diff options
| author | Jeff Layton <jlayton@redhat.com> | 2012-10-10 15:25:25 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-10-12 00:32:03 -0400 |
| commit | 4fa6b5ecbf092c6ee752ece8a55d71f663d23254 (patch) | |
| tree | 6143912dc73b457a3be72faf31d46d855d3f87c3 /include/linux | |
| parent | e3d6b07b8ba161f638b026feba0c3c97875d7f1c (diff) | |
audit: overhaul __audit_inode_child to accomodate retrying
In order to accomodate retrying path-based syscalls, we need to add a
new "type" argument to audit_inode_child. This will tell us whether
we're looking for a child entry that represents a create or a delete.
If we find a parent, don't automatically assume that we need to create a
new entry. Instead, use the information we have to try to find an
existing entry first. Update it if one is found and create a new one if
not.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/audit.h | 16 | ||||
| -rw-r--r-- | include/linux/fsnotify.h | 8 |
2 files changed, 15 insertions, 9 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index b11f517dce04..3df643d1ac5b 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
| @@ -457,6 +457,8 @@ extern int audit_classify_arch(int arch); | |||
| 457 | #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */ | 457 | #define AUDIT_TYPE_UNKNOWN 0 /* we don't know yet */ |
| 458 | #define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */ | 458 | #define AUDIT_TYPE_NORMAL 1 /* a "normal" audit record */ |
| 459 | #define AUDIT_TYPE_PARENT 2 /* a parent audit record */ | 459 | #define AUDIT_TYPE_PARENT 2 /* a parent audit record */ |
| 460 | #define AUDIT_TYPE_CHILD_DELETE 3 /* a child being deleted */ | ||
| 461 | #define AUDIT_TYPE_CHILD_CREATE 4 /* a child being created */ | ||
| 460 | 462 | ||
| 461 | #ifdef CONFIG_AUDITSYSCALL | 463 | #ifdef CONFIG_AUDITSYSCALL |
| 462 | /* These are defined in auditsc.c */ | 464 | /* These are defined in auditsc.c */ |
| @@ -472,7 +474,8 @@ extern void audit_putname(const char *name); | |||
| 472 | extern void __audit_inode(const char *name, const struct dentry *dentry, | 474 | extern void __audit_inode(const char *name, const struct dentry *dentry, |
| 473 | unsigned int parent); | 475 | unsigned int parent); |
| 474 | extern void __audit_inode_child(const struct inode *parent, | 476 | extern void __audit_inode_child(const struct inode *parent, |
| 475 | const struct dentry *dentry); | 477 | const struct dentry *dentry, |
| 478 | const unsigned char type); | ||
| 476 | extern void __audit_seccomp(unsigned long syscall, long signr, int code); | 479 | extern void __audit_seccomp(unsigned long syscall, long signr, int code); |
| 477 | extern void __audit_ptrace(struct task_struct *t); | 480 | extern void __audit_ptrace(struct task_struct *t); |
| 478 | 481 | ||
| @@ -513,9 +516,10 @@ static inline void audit_inode(const char *name, const struct dentry *dentry, | |||
| 513 | __audit_inode(name, dentry, parent); | 516 | __audit_inode(name, dentry, parent); |
| 514 | } | 517 | } |
| 515 | static inline void audit_inode_child(const struct inode *parent, | 518 | static inline void audit_inode_child(const struct inode *parent, |
| 516 | const struct dentry *dentry) { | 519 | const struct dentry *dentry, |
| 520 | const unsigned char type) { | ||
| 517 | if (unlikely(!audit_dummy_context())) | 521 | if (unlikely(!audit_dummy_context())) |
| 518 | __audit_inode_child(parent, dentry); | 522 | __audit_inode_child(parent, dentry, type); |
| 519 | } | 523 | } |
| 520 | void audit_core_dumps(long signr); | 524 | void audit_core_dumps(long signr); |
| 521 | 525 | ||
| @@ -667,13 +671,15 @@ static inline void __audit_inode(const char *name, const struct dentry *dentry, | |||
| 667 | unsigned int parent) | 671 | unsigned int parent) |
