entry { 90struct audit_entry {
@@ -78,15 +93,53 @@ struct audit_entry {
78 struct audit_krule rule; 93 struct audit_krule rule;
79}; 94};
80 95
81
82extern int audit_pid; 96extern int audit_pid;
83extern int audit_comparator(const u32 left, const u32 op, const u32 right);
84 97
98#define AUDIT_INODE_BUCKETS 32
99extern struct list_head audit_inode_hash[AUDIT_INODE_BUCKETS];
100
101static inline int audit_hash_ino(u32 ino)
102{
103 return (ino & (AUDIT_INODE_BUCKETS-1));
104}
105
106extern int audit_comparator(const u32 left, const u32 op, const u32 right);
107extern int audit_compare_dname_path(const char *dname, const char *path,
108 int *dirlen);
109extern struct sk_buff * audit_make_reply(int pid, int seq, int type,
110 int done, int multi,
111 void *payload, int size);
85extern void audit_send_reply(int pid, int seq, int type, 112extern void audit_send_reply(int pid, int seq, int type,
86 int done, int multi, 113 int done, int multi,
87 void *payload, int size); 114 void *payload, int size);
88extern void audit_log_lost(const char *message); 115extern void audit_log_lost(const char *message);
89extern void audit_panic(const char *message); 116extern void audit_panic(const char *message);
90extern struct mutex audit_netlink_mutex;
91 117
118struct audit_netlink_list {
119 int pid;
120 struct sk_buff_head q;
121};
122
123int audit_send_list(void *);
124
125struct inotify_watch;
126extern void audit_free_parent(struct inotify_watch *);
127extern void audit_handle_ievent(struct inotify_watch *, u32, u32, u32,
128 const char *, struct inode *);
92extern int selinux_audit_rule_update(void); 129extern int selinux_audit_rule_update(void);
130
131#ifdef CONFIG_AUDITSYSCALL
132extern void __audit_signal_info(int sig, struct task_struct *t);
133static inline void audit_signal_info(int sig, struct task_struct *t)
134{
135 if (unlikely(audit_pid && t->tgid == audit_pid))
136 __audit_signal_info(sig, t);
137}
138extern enum audit_state audit_filter_inodes(struct task_struct *,
139 struct audit_context *);
140extern void audit_set_auditable(struct audit_context *);
141#else
142#define audit_signal_info(s,t)
143#define audit_filter_inodes(t,c) AUDIT_DISABLED
144#define audit_set_auditable(c)
145#endif
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 7c134906d689..4c99d2c586ed 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -22,13 +22,59 @@
22#include <linux/kernel.h> 22#include <linux/kernel.h>
23#include <linux/audit.h> 23#include <linux/audit.h>
24#include <linux/kthread.h> 24#include <linux/kthread.h>
25#include <linux/mutex.h>
26#include <linux/fs.h>
27#include <linux/namei.h>
25#include <linux/netlink.h> 28#include <linux/netlink.h>
29#include <linux/sched.h>
30#include <linux/inotify.h>
26#include <linux/selinux.h> 31#include <linux/selinux.h>
27#include "audit.h" 32#include "audit.h"
28 33
29/* There are three lists of rules -- one to search at task creation 34/*
30 * time, one to search at syscall entry time, and another to search at 35 * Locking model:
31 * syscall exit time. */ 36 *
37 * audit_filter_mutex:
38 * Synchronizes writes and blocking reads of audit's filterlist
39 * data. Rcu is used to traverse the filterlist and access
40 * contents of structs audit_entry, audit_watch and opaque
41 * selinux rules during filtering. If modified, these structures
42 * must be copied and replace their counterparts in the filterlist.
43 * An audit_parent struct is not accessed during filtering, so may
44 * be written directly provided audit_filter_mutex is held.
45 */
46
47/*
48 * Reference counting:
49 *
50 * audit_parent: lifetime is from audit_init_parent() to receipt of an IN_IGNORED
51 * event. Each audit_watch holds a reference to its associated parent.
52 *
53 * audit_watch: if added to lists, lifetime is from audit_init_watch() to
54 * audit_remove_watch(). Additionally, an audit_watch may exist
55 * temporarily to assist in searching existing filter data. Each
56 * audit_krule holds a reference to its associated watch.
57 */
58
59struct audit_parent {
60 struct list_head ilist; /* entry in inotify registration list */
61 struct list_head watches; /* associated watches */
62 struct inotify_watch wdata; /* inotify watch data */
63 unsigned flags; /* status flags */
64};
65
66/*
67 * audit_parent status flags:
68 *
69 * AUDIT_PARENT_INVALID - set anytime rules/watches are auto-removed due to
70 * a filesystem event to ensure we're adding audit watches to a valid parent.
71 * Technically not needed for IN_DELETE_SELF or IN_UNMOUNT events, as we cannot
72 * receive them while we have nameidata, but must be used for IN_MOVE_SELF which
73 * we can receive while holding nameidata.
74 */
75#define AUDIT_PARENT_INVALID 0x001
76
77/* Audit filter lists, defined in <linux/audit.h> */
32struct list_head audit_filter_list[AUDIT_NR_FILTERS] = { 78struct list_head audit_filter_list[AUDIT_NR_FILTERS] = {
33 LIST_HEAD_INIT(audit_filter_list[0]), 79 LIST_HEAD_INIT(audit_filter_list[0]),
34 LIST_HEAD_INIT(audit_filter_list[1]), 80 LIST_HEAD_INIT(audit_filter_list[1]),
@@ -41,9 +87,53 @@ struct list_head audit_filter_list[AUDIT_NR_FILTERS] = {
41#endif 87#endif
42}; 88};
43 89
90static DEFINE_MUTEX(audit_filter_mutex);
91
92/* Inotify handle */
93extern struct inotify_handle *audit_ih;
94
95/* Inotify events we care about. */
96#define AUDIT_IN_WATCH IN_MOVE|IN_CREATE|IN_DELETE|IN_DELETE_SELF|IN_MOVE_SELF
97
98void audit_free_parent(struct inotify_watch *i_watch)
99{
100 struct audit_parent *parent;
101
102 parent = container_of(i_watch, struct audit_parent, wdata);
103 WARN_ON(!list_empty(&parent->watches));
104 kfree(parent);
105}
106
107static inline void audit_get_watch(struct audit_watch *watch)
108{
109 atomic_inc(&watch->count);
110}
111
112static void audit_put_watch(struct audit_watch *watch)
113{
114 if (atomic_dec_and_test(&watch->count)) {
115 WARN_ON(watch->parent);
116 WARN_ON(!list_empty(&watch->rules));
117 kfree(watch->path);
118 kfree(watch);
119 }
120}
121
122static void audit_remove_watch(struct audit_watch *watch)
123{
124 list_del(&watch->wlist);
125 put_inotify_watch(&watch->parent->wdata);
126 watch->parent = NULL;
127 audit_put_watch(watch); /* match initial get */
128}
129
44static inline void audit_free_rule(struct audit_entry *e) 130static inline void audit_free_rule(struct audit_entry *e)
45{ 131{
46 int i; 132 int i;
133
134 /* some rules don't have associated watches */
135 if (e->rule.watch)
136 audit_put_watch(e->rule.watch);
47 if (e->rule.fields) 137 if (e->rule.fields)
48 for (i = 0; i < e->rule.field_count; i++) { 138 for (i = 0; i < e->rule.field_count; i++) {
49 struct audit_field *f = &e->rule.fields[i]; 139 struct audit_field *f = &e->rule.fields[i];
@@ -60,6 +150,50 @@ static inline void audit_free_rule_rcu(struct rcu_head *head)
60 audit_free_rule(e); 150 audit_free_rule(e);
61} 151}
62 152
153/* Initialize a parent watch entry. */
154static struct audit_parent *audit_init_parent(struct nameidata *ndp)
155{
156 struct audit_parent *parent;
157 s32 wd;
158
159 parent = kzalloc(sizeof(*parent), GFP_KERNEL);
160 if (unlikely(!parent))
161 return ERR_PTR(-ENOMEM);
162
163 INIT_LIST_HEAD(&parent->watches);
164 parent->flags = 0;
165
166 inotify_init_watch(&parent->wdata);
167 /* grab a ref so inotify watch hangs around until we take audit_filter_mutex */
168 get_inotify_watch(&parent->wdata);
169 wd = inotify_add_watch(audit_ih, &parent->wdata, ndp->dentry->d_inode,
170 AUDIT_IN_WATCH);
171 if (wd < 0) {
172 audit_free_parent(&parent->wdata);
173 return ERR_PTR(wd);
174 }
175
176 return parent;
177}
178
179/* Initialize a watch entry. */
180static struct audit_watch *audit_init_watch(char *path)
181{
182 struct audit_watch *watch;
183
184 watch = kzalloc(sizeof(*watch), GFP_KERNEL);
185 if (unlikely(!watch))
186 return ERR_PTR(-ENOMEM);
187
188 INIT_LIST_HEAD(&watch->rules);
189 atomic_set(&watch->count, 1);
190 watch->path = path;
191 watch->dev = (dev_t)-1;
192 watch->ino = (unsigned long)-1;
193
194 return watch;
195}
196
63/* Initialize an audit filterlist entry. */ 197/* Initialize an audit filterlist entry. */
64static inline struct audit_entry *audit_init_entry(u32 field_count) 198static inline struct audit_entry *audit_init_entry(u32 field_count)
65{ 199{
@@ -107,6 +241,43 @@ static char *audit_unpack_string(void **bufp, size_t *remain, size_t len)
107 return str; 241 return str;
108} 242}
109 243
244/* Translate an inode field to kernel respresentation. */
245static inline int audit_to_inode(struct audit_krule *krule,
246 struct audit_field *f)
247{
248 if (krule->listnr != AUDIT_FILTER_EXIT ||
249 krule->watch || krule->inode_f)
250 return -EINVAL;
251
252 krule->inode_f = f;
253 return 0;
254}
255
256/* Translate a watch string to kernel respresentation. */
257static int audit_to_watch(struct audit_krule *krule, char *path, int len,
258 u32 op)
259{
260 struct audit_watch *watch;
261
262 if (!audit_ih)
263 return -EOPNOTSUPP;
264
265 if (path[0] != '/' || path[len-1] == '/' ||
266 krule->listnr != AUDIT_FILTER_EXIT ||
267 op & ~AUDIT_EQUAL ||
268 krule->inode_f || krule->watch) /* 1 inode # per rule, for hash */
269 return -EINVAL;
270
271 watch = audit_init_watch(path);
272 if (unlikely(IS_ERR(watch)))
273 return PTR_ERR(watch);
274
275 audit_get_watch(watch);
276 krule->watch = watch;
277
278 return 0;
279}
280
110/* Common user-space to kernel rule translation. */ 281/* Common user-space to kernel rule translation. */
111static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule) 282static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
112{ 283{
@@ -128,8 +299,11 @@ static inline struct audit_entry *audit_to_entry_common(struct audit_rule *rule)
128#endif 299#endif
129 ; 300 ;
130 } 301 }
131 if (rule->action != AUDIT_NEVER && rule->action != AUDIT_POSSIBLE && 302 if (unlikely(rule->action == AUDIT_POSSIBLE)) {
132 rule->action != AUDIT_ALWAYS) 303 printk(KERN_ERR "AUDIT_POSSIBLE is deprecated\n");
304 goto exit_err;
305 }
306 if (rule->action != AUDIT_NEVER && rule->action != AUDIT_ALWAYS)
133 goto exit_err; 307 goto exit_err;
134 if (rule->field_count > AUDIT_MAX_FIELDS) 308 if (rule->field_count > AUDIT_MAX_FIELDS)
135 goto exit_err; 309 goto exit_err;
@@ -158,6 +332,7 @@ exit_err:
158static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) 332static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
159{ 333{
160 struct audit_entry *entry; 334 struct audit_entry *entry;
335 struct audit_field *f;
161 int err = 0; 336 int err = 0;
162 int i; 337 int i;
163 338
@@ -172,14 +347,37 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
172 f->type = rule->fields[i] & ~(AUDIT_NEGATE|AUDIT_OPERATORS); 347 f->type = rule->fields[i] & ~(AUDIT_NEGATE|AUDIT_OPERATORS);
173 f->val = rule->values[i]; 348 f->val = rule->values[i];
174 349
175 if (f->type & AUDIT_UNUSED_BITS || 350 err = -EINVAL;
176 f->type == AUDIT_SE_USER || 351 switch(f->type) {
177 f->type == AUDIT_SE_ROLE || 352 default:
178 f->type == AUDIT_SE_TYPE ||
179 f->type == AUDIT_SE_SEN ||
180 f->type == AUDIT_SE_CLR) {
181 err = -EINVAL;
182 goto exit_free; 353 goto exit_free;
354 case AUDIT_PID:
355 case AUDIT_UID:
356 case AUDIT_EUID:
357 case AUDIT_SUID:
358 case AUDIT_FSUID:
