summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2007-06-07 12:19:32 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2007-10-21 02:37:18 -0400
commit5a190ae69766da9a34bf31200c5cea4c0667cf94 (patch)
tree340c500fe42518abe6d1159a00619b1bd02f07fc
parentcfa76f024f7c9e65169425804e5b32e71f66d0ee (diff)
downloadop-kernel-dev-5a190ae69766da9a34bf31200c5cea4c0667cf94.zip
op-kernel-dev-5a190ae69766da9a34bf31200c5cea4c0667cf94.tar.gz
[PATCH] pass dentry to audit_inode()/audit_inode_child()
makes caller simpler *and* allows to scan ancestors Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--fs/debugfs/inode.c2
-rw-r--r--fs/namei.c10
-rw-r--r--fs/open.c4
-rw-r--r--fs/xattr.c8
-rw-r--r--include/linux/audit.h16
-rw-r--r--include/linux/fsnotify.h9
-rw-r--r--ipc/mqueue.c8
-rw-r--r--kernel/auditsc.c6
8 files changed, 33 insertions, 30 deletions
diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
index 11be8a3..6a713b3 100644
--- a/fs/debugfs/inode.c
+++ b/fs/debugfs/inode.c
@@ -413,7 +413,7 @@ struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry,
d_move(old_dentry, dentry);
fsnotify_move(old_dir->d_inode, new_dir->d_inode, old_name,
old_dentry->d_name.name, S_ISDIR(old_dentry->d_inode->i_mode),
- NULL, old_dentry->d_inode);
+ NULL, old_dentry);
fsnotify_oldname_free(old_name);
unlock_rename(new_dir, old_dir);
dput(dentry);
diff --git a/fs/namei.c b/fs/namei.c
index 1e5c716..3b993db 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1174,7 +1174,7 @@ static int fastcall do_path_lookup(int dfd, const char *name,
out:
if (unlikely(!retval && !audit_dummy_context() && nd->dentry &&
nd->dentry->d_inode))
- audit_inode(name, nd->dentry->d_inode);
+ audit_inode(name, nd->dentry);
out_fail:
return retval;
@@ -1214,7 +1214,7 @@ int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt,
retval = path_walk(name, nd);
if (unlikely(!retval && !audit_dummy_context() && nd->dentry &&
nd->dentry->d_inode))
- audit_inode(name, nd->dentry->d_inode);
+ audit_inode(name, nd->dentry);
return retval;
@@ -1469,7 +1469,7 @@ static int may_delete(struct inode *dir,struct dentry *victim,int isdir)
return -ENOENT;
BUG_ON(victim->d_parent->d_inode != dir);
- audit_inode_child(victim->d_name.name, victim->d_inode, dir);
+ audit_inode_child(victim->d_name.name, victim, dir);
error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
if (error)
@@ -1783,7 +1783,7 @@ do_last:
* It already exists.
