AUDIT: Report lookup flags with path/inode records.

When LOOKUP_PARENT is used, the inode which results is not the inode found at the pathname. Report the flags so that this doesn't generate misleading audit records. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
author: David Woodhouse <dwmw2@shinybook.infradead.org> 2005-06-20 11:11:05 -0400
committer: David Woodhouse <dwmw2@shinybook.infradead.org> 2005-06-20 11:11:05 -0400
commit: ae7b961b1c943367dfe179411f120d7bf8eaba89 (patch)
tree: d40171c26b22295e45ad7b67923442bfb513752a /kernel/auditsc.c
parent: f7056d64ae101d910f965a2e39831f635ef7891b (diff)
1 files changed, 11 insertions, 7 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 48a39579c45c..031f979019d1 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -95,6 +95,7 @@ struct audit_names {
        uid_t           uid;
        gid_t           gid;
        dev_t           rdev;
+        unsigned        flags;
 };
 struct audit_aux_data {
@@ -792,6 +793,8 @@ static void audit_log_exit(struct audit_context *context)
                        audit_log_format(ab, " name=");
                        audit_log_untrustedstring(ab, context->names[i].name);
                }
+                audit_log_format(ab, " flags=%x\n", context->names[i].flags);
+                         
                if (context->names[i].ino != (unsigned long)-1)
                        audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o"
                                             " ouid=%u ogid=%u rdev=%02x:%02x",
@@ -1018,7 +1021,7 @@ void audit_putname(const char *name)
 /* Store the inode and device from a lookup.  Called from
 * fs/namei.c:path_lookup(). */
-void audit_inode(const char *name, const struct inode *inode)
+void audit_inode(const char *name, const struct inode *inode, unsigned flags)
 {
        int idx;
        struct audit_context *context = current->audit_context;
@@ -1044,12 +1047,13 @@ void audit_inode(const char *name, const struct inode *inode)
                ++context->ino_count;
 #endif
        }
-        context->names[idx].ino  = inode->i_ino;
+        context->names[idx].flags = flags;
-        context->names[idx].dev  = inode->i_sb->s_dev;
+        context->names[idx].ino   = inode->i_ino;
-        context->names[idx].mode = inode->i_mode;
+        context->names[idx].dev   = inode->i_sb->s_dev;
-        context->names[idx].uid  = inode->i_uid;
+        context->names[idx].mode  = inode->i_mode;
-        context->names[idx].gid  = inode->i_gid;
+        context->names[idx].uid   = inode->i_uid;
-        context->names[idx].rdev = inode->i_rdev;
+        context->names[idx].gid   = inode->i_gid;
+        context->names[idx].rdev  = inode->i_rdev;
 }
 void auditsc_get_stamp(struct audit_context *ctx,
author	David Woodhouse <dwmw2@shinybook.infradead.org>	2005-06-20 11:11:05 -0400
committer	David Woodhouse <dwmw2@shinybook.infradead.org>	2005-06-20 11:11:05 -0400
commit	ae7b961b1c943367dfe179411f120d7bf8eaba89 (patch)
tree	d40171c26b22295e45ad7b67923442bfb513752a /kernel/auditsc.c
parent	f7056d64ae101d910f965a2e39831f635ef7891b (diff)