359 case AUDIT_GID:
360 case AUDIT_EGID:
361 case AUDIT_SGID:
362 case AUDIT_FSGID:
363 case AUDIT_LOGINUID:
364 case AUDIT_PERS:
365 case AUDIT_ARCH:
366 case AUDIT_MSGTYPE:
367 case AUDIT_DEVMAJOR:
368 case AUDIT_DEVMINOR:
369 case AUDIT_EXIT:
370 case AUDIT_SUCCESS:
371 case AUDIT_ARG0:
372 case AUDIT_ARG1:
373 case AUDIT_ARG2:
374 case AUDIT_ARG3:
375 break;
376 case AUDIT_INODE:
377 err = audit_to_inode(&entry->rule, f);
378 if (err)
379 goto exit_free;
380 break;
183 } 381 }
184 382
185 entry->rule.vers_ops = (f->op & AUDIT_OPERATORS) ? 2 : 1; 383 entry->rule.vers_ops = (f->op & AUDIT_OPERATORS) ? 2 : 1;
@@ -196,6 +394,18 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
196 } 394 }
197 } 395 }
198 396
397 f = entry->rule.inode_f;
398 if (f) {
399 switch(f->op) {
400 case AUDIT_NOT_EQUAL:
401 entry->rule.inode_f = NULL;
402 case AUDIT_EQUAL:
403 break;
404 default:
405 goto exit_free;
406 }
407 }
408
199exit_nofree: 409exit_nofree:
200 return entry; 410 return entry;
201 411
@@ -210,6 +420,7 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
210{ 420{
211 int err = 0; 421 int err = 0;
212 struct audit_entry *entry; 422 struct audit_entry *entry;
423 struct audit_field *f;
213 void *bufp; 424 void *bufp;
214 size_t remain = datasz - sizeof(struct audit_rule_data); 425 size_t remain = datasz - sizeof(struct audit_rule_data);
215 int i; 426 int i;
@@ -235,6 +446,29 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
235 f->se_str = NULL; 446 f->se_str = NULL;
236 f->se_rule = NULL; 447 f->se_rule = NULL;
237 switch(f->type) { 448 switch(f->type) {
449 case AUDIT_PID:
450 case AUDIT_UID:
451 case AUDIT_EUID:
452 case AUDIT_SUID:
453 case AUDIT_FSUID:
454 case AUDIT_GID:
455 case AUDIT_EGID:
456 case AUDIT_SGID:
457 case AUDIT_FSGID:
458 case AUDIT_LOGINUID:
459 case AUDIT_PERS:
460 case AUDIT_ARCH:
461 case AUDIT_MSGTYPE:
462 case AUDIT_PPID:
463 case AUDIT_DEVMAJOR:
464 case AUDIT_DEVMINOR:
465 case AUDIT_EXIT:
466 case AUDIT_SUCCESS:
467 case AUDIT_ARG0:
468 case AUDIT_ARG1:
469 case AUDIT_ARG2:
470 case AUDIT_ARG3:
471 break;
238 case AUDIT_SE_USER: 472 case AUDIT_SE_USER:
239 case AUDIT_SE_ROLE: 473 case AUDIT_SE_ROLE:
240 case AUDIT_SE_TYPE: 474 case AUDIT_SE_TYPE:
@@ -260,6 +494,37 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
260 } else 494 } else
261 f->se_str = str; 495 f->se_str = str;
262 break; 496 break;
497 case AUDIT_WATCH:
498 str = audit_unpack_string(&bufp, &remain, f->val);
499 if (IS_ERR(str))
500 goto exit_free;
501 entry->rule.buflen += f->val;
502
503 err = audit_to_watch(&entry->rule, str, f->val, f->op);
504 if (err) {
505 kfree(str);
506 goto exit_free;
507 }
508 break;
509 case AUDIT_INODE:
510 err = audit_to_inode(&entry->rule, f);
511 if (err)
512 goto exit_free;
513 break;
514 default:
515 goto exit_free;
516 }
517 }
518
519 f = entry->rule.inode_f;
520 if (f) {
521 switch(f->op) {
522 case AUDIT_NOT_EQUAL:
523 entry->rule.inode_f = NULL;
524 case AUDIT_EQUAL:
525 break;
526 default:
527 goto exit_free;
263 } 528 }
264 } 529 }
265 530
@@ -291,7 +556,7 @@ static struct audit_rule *audit_krule_to_rule(struct audit_krule *krule)
291 556
292 rule = kmalloc(sizeof(*rule), GFP_KERNEL); 557 rule = kmalloc(sizeof(*rule), GFP_KERNEL);
293 if (unlikely(!rule)) 558 if (unlikely(!rule))
294 return ERR_PTR(-ENOMEM); 559 return NULL;
295 memset(rule, 0, sizeof(*rule)); 560 memset(rule, 0, sizeof(*rule));
296 561
297 rule->flags = krule->flags | krule->listnr; 562 rule->flags = krule->flags | krule->listnr;
@@ -322,7 +587,7 @@ static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule)
322 587
323 data = kmalloc(sizeof(*data) + krule->buflen, GFP_KERNEL); 588 data = kmalloc(sizeof(*data) + krule->buflen, GFP_KERNEL);
324 if (unlikely(!data)) 589 if (unlikely(!data))
325 return ERR_PTR(-ENOMEM); 590 return NULL;
326 memset(data, 0, sizeof(*data)); 591 memset(data, 0, sizeof(*data));
327 592
328 data->flags = krule->flags | krule->listnr; 593 data->flags = krule->flags | krule->listnr;
@@ -343,6 +608,10 @@ static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule)
343 data->buflen += data->values[i] = 608 data->buflen += data->values[i] =
344 audit_pack_string(&bufp, f->se_str); 609 audit_pack_string(&bufp, f->se_str);
345 break; 610 break;
611 case AUDIT_WATCH:
612 data->buflen += data->values[i] =
613 audit_pack_string(&bufp, krule->watch->path);
614 break;
346 default: 615 default:
347 data->values[i] = f->val; 616 data->values[i] = f->val;
348 } 617 }
@@ -378,6 +647,10 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
378 if (strcmp(a->fields[i].se_str, b->fields[i].se_str)) 647 if (strcmp(a->fields[i].se_str, b->fields[i].se_str))
379 return 1; 648 return 1;
380 break; 649 break;
650 case AUDIT_WATCH:
651 if (strcmp(a->watch->path, b->watch->path))
652 return 1;
653 break;
381 default: 654 default:
382 if (a->fields[i].val != b->fields[i].val) 655 if (a->fields[i].val != b->fields[i].val)
383 return 1; 656 return 1;
@@ -391,6 +664,32 @@ static int audit_compare_rule(struct audit_krule *a, struct audit_krule *b)
391 return 0; 664 return 0;
392} 665}
393 666
667/* Duplicate the given audit watch. The new watch's rules list is initialized
668 * to an empty list and wlist is undefined. */
669static struct audit_watch *audit_dupe_watch(struct audit_watch *old)
670{
671 char *path;
672 struct audit_watch *new;
673
674 path = kstrdup(old->path, GFP_KERNEL);
675 if (unlikely(!path))
676 return ERR_PTR(-ENOMEM);
677
678 new = audit_init_watch(path);
679 if (unlikely(IS_ERR(new))) {
680 kfree(path);
681 goto out;
682 }
683
684 new->dev = old->dev;
685 new->ino = old->ino;
686 get_inotify_watch(&old->parent->wdata);
687 new->parent = old->parent;
688
689out:
690 return new;
691}
692
394/* Duplicate selinux field information. The se_rule is opaque, so must be 693/* Duplicate selinux field information. The se_rule is opaque, so must be
395 * re-initialized. */ 694 * re-initialized. */
396static inline int audit_dupe_selinux_field(struct audit_field *df, 695static inline int audit_dupe_selinux_field(struct audit_field *df,
@@ -422,8 +721,11 @@ static inline int audit_dupe_selinux_field(struct audit_field *df,
422/* Duplicate an audit rule. This will be a deep copy with the exception 721/* Duplicate an audit rule. This will be a deep copy with the exception
423 * of the watch - that pointer is carried over. The selinux specific fields 722 * of the watch - that pointer is carried over. The selinux specific fields
424 * will be updated in the copy. The point is to be able to replace the old 723 * will be updated in the copy. The point is to be able to replace the old
425 * rule with the new rule in the filterlist, then free the old rule. */ 724 * rule with the new rule in the filterlist, then free the old rule.
426static struct audit_entry *audit_dupe_rule(struct audit_krule *old) 725 * The rlist element is undefined; list manipulations are handled apart from
726 * the initial copy. */
727static struct audit_entry *audit_dupe_rule(struct audit_krule *old,
728 struct audit_watch *watch)
427{ 729{
428 u32 fcount = old->field_count; 730 u32 fcount = old->field_count;
429 struct audit_entry *entry; 731 struct audit_entry *entry;
@@ -442,6 +744,8 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old)
442 for (i = 0; i < AUDIT_BITMASK_SIZE; i++) 744 for (i = 0; i < AUDIT_BITMASK_SIZE; i++)
443 new->mask[i] = old->mask[i]; 745 new->mask[i] = old->mask[i];
444 new->buflen = old->buflen; 746 new->buflen = old->buflen;
747 new->inode_f = old->inode_f;
748 new->watch = NULL;
445 new->field_count = old->field_count; 749 new->field_count = old->field_count;
446 memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount); 750 memcpy(new->fields, old->fields, sizeof(struct audit_field) * fcount);
447 751
@@ -463,68 +767,409 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old)
463 } 767 }
464 } 768 }
465 769
770 if (watch) {
771 audit_get_watch(watch);
772 new->watch = watch;
773 }
774
466 return entry; 775 return entry;
467} 776}
468 777
469/* Add rule to given filterlist if not a duplicate. Protected by 778/* Update inode info in audit rules based on filesystem event. */
470 * audit_netlink_mutex. */ 779static void audit_update_watch(struct audit_parent *parent,
780 const char *dname, dev_t dev,
781 unsigned long ino, unsigned invalidating)
782{
783 struct audit_watch *owatch, *nwatch, *nextw;
784 struct audit_krule *r, *nextr;
785 struct audit_entry *oentry, *nentry;
786 struct audit_buffer *ab;
787
788 mutex_lock(&audit_filter_mutex);
789 list_for_each_entry_safe(owatch, nextw, &parent->watches, wlist) {
790 if (audit_compare_dname_path(dname, owatch->path, NULL))
791 continue;
792
793 /* If the update involves invalidating rules, do the inode-based
794 * filtering now, so we don't omit records. */
795 if (invalidating &&
796 audit_filter_inodes(current, current->audit_context) == AUDIT_RECORD_CONTEXT)
797 audit_set_auditable(current->audit_context);
798
799 nwatch = audit_dupe_watch(owatch);
800 if (unlikely(IS_ERR(nwatch))) {
801 mutex_unlock(&audit_filter_mutex);
802 audit_panic("error updating watch, skipping");
803 return;
804 }
805 nwatch->dev = dev;
806 nwatch->ino = ino;
807
808 list_for_each_entry_safe(r, nextr, &owatch->rules, rlist) {
809
810 oentry = container_of(r, struct audit_entry, rule);
811 list_del(&oentry->rule.rlist);
812 list_del_rcu(&oentry->list);
813
814 nentry = audit_dupe_rule(&oentry->rule, nwatch);
815 if (unlikely(IS_ERR(nentry)))
816 audit_panic("error updating watch, removing");
817 else {
818 int h = audit_hash_ino((u32)ino);
819 list_add(&nentry->rule.rlist, &nwatch->rules);
820 list_add_rcu(&nentry->list, &audit_inode_hash[h]);
821 }
822
823 call_rcu(&oentry->rcu, audit_free_rule_rcu);
824 }
825
826 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
827 audit_log_format(ab, "audit updated rules specifying watch=");
828 audit_log_untrustedstring(ab, owatch->path);
829 audit_log_format(ab, " with dev=%u ino=%lu\n", dev, ino);
830 audit_log_end(ab);
831
832 audit_remove_watch(owatch);
833 goto add_watch_to_parent; /* event applies to a single watch */
834 }
835 mutex_unlock(&audit_filter_mutex);
836 return;
837
838add_watch_to_parent:
839 list_add(&nwatch->wlist, &parent->watches);
840 mutex_unlock(&audit_filter_mutex);
841 return;
842}
843
844/* Remove all watches & rules associated with a parent that is going away. */
845static void audit_remove_parent_watches(struct audit_parent *parent)
846{
847 struct audit_watch *w, *nextw;
848 struct audit_krule *r, *nextr;
849 struct audit_entry *e;
850
851 mutex_lock(&audit_filter_mutex);
852 parent->flags |= AUDIT_PARENT_INVALID;
853 list_for_each_entry_safe(w, nextw, &parent->watches, wlist) {
854 list_for_each_entry_safe(r, nextr, &w->rules, rlist) {
855 e = container_of(r, struct audit_entry, rule);
856 list_del(&r->rlist);
857 list_del_rcu(&e->list);
858 call_rcu(&e->rcu, audit_free_rule_rcu);
859
860 audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
861 "audit implicitly removed rule from list=%d\n",
862 AUDIT_FILTER_EXIT);
863 }
864 audit_remove_watch(w);
865 }
866 mutex_unlock(&audit_filter_mutex);
867}
868
869/* Unregister inotify watches for parents on in_list.
