Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current

* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
  [PATCH] fix audit_init failure path
  [PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
  [PATCH] sem2mutex: audit_netlink_sem
  [PATCH] simplify audit_free() locking
  [PATCH] Fix audit operators
  [PATCH] promiscuous mode
  [PATCH] Add tty to syscall audit records
  [PATCH] add/remove rule update
  [PATCH] audit string fields interface + consumer
  [PATCH] SE Linux audit events
  [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
  [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
  [PATCH] Fix IA64 success/failure indication in syscall auditing.
  [PATCH] Miscellaneous bug and warning fixes
  [PATCH] Capture selinux subject/object context information.
  [PATCH] Exclude messages by message type
  [PATCH] Collect more inode information during syscall processing.
  [PATCH] Pass dentry, not just name, in fsnotify creation hooks.
  [PATCH] Define new range of userspace messages.
  [PATCH] Filter rule comparators
  ...

Fixed trivial conflict in security/selinux/hooks.c

3 files changed, 22 insertions, 8 deletions

diff --git a/fs/namei.c b/fs/namei.c
index 712dfc77793b..98dc2e134362 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1353,6 +1353,7 @@ static int may_delete(struct inode *dir,struct dentry *victim,int isdir)
                 return -ENOENT;
 
         BUG_ON(victim->d_parent->d_inode != dir);
+        audit_inode_child(victim->d_name.name, victim->d_inode, dir->i_ino);
 
         error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
         if (error)
@@ -1472,7 +1473,7 @@ int vfs_create(struct inode *dir, struct dentry *dentry, int mode,
         DQUOT_INIT(dir);
         error = dir->i_op->create(dir, dentry, mode, nd);
         if (!error)
-                fsnotify_create(dir, dentry->d_name.name);
+                fsnotify_create(dir, dentry);
         return error;
 }
 
@@ -1799,7 +1800,7 @@ int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
         DQUOT_INIT(dir);
         error = dir->i_op->mknod(dir, dentry, mode, dev);
         if (!error)
-                fsnotify_create(dir, dentry->d_name.name);
+                fsnotify_create(dir, dentry);
         return error;
 }
 
@@ -1876,7 +1877,7 @@ int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
         DQUOT_INIT(dir);
         error = dir->i_op->mkdir(dir, dentry, mode);
         if (!error)
-                fsnotify_mkdir(dir, dentry->d_name.name);
+                fsnotify_mkdir(dir, dentry);
         return error;
 }
 
@@ -2139,7 +2140,7 @@ int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, i
         DQUOT_INIT(dir);
         error = dir->i_op->symlink(dir, dentry, oldname);
         if (!error)
-                fsnotify_create(dir, dentry->d_name.name);
+                fsnotify_create(dir, dentry);
         return error;
 }
 
@@ -2216,7 +2217,7 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de
         error = dir->i_op->link(old_dentry, dir, new_dentry);
         mutex_unlock(&old_dentry->d_inode->i_mutex);
         if (!error)
-                fsnotify_create(dir, new_dentry->d_name.name);
+                fsnotify_create(dir, new_dentry);
         return error;
 }
 
diff --git a/fs/open.c b/fs/open.c
index 7d02d19bd0a2..c32c89d6d8db 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -27,6 +27,7 @@
 #include <linux/pagemap.h>
 #include <linux/syscalls.h>
 #include <linux/rcupdate.h>
+#include <linux/audit.h>
 
 #include <asm/unistd.h>
 
@@ -626,6 +627,8 @@ asmlinkage long sys_fchmod(unsigned int fd, mode_t mode)
         dentry = file->f_dentry;
         inode = dentry->d_inode;
 
+        audit_inode(NULL, inode, 0);
+
         err = -EROFS;
         if (IS_RDONLY(inode))
                 goto out_putf;
@@ -775,7 +778,10 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
 
         file = fget(fd);
         if (file) {
-                error = chown_common(file->f_dentry, user, group);
+                struct dentry * dentry;
+                dentry = file->f_dentry;
+                audit_inode(NULL, dentry->d_inode, 0);
+                error = chown_common(dentry, user, group);
                 fput(file);
         }
         return error;
diff --git a/fs/xattr.c b/fs/xattr.c
index 80eca7d3d69f..e416190f5e9c 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -17,6 +17,7 @@
 #include <linux/syscalls.h>
 #include <linux/module.h>
 #include <linux/fsnotify.h>
+#include <linux/audit.h>
 #include <asm/uaccess.h>
 
 
@@ -234,12 +235,15 @@ sys_fsetxattr(int fd, char __user *name, void __user *value,
               size_t size, int flags)
 {
         struct file *f;
+        struct dentry *dentry;
         int error = -EBADF;
 
         f = fget(fd);
         if (!f)
                 return error;
-        error = setxattr(f->f_dentry, name, value, size, flags);
+        dentry = f->f_dentry;
+        audit_inode(NULL, dentry->d_inode, 0);
+        error = setxattr(dentry, name, value, size, flags);
         fput(f);
         return error;
 }
@@ -458,12 +462,15 @@ asmlinkage long
 sys_fremovexattr(int fd, char __user *name)
 {
         struct file *f;
+        struct dentry *dentry;
         int error = -EBADF;
 
         f = fget(fd);
         if (!f)
                 return error;
-        error = removexattr(f->f_dentry, name);
+        dentry = f->f_dentry;
+        audit_inode(NULL, dentry->d_inode, 0);
+        error = removexattr(dentry, name);
         fput(f);
         return error;
 }