| 668 | { } | 672 | { } |
| 669 | static inline void __audit_inode_child(const struct inode *parent, | 673 | static inline void __audit_inode_child(const struct inode *parent, |
| 670 | const struct dentry *dentry) | 674 | const struct dentry *dentry, |
| 675 | const unsigned char type) | ||
| 671 | { } | 676 | { } |
| 672 | static inline void audit_inode(const char *name, const struct dentry *dentry, | 677 | static inline void audit_inode(const char *name, const struct dentry *dentry, |
| 673 | unsigned int parent) | 678 | unsigned int parent) |
| 674 | { } | 679 | { } |
| 675 | static inline void audit_inode_child(const struct inode *parent, | 680 | static inline void audit_inode_child(const struct inode *parent, |
| 676 | const struct dentry *dentry) | 681 | const struct dentry *dentry, |
| 682 | const unsigned char type) | ||
| 677 | { } | 683 | { } |
| 678 | static inline void audit_core_dumps(long signr) | 684 | static inline void audit_core_dumps(long signr) |
| 679 | { } | 685 | { } |
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index 9c284714977d..0fbfb4646d1b 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h | |||
| @@ -109,7 +109,7 @@ static inline void fsnotify_move(struct inode *old_dir, struct inode *new_dir, | |||
| 109 | 109 | ||
| 110 | if (source) | 110 | if (source) |
| 111 | fsnotify(source, FS_MOVE_SELF, moved->d_inode, FSNOTIFY_EVENT_INODE, NULL, 0); | 111 | fsnotify(source, FS_MOVE_SELF, moved->d_inode, FSNOTIFY_EVENT_INODE, NULL, 0); |
| 112 | audit_inode_child(new_dir, moved); | 112 | audit_inode_child(new_dir, moved, AUDIT_TYPE_CHILD_CREATE); |
| 113 | } | 113 | } |
| 114 | 114 | ||
| 115 | /* | 115 | /* |
| @@ -155,7 +155,7 @@ static inline void fsnotify_inoderemove(struct inode *inode) | |||
| 155 | */ | 155 | */ |
| 156 | static inline void fsnotify_create(struct inode *inode, struct dentry *dentry) | 156 | static inline void fsnotify_create(struct inode *inode, struct dentry *dentry) |
| 157 | { | 157 | { |
| 158 | audit_inode_child(inode, dentry); | 158 | audit_inode_child(inode, dentry, AUDIT_TYPE_CHILD_CREATE); |
| 159 | 159 | ||
| 160 | fsnotify(inode, FS_CREATE, dentry->d_inode, FSNOTIFY_EVENT_INODE, dentry->d_name.name, 0); | 160 | fsnotify(inode, FS_CREATE, dentry->d_inode, FSNOTIFY_EVENT_INODE, dentry->d_name.name, 0); |
| 161 | } | 161 | } |
| @@ -168,7 +168,7 @@ static inline void fsnotify_create(struct inode *inode, struct dentry *dentry) | |||
| 168 | static inline void fsnotify_link(struct inode *dir, struct inode *inode, struct dentry *new_dentry) | 168 | static inline void fsnotify_link(struct inode *dir, struct inode *inode, struct dentry *new_dentry) |
| 169 | { | 169 | { |
| 170 | fsnotify_link_count(inode); | 170 | fsnotify_link_count(inode); |
| 171 | audit_inode_child(dir, new_dentry); | 171 | audit_inode_child(dir, new_dentry, AUDIT_TYPE_CHILD_CREATE); |
| 172 | 172 | ||
| 173 | fsnotify(dir, FS_CREATE, inode, FSNOTIFY_EVENT_INODE, new_dentry->d_name.name, 0); | 173 | fsnotify(dir, FS_CREATE, inode, FSNOTIFY_EVENT_INODE, new_dentry->d_name.name, 0); |
| 174 | } | 174 | } |
| @@ -181,7 +181,7 @@ static inline void fsnotify_mkdir(struct inode *inode, struct dentry *dentry) | |||
| 181 | __u32 mask = (FS_CREATE | FS_ISDIR); | 181 | __u32 mask = (FS_CREATE | FS_ISDIR); |
| 182 | struct inode *d_inode = dentry->d_inode; | 182 | struct inode *d_inode = dentry->d_inode; |
| 183 | 183 | ||
| 184 | audit_inode_child(inode, dentry); | 184 | audit_inode_child(inode, dentry, AUDIT_TYPE_CHILD_CREATE); |
| 185 | 185 | ||
| 186 | fsnotify(inode, mask, d_inode, FSNOTIFY_EVENT_INODE, dentry->d_name.name, 0); | 186 | fsnotify(inode, mask, d_inode, FSNOTIFY_EVENT_INODE, dentry->d_name.name, 0); |
| 187 | } | 187 | } |