870 * Generates an IN_IGNORED event. */
871static void audit_inotify_unregister(struct list_head *in_list)
872{
873 struct audit_parent *p, *n;
874
875 list_for_each_entry_safe(p, n, in_list, ilist) {
876 list_del(&p->ilist);
877 inotify_rm_watch(audit_ih, &p->wdata);
878 /* the put matching the get in audit_do_del_rule() */
879 put_inotify_watch(&p->wdata);
880 }
881}
882
883/* Find an existing audit rule.
884 * Caller must hold audit_filter_mutex to prevent stale rule data. */
885static struct audit_entry *audit_find_rule(struct audit_entry *entry,
886 struct list_head *list)
887{
888 struct audit_entry *e, *found = NULL;
889 int h;
890
891 if (entry->rule.watch) {
892 /* we don't know the inode number, so must walk entire hash */
893 for (h = 0; h < AUDIT_INODE_BUCKETS; h++) {
894 list = &audit_inode_hash[h];
895 list_for_each_entry(e, list, list)
896 if (!audit_compare_rule(&entry->rule, &e->rule)) {
897 found = e;
898 goto out;
899 }
900 }
901 goto out;
902 }
903
904 list_for_each_entry(e, list, list)
905 if (!audit_compare_rule(&entry->rule, &e->rule)) {
906 found = e;
907 goto out;
908 }
909
910out:
911 return found;
912}
913
914/* Get path information necessary for adding watches. */
915static int audit_get_nd(char *path, struct nameidata **ndp,
916 struct nameidata **ndw)
917{
918 struct nameidata *ndparent, *ndwatch;
919 int err;
920
921 ndparent = kmalloc(sizeof(*ndparent), GFP_KERNEL);
922 if (unlikely(!ndparent))
923 return -ENOMEM;
924
925 ndwatch = kmalloc(sizeof(*ndwatch), GFP_KERNEL);
926 if (unlikely(!ndwatch)) {
927 kfree(ndparent);
928 return -ENOMEM;
929 }
930
931 err = path_lookup(path, LOOKUP_PARENT, ndparent);
932 if (err) {
933 kfree(ndparent);
934 kfree(ndwatch);
935 return err;
936 }
937
938 err = path_lookup(path, 0, ndwatch);
939 if (err) {
940 kfree(ndwatch);
941 ndwatch = NULL;
942 }
943
944 *ndp = ndparent;
945 *ndw = ndwatch;
946
947 return 0;
948}
949
950/* Release resources used for watch path information. */
951static void audit_put_nd(struct nameidata *ndp, struct nameidata *ndw)
952{
953 if (ndp) {
954 path_release(ndp);
955 kfree(ndp);
956 }
957 if (ndw) {
958 path_release(ndw);
959 kfree(ndw);
960 }
961}
962
963/* Associate the given rule with an existing parent inotify_watch.
964 * Caller must hold audit_filter_mutex. */
965static void audit_add_to_parent(struct audit_krule *krule,
966 struct audit_parent *parent)
967{
968 struct audit_watch *w, *watch = krule->watch;
969 int watch_found = 0;
970
971 list_for_each_entry(w, &parent->watches, wlist) {
972 if (strcmp(watch->path, w->path))
973 continue;
974
975 watch_found = 1;
976
977 /* put krule's and initial refs to temporary watch */
978 audit_put_watch(watch);
979 audit_put_watch(watch);
980
981 audit_get_watch(w);
982 krule->watch = watch = w;
983 break;
984 }
985
986 if (!watch_found) {
987 get_inotify_watch(&parent->wdata);
988 watch->parent = parent;
989
990 list_add(&watch->wlist, &parent->watches);
991 }
992 list_add(&krule->rlist, &watch->rules);
993}
994
995/* Find a matching watch entry, or add this one.
996 * Caller must hold audit_filter_mutex. */
997static int audit_add_watch(struct audit_krule *krule, struct nameidata *ndp,
998 struct nameidata *ndw)
999{
1000 struct audit_watch *watch = krule->watch;
1001 struct inotify_watch *i_watch;
1002 struct audit_parent *parent;
1003 int ret = 0;
1004
1005 /* update watch filter fields */
1006 if (ndw) {
1007 watch->dev = ndw->dentry->d_inode->i_sb->s_dev;
1008 watch->ino = ndw->dentry->d_inode->i_ino;
1009 }
1010
1011 /* The audit_filter_mutex must not be held during inotify calls because
1012 * we hold it during inotify event callback processing. If an existing
1013 * inotify watch is found, inotify_find_watch() grabs a reference before
1014 * returning.
1015 */
1016 mutex_unlock(&audit_filter_mutex);
1017
1018 if (inotify_find_watch(audit_ih, ndp->dentry->d_inode, &i_watch) < 0) {
1019 parent = audit_init_parent(ndp);
1020 if (IS_ERR(parent)) {
1021 /* caller expects mutex locked */
1022 mutex_lock(&audit_filter_mutex);
1023 return PTR_ERR(parent);
1024 }
1025 } else
1026 parent = container_of(i_watch, struct audit_parent, wdata);
1027
1028 mutex_lock(&audit_filter_mutex);
1029
1030 /* parent was moved before we took audit_filter_mutex */
1031 if (parent->flags & AUDIT_PARENT_INVALID)
1032 ret = -ENOENT;
1033 else
1034 audit_add_to_parent(krule, parent);
1035
1036 /* match get in audit_init_parent or inotify_find_watch */
1037 put_inotify_watch(&parent->wdata);
1038 return ret;
1039}
1040
1041/* Add rule to given filterlist if not a duplicate. */
471static inline int audit_add_rule(struct audit_entry *entry, 1042static inline int audit_add_rule(struct audit_entry *entry,
472 struct list_head *list) 1043 struct list_head *list)
473{ 1044{
474 struct audit_entry *e; 1045 struct audit_entry *e;
1046 struct audit_field *inode_f = entry->rule.inode_f;
1047 struct audit_watch *watch = entry->rule.watch;
1048 struct nameidata *ndp, *ndw;
1049 int h, err, putnd_needed = 0;
1050
1051 if (inode_f) {
1052 h = audit_hash_ino(inode_f->val);
1053 list = &audit_inode_hash[h];
1054 }
475 1055
476 /* Do not use the _rcu iterator here, since this is the only 1056 mutex_lock(&audit_filter_mutex);
477 * addition routine. */ 1057 e = audit_find_rule(entry, list);
478 list_for_each_entry(e, list, list) { 1058 mutex_unlock(&audit_filter_mutex);
479 if (!audit_compare_rule(&entry->rule, &e->rule)) 1059 if (e) {
480 return -EEXIST; 1060 err = -EEXIST;
1061 goto error;
1062 }
1063
1064 /* Avoid calling path_lookup under audit_filter_mutex. */
1065 if (watch) {
1066 err = audit_get_nd(watch->path, &ndp, &ndw);
1067 if (err)
1068 goto error;
1069 putnd_needed = 1;
1070 }
1071
1072 mutex_lock(&audit_filter_mutex);
1073 if (watch) {
1074 /* audit_filter_mutex is dropped and re-taken during this call */
1075 err = audit_add_watch(&entry->rule, ndp, ndw);
1076 if (err) {
1077 mutex_unlock(&audit_filter_mutex);
1078 goto error;
1079 }
1080 h = audit_hash_ino((u32)watch->ino);
1081 list = &audit_inode_hash[h];
481 } 1082 }
482 1083
483 if (entry->rule.flags & AUDIT_FILTER_PREPEND) { 1084 if (entry->rule.flags & AUDIT_FILTER_PREPEND) {
484 list_add_rcu(&entry->list, list); 1085 list_add_rcu(&entry->list, list);
1086 entry->rule.flags &= ~AUDIT_FILTER_PREPEND;
485 } else { 1087 } else {
486 list_add_tail_rcu(&entry->list, list); 1088 list_add_tail_rcu(&entry->list, list);
487 } 1089 }
1090 mutex_unlock(&audit_filter_mutex);
488 1091
489 return 0; 1092 if (putnd_needed)
1093 audit_put_nd(ndp, ndw);
1094
1095 return 0;
1096
1097error:
1098 if (putnd_needed)
1099 audit_put_nd(ndp, ndw);
1100 if (watch)
1101 audit_put_watch(watch); /* tmp watch, matches initial get */
1102 return err;
490} 1103}
491 1104
492/* Remove an existing rule from filterlist. Protected by 1105/* Remove an existing rule from filterlist. */
493 * audit_netlink_mutex. */
494static inline int audit_del_rule(struct audit_entry *entry, 1106static inline int audit_del_rule(struct audit_entry *entry,
495 struct list_head *list) 1107 struct list_head *list)
496{ 1108{
497 struct audit_entry *e; 1109 struct audit_entry *e;
1110 struct audit_field *inode_f = entry->rule.inode_f;
1111 struct audit_watch *watch, *tmp_watch = entry->rule.watch;
1112 LIST_HEAD(inotify_list);
1113 int h, ret = 0;
1114
1115 if (inode_f) {
1116 h = audit_hash_ino(inode_f->val);
1117 list = &audit_inode_hash[h];
1118 }
498 1119
499 /* Do not use the _rcu iterator here, since this is the only 1120 mutex_lock(&audit_filter_mutex);
500 * deletion routine. */ 1121 e = audit_find_rule(entry, list);
501 list_for_each_entry(e, list, list) { 1122 if (!e) {
502 if (!audit_compare_rule(&entry->rule, &e->rule)) { 1123 mutex_unlock(&audit_filter_mutex);
503 list_del_rcu(&e->list); 1124 ret = -ENOENT;
504 call_rcu(&e->rcu, audit_free_rule_rcu); 1125 goto out;
505 return 0; 1126 }
1127
1128 watch = e->rule.watch;
1129 if (watch) {
1130 struct audit_parent *parent = watch->parent;
1131
1132 list_del(&e->rule.rlist);
1133
1134 if (list_empty(&watch->rules)) {
1135 audit_remove_watch(watch);
1136
1137 if (list_empty(&parent->watches)) {
1138 /* Put parent on the inotify un-registration
1139 * list. Grab a reference before releasing
1140 * audit_filter_mutex, to be released in
1141 * audit_inotify_unregister(). */
1142 list_add(&parent->ilist, &inotify_list);
1143 get_inotify_watch(&parent->wdata);
1144 }
506 } 1145 }
507 } 1146 }
508 return -ENOENT; /* No matching rule */ 1147
1148 list_del_rcu(&e->list);
1149 call_rcu(&e->rcu, audit_free_rule_rcu);
1150
1151 mutex_unlock(&audit_filter_mutex);
1152
1153 if (!list_empty(&inotify_list))
1154 audit_inotify_unregister(&inotify_list);
1155
1156out:
1157 if (tmp_watch)
1158 audit_put_watch(tmp_watch); /* match initial get */
1159
1160 return ret;
509} 1161}
510 1162
511/* List rules using struct audit_rule. Exists for backward 1163/* List rules using struct audit_rule. Exists for backward
512 * compatibility with userspace. */ 1164 * compatibility with userspace. */
513static int audit_list(void *_dest) 1165static void audit_list(int pid, int seq, struct sk_buff_head *q)
514{ 1166{
515 int pid, seq; 1167 struct sk_buff *skb;
516 int *dest = _dest;
517 struct audit_entry *entry; 1168 struct audit_entry *entry;
518 int i; 1169 int i;
519 1170
520 pid = dest[0]; 1171 /* This is a blocking read, so use audit_filter_mutex instead of rcu
521 seq = dest[1]; 1172 * iterator to sync with list writers. */
522 kfree(dest);
523
524 mutex_lock(&audit_netlink_mutex);
525
526 /* The *_rcu iterators not needed here because we are
527 always called with audit_netlink_mutex held. */
528 for (i=0; i<AUDIT_NR_FILTERS; i++) { 1173 for (i=0; i<AUDIT_NR_FILTERS; i++) {
529 list_for_each_entry(entry, &audit_filter_list[i], list) { 1174 list_for_each_entry(entry, &audit_filter_list[i], list) {
530 struct audit_rule *rule; 1175 struct audit_rule *rule;
@@ -532,33 +1177,41 @@ static int audit_list(void *_dest)
532 rule = audit_krule_to_rule(&entry->rule); 1177 rule = audit_krule_to_rule(&entry->rule);
533 if (unlikely(!rule)) 1178 if (unlikely(!rule))
