[PATCH -v2 05/16] fanotify: make use of the new fsnotify_open_execcalls

From: Eric Paris
Date: Tue Oct 14 2008 - 16:52:37 EST

Next message: Eric Paris: "[PATCH -v2 00/16] fanotify: novel all file access notification andpermissions system"
Previous message: Trond Myklebust: "Re: nfsd 2.6.28 merge plans"
In reply to: Eric Paris: "[PATCH -v2 00/16] fanotify: novel all file access notification andpermissions system"
Next in thread: Eric Paris: "[PATCH -v2 02/16] fsnotify: pass a file instead of an inode to open,read, and write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This function sends fanotify events for opens which we know are being used
for exec. These are basically just systecalls to sys_execve and sys_uselib

Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---

include/linux/fanotify.h | 4 +++-
include/linux/fsnotify.h | 3 ++-
2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
index 7f1179e..c991bd9 100644
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -14,13 +14,15 @@
#define FAN_MODIFY 0x00000002 /* File was modified */
#define FAN_CLOSE_NOWRITE 0x00000004 /* Unwrittable file closed */
#define FAN_CLOSE_WRITE 0x00000008 /* Writtable file closed */
-#define FAN_OPEN 0x00000010 /* File was opened */
+#define FAN_OPEN_NOEXEC 0x00000010 /* File was opened */
+#define FAN_OPEN_EXEC 0x00000020 /* File was opened with the intention of being exec'ed */

/* FIXME currently Q's have no limit.... */
#define FAN_Q_OVERFLOW 0x80000000 /* Event queued overflowed */

/* helper events */
#define FAN_CLOSE (FAN_CLOSE_WRITE | FAN_CLOSE_NOWRITE) /* close */
+#define FAN_OPEN (FAN_OPEN_NOEXEC | FAN_OPEN_EXEC) /* open */

/*
* All of the events - we build the list by hand so that we can add flags in
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h
index 6fc4160..ccee5ea 100644
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@ -175,6 +175,7 @@ static inline void fsnotify_modify(struct file *file)
*/
static inline void fsnotify_open_exec(struct file *file)
{
+ fanotify(file, FAN_OPEN_EXEC);
}

/*
@@ -191,7 +192,7 @@ static inline void fsnotify_open(struct file *file)

inotify_dentry_parent_queue_event(dentry, mask, 0, dentry->d_name.name);
inotify_inode_queue_event(inode, mask, 0, NULL, NULL);
- fanotify(file, FAN_OPEN);
+ fanotify(file, FAN_OPEN_NOEXEC);
}

/*

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric Paris: "[PATCH -v2 00/16] fanotify: novel all file access notification andpermissions system"
Previous message: Trond Myklebust: "Re: nfsd 2.6.28 merge plans"
In reply to: Eric Paris: "[PATCH -v2 00/16] fanotify: novel all file access notification andpermissions system"
Next in thread: Eric Paris: "[PATCH -v2 02/16] fsnotify: pass a file instead of an inode to open,read, and write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]