*/
mutex_unlock(&dir->d_inode->i_mutex);
- audit_inode(pathname, path.dentry->d_inode);
+ audit_inode(pathname, path.dentry);
error = -EEXIST;
if (flag & O_EXCL)
@@ -2562,7 +2562,7 @@ int vfs_rename(struct inode *old_dir, struct dentry *old_dentry,
if (!error) {
const char *new_name = old_dentry->d_name.name;
fsnotify_move(old_dir, new_dir, old_name, new_name, is_dir,
- new_dentry->d_inode, old_dentry->d_inode);
+ new_dentry->d_inode, old_dentry);
}
fsnotify_oldname_free(old_name);
diff --git a/fs/open.c b/fs/open.c
index 7538514..3b69c53 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -569,7 +569,7 @@ asmlinkage long sys_fchmod(unsigned int fd, mode_t mode)
dentry = file->f_path.dentry;
inode = dentry->d_inode;
- audit_inode(NULL, inode);
+ audit_inode(NULL, dentry);
err = -EROFS;
if (IS_RDONLY(inode))
@@ -727,7 +727,7 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
goto out;
dentry = file->f_path.dentry;
- audit_inode(NULL, dentry->d_inode);
+ audit_inode(NULL, dentry);
error = chown_common(dentry, user, group);
fput(file);
out:
diff --git a/fs/xattr.c b/fs/xattr.c
index a44fd92..6645b73 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -267,7 +267,7 @@ sys_fsetxattr(int fd, char __user *name, void __user *value,
if (!f)
return error;
dentry = f->f_path.dentry;
- audit_inode(NULL, dentry->d_inode);
+ audit_inode(NULL, dentry);
error = setxattr(dentry, name, value, size, flags);
fput(f);
return error;
@@ -349,7 +349,7 @@ sys_fgetxattr(int fd, char __user *name, void __user *value, size_t size)
f = fget(fd);
if (!f)
return error;
- audit_inode(NULL, f->f_path.dentry->d_inode);
+ audit_inode(NULL, f->f_path.dentry);
error = getxattr(f->f_path.dentry, name, value, size);
fput(f);
return error;
@@ -422,7 +422,7 @@ sys_flistxattr(int fd, char __user *list, size_t size)
f = fget(fd);
if (!f)
return error;
- audit_inode(NULL, f->f_path.dentry->d_inode);
+ audit_inode(NULL, f->f_path.dentry);
error = listxattr(f->f_path.dentry, list, size);
fput(f);
return error;
@@ -485,7 +485,7 @@ sys_fremovexattr(int fd, char __user *name)
if (!f)
return error;
dentry = f->f_path.dentry;
- audit_inode(NULL, dentry->d_inode);
+ audit_inode(NULL, dentry);
error = removexattr(dentry, name);
fput(f);
return error;
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 9ae7409..133b81b 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -366,8 +366,8 @@ extern void audit_syscall_entry(int arch,
extern void audit_syscall_exit(int failed, long return_code);
extern void __audit_getname(const char *name);
extern void audit_putname(const char *name);
-extern void __audit_inode(const char *name, const struct inode *inode);
-extern void __audit_inode_child(const char *dname, const struct inode *inode,
+extern void __audit_inode(const char *name, const struct dentry *dentry);
+extern void __audit_inode_child(const char *dname, const struct dentry *dentry,
const struct inode *parent);
extern void __audit_ptrace(struct task_struct *t);
@@ -381,15 +381,15 @@ static inline void audit_getname(const char *name)
if (unlikely(!audit_dummy_context()))
__audit_getname(name);
}
-static inline void audit_inode(const char *name, const struct inode *inode) {
+static inline void audit_inode(const char *name, const struct dentry *dentry) {
if (unlikely(!audit_dummy_context()))
- __audit_inode(name, inode);
+ __audit_inode(name, dentry);
}
static inline void audit_inode_child(const char *dname,
- const struct inode *inode,
+ const struct dentry *dentry,
const struct inode *parent) {
if (unlikely(!audit_dummy_context()))
- __audit_inode_child(dname, inode, parent);
+ __audit_inode_child(dname, dentry, parent);
}
void audit_core_dumps(long signr);
@@ -477,9 +477,9 @@ extern int audit_signals;
#define audit_dummy_context() 1
#define audit_getname(n) do { ; } while (0)
#define audit_putname(n) do { ; } while (0)
-#define __audit_inode(n,i) do { ; } while (0)
+#define __audit_inode(n,d) do { ; } while (0)
#define __audit_inode_child(d,i,p) do { ; } while (0)
-#define audit_inode(n,i) do { ; } while (0)