534 break; 1179 break;
535 audit_send_reply(pid, seq, AUDIT_LIST, 0, 1, 1180 skb = audit_make_reply(pid, seq, AUDIT_LIST, 0, 1,
536 rule, sizeof(*rule)); 1181 rule, sizeof(*rule));
1182 if (skb)
1183 skb_queue_tail(q, skb);
537 kfree(rule); 1184 kfree(rule);
538 } 1185 }
539 } 1186 }
540 audit_send_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0); 1187 for (i = 0; i < AUDIT_INODE_BUCKETS; i++) {
541 1188 list_for_each_entry(entry, &audit_inode_hash[i], list) {
542 mutex_unlock(&audit_netlink_mutex); 1189 struct audit_rule *rule;
543 return 0; 1190
1191 rule = audit_krule_to_rule(&entry->rule);
1192 if (unlikely(!rule))
1193 break;
1194 skb = audit_make_reply(pid, seq, AUDIT_LIST, 0, 1,
1195 rule, sizeof(*rule));
1196 if (skb)
1197 skb_queue_tail(q, skb);
1198 kfree(rule);
1199 }
1200 }
1201 skb = audit_make_reply(pid, seq, AUDIT_LIST, 1, 1, NULL, 0);
1202 if (skb)
1203 skb_queue_tail(q, skb);
544} 1204}
545 1205
546/* List rules using struct audit_rule_data. */ 1206/* List rules using struct audit_rule_data. */
547static int audit_list_rules(void *_dest) 1207static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
548{ 1208{
549 int pid, seq; 1209 struct sk_buff *skb;
550 int *dest = _dest;
551 struct audit_entry *e; 1210 struct audit_entry *e;
552 int i; 1211 int i;
553 1212
554 pid = dest[0]; 1213 /* This is a blocking read, so use audit_filter_mutex instead of rcu
555 seq = dest[1]; 1214 * iterator to sync with list writers. */
556 kfree(dest);
557
558 mutex_lock(&audit_netlink_mutex);
559
560 /* The *_rcu iterators not needed here because we are
561 always called with audit_netlink_mutex held. */
562 for (i=0; i<AUDIT_NR_FILTERS; i++) { 1215 for (i=0; i<AUDIT_NR_FILTERS; i++) {
563 list_for_each_entry(e, &audit_filter_list[i], list) { 1216 list_for_each_entry(e, &audit_filter_list[i], list) {
564 struct audit_rule_data *data; 1217 struct audit_rule_data *data;
@@ -566,15 +1219,30 @@ static int audit_list_rules(void *_dest)
566 data = audit_krule_to_data(&e->rule); 1219 data = audit_krule_to_data(&e->rule);
567 if (unlikely(!data)) 1220 if (unlikely(!data))
568 break; 1221 break;
569 audit_send_reply(pid, seq, AUDIT_LIST_RULES, 0, 1, 1222 skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 0, 1,
570 data, sizeof(*data)); 1223 data, sizeof(*data) + data->buflen);
1224 if (skb)
1225 skb_queue_tail(q, skb);
571 kfree(data); 1226 kfree(data);
572 } 1227 }
573 } 1228 }
574 audit_send_reply(pid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0); 1229 for (i=0; i< AUDIT_INODE_BUCKETS; i++) {
1230 list_for_each_entry(e, &audit_inode_hash[i], list) {
1231 struct audit_rule_data *data;
575 1232
576 mutex_unlock(&audit_netlink_mutex); 1233 data = audit_krule_to_data(&e->rule);
577 return 0; 1234 if (unlikely(!data))
1235 break;
1236 skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 0, 1,
1237 data, sizeof(*data) + data->buflen);
1238 if (skb)
1239 skb_queue_tail(q, skb);
1240 kfree(data);
1241 }
1242 }
1243 skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 1, 1, NULL, 0);
1244 if (skb)
1245 skb_queue_tail(q, skb);
578} 1246}
579 1247
580/** 1248/**
@@ -592,7 +1260,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
592 size_t datasz, uid_t loginuid, u32 sid) 1260 size_t datasz, uid_t loginuid, u32 sid)
593{ 1261{
594 struct task_struct *tsk; 1262 struct task_struct *tsk;
595 int *dest; 1263 struct audit_netlink_list *dest;
596 int err = 0; 1264 int err = 0;
597 struct audit_entry *entry; 1265 struct audit_entry *entry;
598 1266
@@ -605,18 +1273,22 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
605 * happen if we're actually running in the context of auditctl 1273 * happen if we're actually running in the context of auditctl
606 * trying to _send_ the stuff */ 1274 * trying to _send_ the stuff */
607 1275
608 dest = kmalloc(2 * sizeof(int), GFP_KERNEL); 1276 dest = kmalloc(sizeof(struct audit_netlink_list), GFP_KERNEL);
609 if (!dest) 1277 if (!dest)
610 return -ENOMEM; 1278 return -ENOMEM;
611 dest[0] = pid; 1279 dest->pid = pid;
612 dest[1] = seq; 1280 skb_queue_head_init(&dest->q);
613 1281
1282 mutex_lock(&audit_filter_mutex);
614 if (type == AUDIT_LIST) 1283 if (type == AUDIT_LIST)
615 tsk = kthread_run(audit_list, dest, "audit_list"); 1284 audit_list(pid, seq, &dest->q);
616 else 1285 else
617 tsk = kthread_run(audit_list_rules, dest, 1286 audit_list_rules(pid, seq, &dest->q);
618 "audit_list_rules"); 1287 mutex_unlock(&audit_filter_mutex);
1288
1289 tsk = kthread_run(audit_send_list, dest, "audit_send_list");
619 if (IS_ERR(tsk)) { 1290 if (IS_ERR(tsk)) {
1291 skb_queue_purge(&dest->q);
620 kfree(dest); 1292 kfree(dest);
621 err = PTR_ERR(tsk); 1293 err = PTR_ERR(tsk);
622 } 1294 }
@@ -632,6 +1304,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
632 1304
633 err = audit_add_rule(entry, 1305 err = audit_add_rule(entry,
634 &audit_filter_list[entry->rule.listnr]); 1306 &audit_filter_list[entry->rule.listnr]);
1307
635 if (sid) { 1308 if (sid) {
636 char *ctx = NULL; 1309 char *ctx = NULL;
637 u32 len; 1310 u32 len;
@@ -712,7 +1385,43 @@ int audit_comparator(const u32 left, const u32 op, const u32 right)
712 return 0; 1385 return 0;
713} 1386}
714 1387
1388/* Compare given dentry name with last component in given path,
1389 * return of 0 indicates a match. */
1390int audit_compare_dname_path(const char *dname, const char *path,
1391 int *dirlen)
1392{
1393 int dlen, plen;
1394 const char *p;
715 1395
1396 if (!dname || !path)
1397 return 1;
1398
1399 dlen = strlen(dname);
1400 plen = strlen(path);
1401 if (plen < dlen)
1402 return 1;
1403
1404 /* disregard trailing slashes */
1405 p = path + plen - 1;
1406 while ((*p == '/') && (p > path))
1407 p--;
1408
1409 /* find last path component */
1410 p = p - dlen + 1;
1411 if (p < path)
1412 return 1;
1413 else if (p > path) {
1414 if (*--p != '/')
1415 return 1;
1416 else
1417 p++;
1418 }
1419
1420 /* return length of path's directory component */
1421 if (dirlen)
1422 *dirlen = p - path;
1423 return strncmp(p, dname, dlen);
1424}
716 1425
717static int audit_filter_user_rules(struct netlink_skb_parms *cb, 1426static int audit_filter_user_rules(struct netlink_skb_parms *cb,
718 struct audit_krule *rule, 1427 struct audit_krule *rule,
@@ -744,7 +1453,6 @@ static int audit_filter_user_rules(struct netlink_skb_parms *cb,
744 } 1453 }
745 switch (rule->action) { 1454 switch (rule->action) {
746 case AUDIT_NEVER: *state = AUDIT_DISABLED; break; 1455 case AUDIT_NEVER: *state = AUDIT_DISABLED; break;
747 case AUDIT_POSSIBLE: *state = AUDIT_BUILD_CONTEXT; break;
748 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break; 1456 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break;
749 } 1457 }
750 return 1; 1458 return 1;
@@ -826,32 +1534,65 @@ static inline int audit_rule_has_selinux(struct audit_krule *rule)
826int selinux_audit_rule_update(void) 1534int selinux_audit_rule_update(void)
827{ 1535{
828 struct audit_entry *entry, *n, *nentry; 1536 struct audit_entry *entry, *n, *nentry;
1537 struct audit_watch *watch;
829 int i, err = 0; 1538 int i, err = 0;
830 1539
831 /* audit_netlink_mutex synchronizes the writers */ 1540 /* audit_filter_mutex synchronizes the writers */
832 mutex_lock(&audit_netlink_mutex); 1541 mutex_lock(&audit_filter_mutex);
833 1542
834 for (i = 0; i < AUDIT_NR_FILTERS; i++) { 1543 for (i = 0; i < AUDIT_NR_FILTERS; i++) {
835 list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) { 1544 list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) {
836 if (!audit_rule_has_selinux(&entry->rule)) 1545 if (!audit_rule_has_selinux(&entry->rule))
837 continue; 1546 continue;
838 1547
839 nentry = audit_dupe_rule(&entry->rule); 1548 watch = entry->rule.watch;
1549 nentry = audit_dupe_rule(&entry->rule, watch);
840 if (unlikely(IS_ERR(nentry))) { 1550 if (unlikely(IS_ERR(nentry))) {
841 /* save the first error encountered for the 1551 /* save the first error encountered for the
842 * return value */ 1552 * return value */
843 if (!err) 1553 if (!err)
844 err = PTR_ERR(nentry); 1554 err = PTR_ERR(nentry);
845 audit_panic("error updating selinux filters"); 1555 audit_panic("error updating selinux filters");
1556 if (watch)
1557 list_del(&entry->rule.rlist);
846 list_del_rcu(&entry->list); 1558 list_del_rcu(&entry->list);
847 } else { 1559 } else {
1560 if (watch) {
1561 list_add(&nentry->rule.rlist,
1562 &watch->rules);
1563 list_del(&entry->rule.rlist);
1564 }
848 list_replace_rcu(&entry->list, &nentry->list); 1565 list_replace_rcu(&entry->list, &nentry->list);
849 } 1566 }
850 call_rcu(&entry->rcu, audit_free_rule_rcu); 1567 call_rcu(&entry->rcu, audit_free_rule_rcu);
851 } 1568 }
852 } 1569 }
853 1570
854 mutex_unlock(&audit_netlink_mutex); 1571 mutex_unlock(&audit_filter_mutex);
855 1572
856 return err; 1573 return err;
857} 1574}
1575
1576/* Update watch data in audit rules based on inotify events. */
1577void audit_handle_ievent(struct inotify_watch *i_watch, u32 wd, u32 mask,
1578 u32 cookie, const char *dname, struct inode *inode)
1579{
1580 struct audit_parent *parent;
1581
1582 parent = container_of(i_watch, struct audit_parent, wdata);
1583
1584 if (mask & (IN_CREATE|IN_MOVED_TO) && inode)
1585 audit_update_watch(parent, dname, inode->i_sb->s_dev,
1586 inode->i_ino, 0);
1587 else if (mask & (IN_DELETE|IN_MOVED_FROM))
1588 audit_update_watch(parent, dname, (dev_t)-1, (unsigned long)-1, 1);
1589 /* inotify automatically removes the watch and sends IN_IGNORED */
1590 else if (mask & (IN_DELETE_SELF|IN_UNMOUNT))
1591 audit_remove_parent_watches(parent);
1592 /* inotify does not remove the watch, so remove it manually */
1593 else if(mask & IN_MOVE_SELF) {
1594 audit_remove_parent_watches(parent);
1595 inotify_remove_watch_locked(audit_ih, i_watch);
1596 } else if (mask & IN_IGNORED)
1597 put_inotify_watch(i_watch);
1598}
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 1c03a4ed1b27..b097ccb4eb7e 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -3,7 +3,7 @@
3 * 3 *
4 * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina. 4 * Copyright 2003-2004 Red Hat Inc., Durham, North Carolina.
5 * Copyright 2005 Hewlett-Packard Development Company, L.P. 5 * Copyright 2005 Hewlett-Packard Development Company, L.P.
6 * Copyright (C) 2005 IBM Corporation 6 * Copyright (C) 2005, 2006 IBM Corporation
7 * All Rights Reserved. 7 * All Rights Reserved.
8 * 8 *
9 * This program is free software; you can redistribute it and/or modify 9 * This program is free software; you can redistribute it and/or modify
@@ -29,6 +29,9 @@
29 * this file -- see entry.S) is based on a GPL'd patch written by 29 * this file -- see entry.S) is based on a GPL'd patch written by
30 * okir@suse.de and Copyright 2003 SuSE Linux AG. 30 * okir@suse.de and Copyright 2003 SuSE Linux AG.
31 * 31 *
32 * POSIX message queue support added by George Wilson <ltcgcw@us.ibm.com>,
33 * 2006.
34 *
32 * The support of additional filter rules compares (>, <, >=, <=) was 35 * The support of additional filter rules compares (>, <, >=, <=) was
33 * added by Dustin Kirkland <dustin.kirkland@us.ibm.com>, 2005. 36 * added by Dustin Kirkland <dustin.kirkland@us.ibm.com>, 2005.
34 * 37 *
@@ -49,6 +52,7 @@
49#include <linux/module.h> 52#include <linux/module.h>
50#include <linux/mount.h> 53#include <linux/mount.h>
51#include <linux/socket.h> 54#include <linux/socket.h>
55#include <linux/mqueue.h>
52#include <linux/audit.h> 56#include <linux/audit.h>
53#include <linux/personality.h> 57#include <linux/personality.h>
54#include <linux/time.h> 58#include <linux/time.h>
@@ -59,6 +63,8 @@
59#include <linux/list.h> 63#include <linux/list.h>
60#include <linux/tty.h> 64#include <linux/tty.h>
61#include <linux/selinux.h> 65#include <linux/selinux.h>
66#include <linux/binfmts.h>
67#include <linux/syscalls.h>
62 68
63#include "audit.h" 69#include "audit.h"
64 70
@@ -76,6 +82,9 @@ extern int audit_enabled;
76 * path_lookup. */ 82 * path_lookup. */
77#define AUDIT_NAMES_RESERVED 7 83#define AUDIT_NAMES_RESERVED 7
78 84
85/* Indicates that audit should log the full pathname. */
86#define AUDIT_NAME_FULL -1
87
79/* When fs/namei.c:getname() is called, we store the pointer in name and 88/* When fs/namei.c:getname() is called, we store the pointer in name and
80 * we don't let putname() free it (instead we free all of the saved 89 * we don't let putname() free it (instead we free all of the saved
81 * pointers at syscall exit time). 90 * pointers at syscall exit time).
@@ -83,8 +92,9 @@ extern int audit_enabled;
83 * Further, in fs/namei.c:path_lookup() we store the inode and device. */ 92 * Further, in fs/namei.c:path_lookup() we store the inode and device. */
84struct audit_names { 93struct audit_names {
85 const char *name; 94 const char *name;
95 int name_len; /* number of name's characters to log */
96 unsigned name_put; /* call __putname() for this name */
86 unsigned long ino; 97 unsigned long ino;
87 unsigned long pino;
88 dev_t dev; 98 dev_t dev;
89 umode_t mode; 99 umode_t mode;
90 uid_t uid; 100 uid_t uid;
@@ -100,6 +110,33 @@ struct audit_aux_data {
100 110
101#define AUDIT_AUX_IPCPERM 0 111#define AUDIT_AUX_IPCPERM 0
102 112
113struct audit_aux_data_mq_open {
114 struct audit_aux_data d;
115 int oflag;
116 mode_t mode;
117 struct mq_attr attr;
118};
119
120struct audit_aux_data_mq_sendrecv {
121 struct audit_aux_data d;
122 mqd_t mqdes;
123 size_t msg_len;
124 unsigned int msg_prio;
125 struct timespec abs_timeout;
126};
127
128struct audit_aux_data_mq_notify {
129 struct audit_aux_data d;
130 mqd_t mqdes;
131 struct sigevent notification;
132};
133
134struct audit_aux_data_mq_getsetattr {
135 struct audit_aux_data d;
136 mqd_t mqdes;
137 struct mq_attr mqstat;
138};
139
103struct audit_aux_data_ipcctl { 140struct audit_aux_data_ipcctl {
104 struct audit_aux_data d; 141 struct audit_aux_data d;
105 struct ipc_perm p; 142 struct ipc_perm p;
@@ -110,6 +147,13 @@ struct audit_aux_data_ipcctl {
110 u32 osid; 147 u32 osid;
111}; 148};
112 149
150struct audit_aux_data_execve {
151 struct audit_aux_data d;
152 int argc;
153 int envc;
154 char mem[0];
155};
156
113struct audit_aux_data_socketcall { 157struct audit_aux_data_socketcall {
114 struct audit_aux_data d; 158 struct audit_aux_data d;
115 int nargs; 159 int nargs;
@@ -148,7 +192,7 @@ struct audit_context {
148 struct audit_aux_data *aux; 192 struct audit_aux_data *aux;
149 193
150 /* Save things to print about task_struct */ 194 /* Save things to print about task_struct */
151 pid_t pid; 195 pid_t pid, ppid;
152 uid_t uid, euid, suid, fsuid; 196 uid_t uid, euid, suid, fsuid;
153 gid_t gid, egid, sgid, fsgid; 197 gid_t gid, egid, sgid, fsgid;
154 unsigned long personality; 198 unsigned long personality;
@@ -160,12 +204,13 @@ struct audit_context {
160#endif 204#endif
161}; 205};
162 206
163 207/* Determine if any context name data matches a rule's watch data */
164/* Compare a task_struct with an audit_rule. Return 1 on match, 0 208/* Compare a task_struct with an audit_rule. Return 1 on match, 0
165 * otherwise. */ 209 * otherwise. */
166static int audit_filter_rules(struct task_struct *tsk, 210static int audit_filter_rules(struct task_struct *tsk,
167 struct audit_krule *rule, 211 struct audit_krule *rule,
168 struct audit_context *ctx, 212 struct audit_context *ctx,
213 struct audit_names *name,
169 enum audit_state *state) 214 enum audit_state *state)
170{ 215{
171 int i, j, need_sid = 1; 216 int i, j, need_sid = 1;
@@ -179,6 +224,10 @@ static int audit_filter_rules(struct task_struct *tsk,
179 case AUDIT_PID: 224 case AUDIT_PID:
180 result = audit_comparator(tsk->pid, f->op, f->val); 225 result = audit_comparator(tsk->pid, f->op, f->val);
181 break; 226 break;
227 case AUDIT_PPID:
228 if (ctx)
229 result = audit_comparator(ctx->ppid, f->op, f->val);
230 break;
182 case AUDIT_UID: 231 case AUDIT_UID:
183 result = audit_comparator(tsk->uid, f->op, f->val); 232 result = audit_comparator(tsk->uid, f->op, f->val);
184 break; 233 break;
@@ -224,7 +273,10 @@ static int audit_filter_rules(struct task_struct *tsk,
224 } 273 }
225 break; 274 break;
226 case AUDIT_DEVMAJOR: 275 case AUDIT_DEVMAJOR:
227 if (ctx) { 276 if (name)
277 result = audit_comparator(MAJOR(name->dev),
278 f->op, f->val);
279 else if (ctx) {
228 for (j = 0; j < ctx->name_count; j++) { 280 for (j = 0; j < ctx->name_count; j++) {
229 if (audit_comparator(MAJOR(ctx->names[j].dev), f->op, f->val)) { 281 if (audit_comparator(MAJOR(ctx->names[j].dev), f->op, f->val)) {
230 ++result; 282 ++result;
@@ -234,7 +286,10 @@ static int audit_filter_rules(struct task_struct *tsk,
234 } 286 }
235 break; 287 break;
236 case AUDIT_DEVMINOR: 288 case AUDIT_DEVMINOR:
237 if (ctx) { 289 if (name)
290 result = audit_comparator(MINOR(name->dev),
291 f->op, f->val);
292 else if (ctx) {
238 for (j = 0; j < ctx->name_count; j++) { 293 for (j = 0; j < ctx->name_count; j++) {
239 if (audit_comparator(MINOR(ctx->names[j].dev), f->op, f->val)) { 294 if (audit_comparator(MINOR(ctx->names[j].dev), f->op, f->val)) {
240 ++result; 295 ++result;
@@ -244,16 +299,22 @@ static int audit_filter_rules(struct task_struct *tsk,
244 } 299 }
245 break; 300 break;
246 case AUDIT_INODE: 301 case AUDIT_INODE:
247 if (ctx) { 302 if (name)
303 result = (name->ino == f->val);
304 else if (ctx) {
248 for (j = 0; j < ctx->name_count; j++) { 305 for (j = 0; j < ctx->name_count; j++) {
249 if (audit_comparator(ctx->names[j].ino, f->op, f->val) || 306 if (audit_comparator(ctx->names[j].ino, f->op, f->val)) {
250 audit_comparator(ctx->names[j].pino, f->op, f->val)) {
251 ++result; 307 ++result;
252 break; 308 break;
253 } 309 }
254 } 310 }
255 } 311 }
256 break; 312 break;
313 case AUDIT_WATCH:
314 if (name && rule->watch->ino != (unsigned long)-1)
315 result = (name->dev == rule->watch->dev &&
316 name->ino == rule->watch->ino);
317 break;
257 case AUDIT_LOGINUID: 318 case AUDIT_LOGINUID:
258 result = 0; 319 result = 0;
259 if (ctx) 320 if (ctx)
@@ -294,7 +355,6 @@ static int audit_filter_rules(struct task_struct *tsk,
294 } 355 }
295 switch (rule->action) { 356 switch (rule->action) {
296 case AUDIT_NEVER: *state = AUDIT_DISABLED; break; 357 case AUDIT_NEVER: *state = AUDIT_DISABLED; break;
297 case AUDIT_POSSIBLE: *state = AUDIT_BUILD_CONTEXT; break;
298 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break; 358 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break;
299 } 359 }
300 return 1; 360 return 1;
@@ -311,7 +371,7 @@ static enum audit_state audit_filter_task(struct task_struct *tsk)
311 371
312 rcu_read_lock(); 372 rcu_read_lock();
313 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) { 373 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) {
314 if (audit_filter_rules(tsk, &e->rule, NULL, &state)) { 374 if (audit_filter_rules(tsk, &e->rule, NULL, NULL, &state)) {
315 rcu_read_unlock(); 375 rcu_read_unlock();
316 return state; 376 return state;
317 } 377 }
@@ -341,8 +401,47 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
341 int bit = AUDIT_BIT(ctx->major); 401 int bit = AUDIT_BIT(ctx->major);
342 402
343 list_for_each_entry_rcu(e, list, list) { 403 list_for_each_entry_rcu(e, list, list) {
344 if ((e->rule.mask[word] & bit) == bit 404 if ((e->rule.mask[word] & bit) == bit &&
345 && audit_filter_rules(tsk, &e->rule, ctx, &state)) { 405 audit_filter_rules(tsk, &e->rule, ctx, NULL,
406 &state)) {
407 rcu_read_unlock();
408 return state;
409 }
410 }
411 }
412 rcu_read_unlock();
413 return AUDIT_BUILD_CONTEXT;
414}
415
416/* At syscall exit time, this filter is called if any audit_names[] have been
417 * collected during syscall processing. We only check rules in sublists at hash
418 * buckets applicable to the inode numbers in audit_names[].