+#define audit_inode(n,d) do { ; } while (0)
#define audit_inode_child(d,i,p) do { ; } while (0)
#define audit_core_dumps(i) do { ; } while (0)
#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h
index dfc4e4f..2bd31fa 100644
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@ -41,8 +41,9 @@ static inline void fsnotify_d_move(struct dentry *entry)
*/
static inline void fsnotify_move(struct inode *old_dir, struct inode *new_dir,
const char *old_name, const char *new_name,
- int isdir, struct inode *target, struct inode *source)
+ int isdir, struct inode *target, struct dentry *moved)
{
+ struct inode *source = moved->d_inode;
u32 cookie = inotify_get_cookie();
if (old_dir == new_dir)
@@ -67,7 +68,7 @@ static inline void fsnotify_move(struct inode *old_dir, struct inode *new_dir,
if (source) {
inotify_inode_queue_event(source, IN_MOVE_SELF, 0, NULL, NULL);
}
- audit_inode_child(new_name, source, new_dir);
+ audit_inode_child(new_name, moved, new_dir);
}
/*
@@ -98,7 +99,7 @@ static inline void fsnotify_create(struct inode *inode, struct dentry *dentry)
inode_dir_notify(inode, DN_CREATE);
inotify_inode_queue_event(inode, IN_CREATE, 0, dentry->d_name.name,
dentry->d_inode);
- audit_inode_child(dentry->d_name.name, dentry->d_inode, inode);
+ audit_inode_child(dentry->d_name.name, dentry, inode);
}
/*
@@ -109,7 +110,7 @@ static inline void fsnotify_mkdir(struct inode *inode, struct dentry *dentry)
inode_dir_notify(inode, DN_CREATE);
inotify_inode_queue_event(inode, IN_CREATE | IN_ISDIR, 0,
dentry->d_name.name, dentry->d_inode);
- audit_inode_child(dentry->d_name.name, dentry->d_inode, inode);
+ audit_inode_child(dentry->d_name.name, dentry, inode);
}
/*
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index c0b26dc..bfa274b 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -676,7 +676,7 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
if (oflag & O_CREAT) {
if (dentry->d_inode) { /* entry already exists */
- audit_inode(name, dentry->d_inode);
+ audit_inode(name, dentry);
error = -EEXIST;
if (oflag & O_EXCL)
goto out;
@@ -689,7 +689,7 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
error = -ENOENT;
if (!dentry->d_inode)
goto out;
- audit_inode(name, dentry->d_inode);
+ audit_inode(name, dentry);
filp = do_open(dentry, oflag);
}
@@ -837,7 +837,7 @@ asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr,
if (unlikely(filp->f_op != &mqueue_file_operations))
goto out_fput;
info = MQUEUE_I(inode);
- audit_inode(NULL, inode);
+ audit_inode(NULL, filp->f_path.dentry);
if (unlikely(!(filp->f_mode & FMODE_WRITE)))
goto out_fput;
@@ -921,7 +921,7 @@ asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
if (unlikely(filp->f_op != &mqueue_file_operations))
goto out_fput;
info = MQUEUE_I(inode);
- audit_inode(NULL, inode);
+ audit_inode(NULL, filp->f_path.dentry);
if (unlikely(!(filp->f_mode & FMODE_READ)))
goto out_fput;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index e19b5a3..8a85c20 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1403,10 +1403,11 @@ static void audit_copy_inode(struct audit_names *name, const struct inode *inode
*
* Called from fs/namei.c:path_lookup().
*/
-void __audit_inode(const char *name, const struct inode *inode)
+void __audit_inode(const char *name, const struct dentry *dentry)
{
int idx;
struct audit_context *context = current->audit_context;
+ const struct inode *inode = inode = dentry->d_inode;
if (!context->in_syscall)
return;
@@ -1443,12 +1444,13 @@ void __audit_inode(const char *name, const struct inode *inode)
* must be hooked prior, in order to capture the target inode during
* unsuccessful attempts.
*/
-void __audit_inode_child(const char *dname, const struct inode *inode,
+void __audit_inode_child(const char *dname, const struct dentry *dentry,
const struct inode *parent)
{
int idx;
struct audit_context *context = current->audit_context;
const char *found_parent = NULL, *found_child = NULL;
+ const struct inode *inode = dentry->d_inode;
int dirlen = 0;
if (!context->in_syscall)
OpenPOWER on IntegriCloud