419 * Regarding audit_state, same rules apply as for audit_filter_syscall().
420 */
421enum audit_state audit_filter_inodes(struct task_struct *tsk,
422 struct audit_context *ctx)
423{
424 int i;
425 struct audit_entry *e;
426 enum audit_state state;
427
428 if (audit_pid && tsk->tgid == audit_pid)
429 return AUDIT_DISABLED;
430
431 rcu_read_lock();
432 for (i = 0; i < ctx->name_count; i++) {
433 int word = AUDIT_WORD(ctx->major);
434 int bit = AUDIT_BIT(ctx->major);
435 struct audit_names *n = &ctx->names[i];
436 int h = audit_hash_ino((u32)n->ino);
437 struct list_head *list = &audit_inode_hash[h];
438
439 if (list_empty(list))
440 continue;
441
442 list_for_each_entry_rcu(e, list, list) {
443 if ((e->rule.mask[word] & bit) == bit &&
444 audit_filter_rules(tsk, &e->rule, ctx, n, &state)) {
346 rcu_read_unlock(); 445 rcu_read_unlock();
347 return state; 446 return state;
348 } 447 }
@@ -352,6 +451,11 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
352 return AUDIT_BUILD_CONTEXT; 451 return AUDIT_BUILD_CONTEXT;
353} 452}
354 453
454void audit_set_auditable(struct audit_context *ctx)
455{
456 ctx->auditable = 1;
457}
458
355static inline struct audit_context *audit_get_context(struct task_struct *tsk, 459static inline struct audit_context *audit_get_context(struct task_struct *tsk,
356 int return_valid, 460 int return_valid,
357 int return_code) 461 int return_code)
@@ -365,12 +469,22 @@ static inline struct audit_context *audit_get_context(struct task_struct *tsk,
365 469
366 if (context->in_syscall && !context->auditable) { 470 if (context->in_syscall && !context->auditable) {
367 enum audit_state state; 471 enum audit_state state;
472
368 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]); 473 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
474 if (state == AUDIT_RECORD_CONTEXT) {
475 context->auditable = 1;
476 goto get_context;
477 }
478
479 state = audit_filter_inodes(tsk, context);
369 if (state == AUDIT_RECORD_CONTEXT) 480 if (state == AUDIT_RECORD_CONTEXT)
370 context->auditable = 1; 481 context->auditable = 1;
482
371 } 483 }
372 484
485get_context:
373 context->pid = tsk->pid; 486 context->pid = tsk->pid;
487 context->ppid = sys_getppid(); /* sic. tsk == current in all cases */
374 context->uid = tsk->uid; 488 context->uid = tsk->uid;
375 context->gid = tsk->gid; 489 context->gid = tsk->gid;
376 context->euid = tsk->euid; 490 context->euid = tsk->euid;
@@ -413,7 +527,7 @@ static inline void audit_free_names(struct audit_context *context)
413#endif 527#endif
414 528
415 for (i = 0; i < context->name_count; i++) { 529 for (i = 0; i < context->name_count; i++) {
416 if (context->names[i].name) 530 if (context->names[i].name && context->names[i].name_put)
417 __putname(context->names[i].name); 531 __putname(context->names[i].name);
418 } 532 }
419 context->name_count = 0; 533 context->name_count = 0;
@@ -606,7 +720,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
606 tty = "(none)"; 720 tty = "(none)";
607 audit_log_format(ab, 721 audit_log_format(ab,
608 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d" 722 " a0=%lx a1=%lx a2=%lx a3=%lx items=%d"
609 " pid=%d auid=%u uid=%u gid=%u" 723 " ppid=%d pid=%d auid=%u uid=%u gid=%u"
610 " euid=%u suid=%u fsuid=%u" 724 " euid=%u suid=%u fsuid=%u"
611 " egid=%u sgid=%u fsgid=%u tty=%s", 725 " egid=%u sgid=%u fsgid=%u tty=%s",
612 context->argv[0], 726 context->argv[0],
@@ -614,6 +728,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
614 context->argv[2], 728 context->argv[2],
615 context->argv[3], 729 context->argv[3],
616 context->name_count, 730 context->name_count,
731 context->ppid,
617 context->pid, 732 context->pid,
618 context->loginuid, 733 context->loginuid,
619 context->uid, 734 context->uid,
@@ -630,11 +745,48 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
630 continue; /* audit_panic has been called */ 745 continue; /* audit_panic has been called */
631 746
632 switch (aux->type) { 747 switch (aux->type) {
748 case AUDIT_MQ_OPEN: {
749 struct audit_aux_data_mq_open *axi = (void *)aux;
750 audit_log_format(ab,
751 "oflag=0x%x mode=%#o mq_flags=0x%lx mq_maxmsg=%ld "
752 "mq_msgsize=%ld mq_curmsgs=%ld",
753 axi->oflag, axi->mode, axi->attr.mq_flags,
754 axi->attr.mq_maxmsg, axi->attr.mq_msgsize,
755 axi->attr.mq_curmsgs);
756 break; }
757
758 case AUDIT_MQ_SENDRECV: {
759 struct audit_aux_data_mq_sendrecv *axi = (void *)aux;
760 audit_log_format(ab,
761 "mqdes=%d msg_len=%zd msg_prio=%u "
762 "abs_timeout_sec=%ld abs_timeout_nsec=%ld",
763 axi->mqdes, axi->msg_len, axi->msg_prio,
764 axi->abs_timeout.tv_sec, axi->abs_timeout.tv_nsec);
765 break; }
766
767 case AUDIT_MQ_NOTIFY: {
768 struct audit_aux_data_mq_notify *axi = (void *)aux;
769 audit_log_format(ab,
770 "mqdes=%d sigev_signo=%d",
771 axi->mqdes,
772 axi->notification.sigev_signo);
773 break; }
774
775 case AUDIT_MQ_GETSETATTR: {
776 struct audit_aux_data_mq_getsetattr *axi = (void *)aux;
777 audit_log_format(ab,
778 "mqdes=%d mq_flags=0x%lx mq_maxmsg=%ld mq_msgsize=%ld "
779 "mq_curmsgs=%ld ",
780 axi->mqdes,
781 axi->mqstat.mq_flags, axi->mqstat.mq_maxmsg,
782 axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
783 break; }
784
633 case AUDIT_IPC: { 785 case AUDIT_IPC: {
634 struct audit_aux_data_ipcctl *axi = (void *)aux; 786 struct audit_aux_data_ipcctl *axi = (void *)aux;
635 audit_log_format(ab, 787 audit_log_format(ab,
636 " qbytes=%lx iuid=%u igid=%u mode=%x", 788 "ouid=%u ogid=%u mode=%x",
637 axi->qbytes, axi->uid, axi->gid, axi->mode); 789 axi->uid, axi->gid, axi->mode);
638 if (axi->osid != 0) { 790 if (axi->osid != 0) {
639 char *ctx = NULL; 791 char *ctx = NULL;
640 u32 len; 792 u32 len;
@@ -652,19 +804,18 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
652 case AUDIT_IPC_SET_PERM: { 804 case AUDIT_IPC_SET_PERM: {
653 struct audit_aux_data_ipcctl *axi = (void *)aux; 805 struct audit_aux_data_ipcctl *axi = (void *)aux;
654 audit_log_format(ab, 806 audit_log_format(ab,
655 " new qbytes=%lx new iuid=%u new igid=%u new mode=%x", 807 "qbytes=%lx ouid=%u ogid=%u mode=%x",
656 axi->qbytes, axi->uid, axi->gid, axi->mode); 808 axi->qbytes, axi->uid, axi->gid, axi->mode);
657 if (axi->osid != 0) { 809 break; }
658 char *ctx = NULL; 810
659 u32 len; 811 case AUDIT_EXECVE: {
660 if (selinux_ctxid_to_string( 812 struct audit_aux_data_execve *axi = (void *)aux;
661 axi->osid, &ctx, &len)) { 813 int i;
662 audit_log_format(ab, " osid=%u", 814 const char *p;
663 axi->osid); 815 for (i = 0, p = axi->mem; i < axi->argc; i++) {
664 call_panic = 1; 816 audit_log_format(ab, "a%d=", i);
665 } else 817 p = audit_log_untrustedstring(ab, p);
666 audit_log_format(ab, " obj=%s", ctx); 818 audit_log_format(ab, "\n");
667 kfree(ctx);
668 } 819 }
669 break; } 820 break; }
670 821
@@ -700,8 +851,7 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
700 } 851 }
701 } 852 }
702 for (i = 0; i < context->name_count; i++) { 853 for (i = 0; i < context->name_count; i++) {
703 unsigned long ino = context->names[i].ino; 854 struct audit_names *n = &context->names[i];
704 unsigned long pino = context->names[i].pino;
705 855
706 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH); 856 ab = audit_log_start(context, GFP_KERNEL, AUDIT_PATH);
707 if (!ab) 857 if (!ab)
@@ -709,33 +859,47 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
709 859
710 audit_log_format(ab, "item=%d", i); 860 audit_log_format(ab, "item=%d", i);
711 861
712 audit_log_format(ab, " name="); 862 if (n->name) {
713 if (context->names[i].name) 863 switch(n->name_len) {
714 audit_log_untrustedstring(ab, context->names[i].name); 864 case AUDIT_NAME_FULL:
715 else 865 /* log the full path */
716 audit_log_format(ab, "(null)"); 866 audit_log_format(ab, " name=");
717 867 audit_log_untrustedstring(ab, n->name);
718 if (pino != (unsigned long)-1) 868 break;
719 audit_log_format(ab, " parent=%lu", pino); 869 case 0:
720 if (ino != (unsigned long)-1) 870 /* name was specified as a relative path and the
721 audit_log_format(ab, " inode=%lu", ino); 871 * directory component is the cwd */
722 if ((pino != (unsigned long)-1) || (ino != (unsigned long)-1)) 872 audit_log_d_path(ab, " name=", context->pwd,
723 audit_log_format(ab, " dev=%02x:%02x mode=%#o" 873 context->pwdmnt);
724 " ouid=%u ogid=%u rdev=%02x:%02x", 874 break;
725 MAJOR(context->names[i].dev), 875 default:
726 MINOR(context->names[i].dev), 876 /* log the name's directory component */
727 context->names[i].mode, 877 audit_log_format(ab, " name=");
728 context->names[i].uid, 878 audit_log_n_untrustedstring(ab, n->name_len,
729 context->names[i].gid, 879 n->name);
730 MAJOR(context->names[i].rdev), 880 }
731 MINOR(context->names[i].rdev)); 881 } else
732 if (context->names[i].osid != 0) { 882 audit_log_format(ab, " name=(null)");
883
884 if (n->ino != (unsigned long)-1) {
885 audit_log_format(ab, " inode=%lu"
886 " dev=%02x:%02x mode=%#o"
887 " ouid=%u ogid=%u rdev=%02x:%02x",
888 n->ino,
889 MAJOR(n->dev),
890 MINOR(n->dev),
891 n->mode,
892 n->uid,
893 n->gid,
894 MAJOR(n->rdev),
895 MINOR(n->rdev));
896 }
897 if (n->osid != 0) {
733 char *ctx = NULL; 898 char *ctx = NULL;
734 u32 len; 899 u32 len;
735 if (selinux_ctxid_to_string( 900 if (selinux_ctxid_to_string(
736 context->names[i].osid, &ctx, &len)) { 901 n->osid, &ctx, &len)) {
737 audit_log_format(ab, " osid=%u", 902 audit_log_format(ab, " osid=%u", n->osid);
738 context->names[i].osid);
739 call_panic = 2; 903 call_panic = 2;
740 } else 904 } else
741 audit_log_format(ab, " obj=%s", ctx); 905 audit_log_format(ab, " obj=%s", ctx);
@@ -908,11 +1072,11 @@ void audit_syscall_exit(int valid, long return_code)
908 * Add a name to the list of audit names for this context. 1072 * Add a name to the list of audit names for this context.
909 * Called from fs/namei.c:getname(). 1073 * Called from fs/namei.c:getname().
910 */ 1074 */
911void audit_getname(const char *name) 1075void __audit_getname(const char *name)
912{ 1076{
913 struct audit_context *context = current->audit_context; 1077 struct audit_context *context = current->audit_context;
914 1078
915 if (!context || IS_ERR(name) || !name) 1079 if (IS_ERR(name) || !name)
916 return; 1080 return;
917 1081
918 if (!context->in_syscall) { 1082 if (!context->in_syscall) {
@@ -925,6 +1089,8 @@ void audit_getname(const char *name)
925 } 1089 }
926 BUG_ON(context->name_count >= AUDIT_NAMES); 1090 BUG_ON(context->name_count >= AUDIT_NAMES);
927 context->names[context->name_count].name = name; 1091 context->names[context->name_count].name = name;
1092 context->names[context->name_count].name_len = AUDIT_NAME_FULL;
1093 context->names[context->name_count].name_put = 1;
928 context->names[context->name_count].ino = (unsigned long)-1; 1094 context->names[context->name_count].ino = (unsigned long)-1;
929 ++context->name_count; 1095 ++context->name_count;
930 if (!context->pwd) { 1096 if (!context->pwd) {
@@ -991,11 +1157,10 @@ static void audit_inode_context(int idx, const struct inode *inode)
991 * audit_inode - store the inode and device from a lookup 1157 * audit_inode - store the inode and device from a lookup
992 * @name: name being audited 1158 * @name: name being audited
993 * @inode: inode being audited 1159 * @inode: inode being audited
994 * @flags: lookup flags (as used in path_lookup())
995 * 1160 *
996 * Called from fs/namei.c:path_lookup(). 1161 * Called from fs/namei.c:path_lookup().
997 */ 1162 */
998void __audit_inode(const char *name, const struct inode *inode, unsigned flags) 1163void __audit_inode(const char *name, const struct inode *inode)
999{ 1164{
1000 int idx; 1165 int idx;
1001 struct audit_context *context = current->audit_context; 1166 struct audit_context *context = current->audit_context;
@@ -1021,20 +1186,13 @@ void __audit_inode(const char *name, const struct inode *inode, unsigned flags)
1021 ++context->ino_count; 1186 ++context->ino_count;
1022#endif 1187#endif
1023 } 1188 }
1189 context->names[idx].ino = inode->i_ino;
1024 context->names[idx].dev = inode->i_sb->s_dev; 1190 context->names[idx].dev = inode->i_sb->s_dev;
1025 context->names[idx].mode = inode->i_mode; 1191 context->names[idx].mode = inode->i_mode;
1026 context->names[idx].uid = inode->i_uid; 1192 context->names[idx].uid = inode->i_uid;
1027 context->names[idx].gid = inode->i_gid; 1193 context->names[idx].gid = inode->i_gid;
1028 context->names[idx].rdev = inode->i_rdev; 1194 context->names[idx].rdev = inode->i_rdev;
1029 audit_inode_context(idx, inode); 1195 audit_inode_context(idx, inode);
1030 if ((flags & LOOKUP_PARENT) && (strcmp(name, "/") != 0) &&
1031 (strcmp(name, ".") != 0)) {
1032 context->names[idx].ino = (unsigned long)-1;
1033 context->names[idx].pino = inode->i_ino;
1034 } else {
1035 context->names[idx].ino = inode->i_ino;
1036 context->names[idx].pino = (unsigned long)-1;
1037 }
1038} 1196}
1039 1197
1040/** 1198/**
@@ -1056,51 +1214,40 @@ void __audit_inode_child(const char *dname, const struct inode *inode,
1056{ 1214{
1057 int idx; 1215 int idx;
1058 struct audit_context *context = current->audit_context; 1216 struct audit_context *context = current->audit_context;
1217 const char *found_name = NULL;
1218 int dirlen = 0;
1059 1219
1060 if (!context->in_syscall) 1220 if (!context->in_syscall)
1061 return; 1221 return;
1062 1222
1063 /* determine matching parent */ 1223 /* determine matching parent */
1064 if (dname) 1224 if (!dname)
1065 for (idx = 0; idx < context->name_count; idx++) 1225 goto update_context;
1066 if (context->names[idx].pino == pino) { 1226 for (idx = 0; idx < context->name_count; idx++)
1067 const char *n; 1227 if (context->names[idx].ino == pino) {
1068 const char *name = context->names[idx].name; 1228 const char *name = context->names[idx].name;
1069 int dlen = strlen(dname); 1229
1070 int nlen = name ? strlen(name) : 0; 1230 if (!name)
1071 1231 continue;
1072 if (nlen < dlen) 1232
1073 continue; 1233 if (audit_compare_dname_path(dname, name, &dirlen) == 0) {
1074 1234 context->names[idx].name_len = dirlen;
1075 /* disregard trailing slashes */ 1235 found_name = name;
1076 n = name + nlen - 1; 1236 break;
1077 while ((*n == '/') && (n > name))
1078 n--;
1079
1080 /* find last path component */
1081 n = n - dlen + 1;
1082 if (n < name)
1083 continue;
1084 else if (n > name) {
1085 if (*--n != '/')
1086 continue;
1087 else
1088 n++;
1089 }
1090
1091 if (strncmp(n, dname, dlen) == 0)
1092 goto update_context;
1093 } 1237 }
1238 }
1094 1239
1095 /* catch-all in case match not found */ 1240update_context:
1096 idx = context->name_count++; 1241 idx = context->name_count++;
1097 context->names[idx].name = NULL;
1098 context->names[idx].pino = pino;
1099#if AUDIT_DEBUG 1242#if AUDIT_DEBUG
1100 context->ino_count++; 1243 context->ino_count++;
1101#endif 1244#endif
1245 /* Re-use the name belonging to the slot for a matching parent directory.
1246 * All names for this context are relinquished in audit_free_names() */
1247 context->names[idx].name = found_name;
1248 context->names[idx].name_len = AUDIT_NAME_FULL;
1249 context->names[idx].name_put = 0; /* don't call __putname() */
1102 1250
1103update_context:
1104 if (inode) { 1251 if (inode) {
1105 context->names[idx].ino = inode->i_ino; 1252 context->names[idx].ino = inode->i_ino;
1106 context->names[idx].dev = inode->i_sb->s_dev; 1253 context->names[idx].dev = inode->i_sb->s_dev;
@@ -1109,7 +1256,8 @@ update_context:
1109 context->names[idx].gid = inode->i_gid; 1256 context->names[idx].gid = inode->i_gid;
1110 context->names[idx].rdev = inode->i_rdev; 1257 context->names[idx].rdev = inode->i_rdev;
1111 audit_inode_context(idx, inode); 1258 audit_inode_context(idx, inode);
1112 } 1259 } else
1260 context->names[idx].ino = (unsigned long)-1;
1113} 1261}
1114 1262
1115/** 1263/**
@@ -1142,18 +1290,23 @@ void auditsc_get_stamp(struct audit_context *ctx,
1142 */ 1290 */
1143int audit_set_loginuid(struct task_struct *task, uid_t loginuid) 1291int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
1144{ 1292{
1145 if (task->audit_context) { 1293 struct audit_context *context = task->audit_context;
1146 struct audit_buffer *ab; 1294
1147 1295 if (context) {
1148 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN); 1296 /* Only log if audit is enabled */
1149 if (ab) { 1297 if (context->in_syscall) {
1150 audit_log_format(ab, "login pid=%d uid=%u " 1298 struct audit_buffer *ab;
1151 "old auid=%u new auid=%u", 1299
1152 task->pid, task->uid, 1300 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_LOGIN);
1153 task->audit_context->loginuid, loginuid); 1301 if (ab) {
1154 audit_log_end(ab); 1302 audit_log_format(ab, "login pid=%d uid=%u "
1303 "old auid=%u new auid=%u",
1304 task->pid, task->uid,
1305 context->loginuid, loginuid);
1306 audit_log_end(ab);
1307 }
1155 } 1308 }
1156 task->audit_context->loginuid = loginuid; 1309 context->loginuid = loginuid;
1157 } 1310 }
1158 return 0; 1311 return 0;
1159} 1312}
@@ -1170,16 +1323,193 @@ uid_t audit_get_loginuid(struct audit_context *ctx)
1170} 1323}
1171 1324
1172/** 1325/**
1173 * audit_ipc_obj - record audit data for ipc object 1326 * __audit_mq_open - record audit data for a POSIX MQ open
1174 * @ipcp: ipc permissions 1327 * @oflag: open flag
1328 * @mode: mode bits
1329 * @u_attr: queue attributes
1175 * 1330 *
1176 * Returns 0 for success or NULL context or < 0 on error. 1331 * Returns 0 for success or NULL context or < 0 on error.
1177 */ 1332 */
1178int audit_ipc_obj(struct kern_ipc_perm *ipcp) 1333int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
1179{ 1334{
1180 struct audit_aux_data_ipcctl *ax; 1335 struct audit_aux_data_mq_open *ax;
1336 struct audit_context *context = current->audit_context;
1337
1338 if (!audit_enabled)
1339 return 0;
1340
1341 if (likely(!context))
1342 return 0;
1343
1344 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1345 if (!ax)
1346 return -ENOMEM;
1347
1348 if (u_attr != NULL) {
1349 if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr))) {
1350 kfree(ax);
1351 return -EFAULT;
1352 }
1353 } else
1354 memset(&ax->attr, 0, sizeof(ax->attr));
1355
1356 ax->oflag = oflag;
1357 ax->mode = mode;
1358
1359 ax->d.type = AUDIT_MQ_OPEN;
1360 ax->d.next = context->aux;
1361 context->aux = (void *)ax;
1362 return 0;
1363}
1364
1365/**
1366 * __audit_mq_timedsend - record audit data for a POSIX MQ timed send
1367 * @mqdes: MQ descriptor
1368 * @msg_len: Message length
1369 * @msg_prio: Message priority
1370 * @abs_timeout: Message timeout in absolute time
1371 *
1372 * Returns 0 for success or NULL context or < 0 on error.
1373 */
1374int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
1375 const struct timespec __user *u_abs_timeout)
1376{
1377 struct audit_aux_data_mq_sendrecv *ax;
1378 struct audit_context *context = current->audit_context;
1379
1380 if (!audit_enabled)
1381 return 0;
1382
1383 if (likely(!context))
1384 return 0;
1385
1386 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1387 if (!ax)
1388 return -ENOMEM;
1389
1390 if (u_abs_timeout != NULL) {
1391 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) {
1392 kfree(ax);
1393 return -EFAULT;
1394 }
1395 } else
1396 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
1397
1398 ax->mqdes = mqdes;
1399 ax->msg_len = msg_len;
1400 ax->msg_prio = msg_prio;
1401
1402 ax->d.type = AUDIT_MQ_SENDRECV;
1403 ax->d.next = context->aux;
1404 context->aux = (void *)ax;
1405 return 0;
1406}
1407
1408/**
1409 * __audit_mq_timedreceive - record audit data for a POSIX MQ timed receive
1410 * @mqdes: MQ descriptor
1411 * @msg_len: Message length
1412 * @msg_prio: Message priority
1413 * @abs_timeout: Message timeout in absolute time
1414 *
1415 * Returns 0 for success or NULL context or < 0 on error.
1416 */
1417int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len,
1418 unsigned int __user *u_msg_prio,
1419 const struct timespec __user *u_abs_timeout)
1420{
1421 struct audit_aux_data_mq_sendrecv *ax;
1422 struct audit_context *context = current->audit_context;
1423
1424 if (!audit_enabled)
1425 return 0;
1426
1427 if (likely(!context))
1428 return 0;
1429
1430 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1431 if (!ax)
1432 return -ENOMEM;
1433
1434 if (u_msg_prio != NULL) {
1435 if (get_user(ax->msg_prio, u_msg_prio)) {
1436 kfree(ax);
1437 return -EFAULT;
1438 }
1439 } else
1440 ax->msg_prio = 0;
1441
1442 if (u_abs_timeout != NULL) {
1443 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) {
1444 kfree(ax);
1445 return -EFAULT;
1446 }
1447 } else
1448 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
1449
1450 ax->mqdes = mqdes;
1451 ax->msg_len = msg_len;
1452
1453 ax->d.type = AUDIT_MQ_SENDRECV;
1454 ax->d.next = context->aux;
1455 context->aux = (void *)ax;
1456 return 0;
1457}
1458
1459/**
1460 * __audit_mq_notify - record audit data for a POSIX MQ notify
1461 * @mqdes: MQ descriptor
1462 * @u_notification: Notification event
1463 *
1464 * Returns 0 for success or NULL context or < 0 on error.
1465 */
1466
1467int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
1468{
1469 struct audit_aux_data_mq_notify *ax;
1470 struct audit_context *context = current->audit_context;
1471
1472 if (!audit_enabled)
1473 return 0;
1474
1475 if (likely(!context))
1476 return 0;
1477
1478 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1479 if (!ax)
1480 return -ENOMEM;
1481
1482 if (u_notification != NULL) {
1483 if (copy_from_user(&ax->notification, u_notification, sizeof(ax->notification))) {
1484 kfree(ax);
1485 return -EFAULT;
1486 }
1487 } else
1488 memset(&ax->notification, 0, sizeof(ax->notification));
1489
1490 ax->mqdes = mqdes;
1491
1492 ax->d.type = AUDIT_MQ_NOTIFY;
1493 ax->d.next = context->aux;
1494 context->aux = (void *)ax;
1495 return 0;
1496}
1497
1498/**
1499 * __audit_mq_getsetattr - record audit data for a POSIX MQ get/set attribute
1500 * @mqdes: MQ descriptor
1501 * @mqstat: MQ flags
1502 *
1503 * Returns 0 for success or NULL context or < 0 on error.
1504 */
1505int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
1506{
1507 struct audit_aux_data_mq_getsetattr *ax;
1181 struct audit_context *context = current->audit_context; 1508 struct audit_context *context = current->audit_context;
1182 1509
1510 if (!audit_enabled)
1511 return 0;
1512
1183 if (likely(!context)) 1513 if (likely(!context))
1184 return 0; 1514 return 0;
1185 1515
@@ -1187,6 +1517,30 @@ int audit_ipc_obj(struct kern_ipc_perm *ipcp)
1187 if (!ax) 1517 if (!ax)
1188 return -ENOMEM; 1518 return -ENOMEM;
1189 1519
1520 ax->mqdes = mqdes;
1521 ax->mqstat = *mqstat;
1522
1523 ax->d.type = AUDIT_MQ_GETSETATTR;
1524 ax->d.next = context->aux;
1525 context->aux = (void *)ax;
1526 return 0;
1527}
1528
1529/**
1530 * audit_ipc_obj - record audit data for ipc object
1531 * @ipcp: ipc permissions
1532 *
1533 * Returns 0 for success or NULL context or < 0 on error.
1534 */
1535int __audit_ipc_obj(struct kern_ipc_perm *ipcp)
1536{
1537 struct audit_aux_data_ipcctl *ax;
1538 struct audit_context *context = current->audit_context;
1539
1540 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1541 if (!ax)
1542 return -ENOMEM;
1543
1190 ax->uid = ipcp->uid; 1544 ax->uid = ipcp->uid;
1191 ax->gid = ipcp->gid; 1545 ax->gid = ipcp->gid;
1192 ax->mode = ipcp->mode; 1546 ax->mode = ipcp->mode;
@@ -1207,14 +1561,11 @@ int audit_ipc_obj(struct kern_ipc_perm *ipcp)
1207 * 1561 *
1208 * Returns 0 for success or NULL context or < 0 on error. 1562 * Returns 0 for success or NULL context or < 0 on error.
1209 */ 1563 */
1210int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp) 1564int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
1211{ 1565{
1212 struct audit_aux_data_ipcctl *ax; 1566 struct audit_aux_data_ipcctl *ax;
1213 struct audit_context *context = current->audit_context; 1567 struct audit_context *context = current->audit_context;
1214 1568
1215 if (likely(!context))
1216 return 0;
1217
1218 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 1569 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
1219 if (!ax) 1570 if (!ax)
1220 return -ENOMEM; 1571 return -ENOMEM;
@@ -1223,7 +1574,6 @@ int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode,
1223 ax->uid = uid; 1574 ax->uid = uid;
1224 ax->gid = gid; 1575 ax->gid = gid;
1225 ax->mode = mode; 1576 ax->mode = mode;
1226 selinux_get_ipc_sid(ipcp, &ax->osid);
1227 1577
1228 ax->d.type = AUDIT_IPC_SET_PERM; 1578 ax->d.type = AUDIT_IPC_SET_PERM;
1229 ax->d.next = context->aux; 1579 ax->d.next = context->aux;
@@ -1231,6 +1581,39 @@ int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode,
1231 return 0; 1581 return 0;
1232} 1582}
1233 1583
1584int audit_bprm(struct linux_binprm *bprm)
1585{
1586 struct audit_aux_data_execve *ax;
1587 struct audit_context *context = current->audit_context;
1588 unsigned long p, next;
1589 void *to;
1590
1591 if (likely(!audit_enabled || !context))
1592 return 0;
1593
1594 ax = kmalloc(sizeof(*ax) + PAGE_SIZE * MAX_ARG_PAGES - bprm->p,
1595 GFP_KERNEL);
1596 if (!ax)
1597 return -ENOMEM;
1598
1599 ax->argc = bprm->argc;
1600 ax->envc = bprm->envc;
1601 for (p = bprm->p, to = ax->mem; p < MAX_ARG_PAGES*PAGE_SIZE; p = next) {
1602 struct page *page = bprm->page[p / PAGE_SIZE];
1603 void *kaddr = kmap(page);
1604 next = (p + PAGE_SIZE) & ~(PAGE_SIZE - 1);
1605 memcpy(to, kaddr + (p & (PAGE_SIZE - 1)), next - p);
1606 to += next - p;
1607 kunmap(page);
1608 }
1609
1610 ax->d.type = AUDIT_EXECVE;
1611 ax->d.next = context->aux;
1612 context->aux = (void *)ax;
1613 return 0;
1614}
1615
1616
1234/** 1617/**
1235 * audit_socketcall - record audit data for sys_socketcall 1618 * audit_socketcall - record audit data for sys_socketcall
1236 * @nargs: number of args 1619 * @nargs: number of args
@@ -1325,19 +1708,20 @@ int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt)
1325 * If the audit subsystem is being terminated, record the task (pid) 1708 * If the audit subsystem is being terminated, record the task (pid)
1326 * and uid that is doing that. 1709 * and uid that is doing that.
1327 */ 1710 */
1328void audit_signal_info(int sig, struct task_struct *t) 1711void __audit_signal_info(int sig, struct task_struct *t)
1329{ 1712{
1330 extern pid_t audit_sig_pid; 1713 extern pid_t audit_sig_pid;
1331 extern uid_t audit_sig_uid; 1714 extern uid_t audit_sig_uid;
1332 1715 extern u32 audit_sig_sid;
1333 if (unlikely(audit_pid && t->tgid == audit_pid)) { 1716
1334 if (sig == SIGTERM || sig == SIGHUP) { 1717 if (sig == SIGTERM || sig == SIGHUP || sig == SIGUSR1) {
1335 struct audit_context *ctx = current->audit_context; 1718 struct task_struct *tsk = current;
1336 audit_sig_pid = current->pid; 1719 struct audit_context *ctx = tsk->audit_context;
1337 if (ctx) 1720 audit_sig_pid = tsk->pid;
1338 audit_sig_uid = ctx->loginuid; 1721 if (ctx)
1339 else 1722 audit_sig_uid = ctx->loginuid;
1340 audit_sig_uid = current->uid; 1723 else
1341 } 1724 audit_sig_uid = tsk->uid;
1725 selinux_get_task_sid(tsk, &audit_sig_sid);
1342 } 1726 }
1343} 1727}
diff --git a/kernel/signal.c b/kernel/signal.c
index e5f8aea78ffe..1b3c921737e2 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -23,12 +23,12 @@
23#include <linux/syscalls.h> 23#include <linux/syscalls.h>
24#include <linux/ptrace.h> 24#include <linux/ptrace.h>
25#include <linux/signal.h> 25#include <linux/signal.h>
26#include <linux/audit.h>
27#include <linux/capability.h> 26#include <linux/capability.h>
28#include <asm/param.h> 27#include <asm/param.h>
29#include <asm/uaccess.h> 28#include <asm/uaccess.h>
30#include <asm/unistd.h> 29#include <asm/unistd.h>
31#include <asm/siginfo.h> 30#include <asm/siginfo.h>
31#include "audit.h" /* audit_signal_info() */
32 32
33/* 33/*
34 * SLAB caches for signal bits. 34 * SLAB caches for signal bits.
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index e82726faeeff..0d656e61621d 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -150,7 +150,7 @@ extern ctl_table random_table[];
150#ifdef CONFIG_UNIX98_PTYS 150#ifdef CONFIG_UNIX98_PTYS
151extern ctl_table pty_table[]; 151extern ctl_table pty_table[];
152#endif 152#endif
153#ifdef CONFIG_INOTIFY 153#ifdef CONFIG_INOTIFY_USER
154extern ctl_table inotify_table[]; 154extern ctl_table inotify_table[];
155#endif 155#endif
156 156
@@ -1028,7 +1028,7 @@ static ctl_table fs_table[] = {
1028 .mode = 0644, 1028 .mode = 0644,
1029 .proc_handler = &proc_doulongvec_minmax, 1029 .proc_handler = &proc_doulongvec_minmax,
1030 }, 1030 },
1031#ifdef CONFIG_INOTIFY 1031#ifdef CONFIG_INOTIFY_USER
1032 { 1032 {
1033 .ctl_name = FS_INOTIFY, 1033 .ctl_name = FS_INOTIFY,
1034 .procname = "inotify", 1034 .procname = "inotify",
diff --git a/kernel/user.c b/kernel/user.c
index 2116642f42c6..4b1eb745afa1 100644
--- a/kernel/user.c
+++ b/kernel/user.c
@@ -140,7 +140,7 @@ struct user_struct * alloc_uid(uid_t uid)
140 atomic_set(&new->processes, 0); 140 atomic_set(&new->processes, 0);
141 atomic_set(&new->files, 0); 141 atomic_set(&new->files, 0);
142 atomic_set(&new->sigpending, 0); 142 atomic_set(&new->sigpending, 0);
143#ifdef CONFIG_INOTIFY 143#ifdef CONFIG_INOTIFY_USER
144 atomic_set(&new->inotify_watches, 0); 144 atomic_set(&new->inotify_watches, 0);
145 atomic_set(&new->inotify_devs, 0); 145 atomic_set(&new->inotify_devs, 0);
146#endif 146#endif
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index c284dbb8b8c0..e9548bc049e1 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1980,7 +1980,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
1980 break; 1980 break;
1981 case AUDIT_SE_SEN: 1981 case AUDIT_SE_SEN:
1982 case AUDIT_SE_CLR: 1982 case AUDIT_SE_CLR:
1983 level = (op == AUDIT_SE_SEN ? 1983 level = (field == AUDIT_SE_SEN ?
1984 &ctxt->range.level[0] : &ctxt->range.level[1]); 1984 &ctxt->range.level[0] : &ctxt->range.level[1]);
1985 switch (op) { 1985 switch (op) {
1986 case AUDIT_EQUAL: 1986 case AUDIT_EQUAL:
generated by cgit v1.2.2 (git 2.25.0) at 2026-02-28 23:46:28 -0500