Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5a190ae6 authored by Al Viro's avatar Al Viro
Browse files

[PATCH] pass dentry to audit_inode()/audit_inode_child() 



makes caller simpler *and* allows to scan ancestors

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent cfa76f02

fs/debugfs/inode.c

+1 −1
Original line number Diff line number Diff line
@@ -413,7 +413,7 @@ struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, 
	d_move(old_dentry, dentry);

	fsnotify_move(old_dir->d_inode, new_dir->d_inode, old_name,

		old_dentry->d_name.name, S_ISDIR(old_dentry->d_inode->i_mode),

		NULL, old_dentry->d_inode);

		NULL, old_dentry);

	fsnotify_oldname_free(old_name);

	unlock_rename(new_dir, old_dir);

	dput(dentry);

fs/namei.c

+5 −5
Original line number Diff line number Diff line
@@ -1174,7 +1174,7 @@ static int fastcall do_path_lookup(int dfd, const char *name, 
out:

	if (unlikely(!retval && !audit_dummy_context() && nd->dentry &&

				nd->dentry->d_inode))

		audit_inode(name, nd->dentry->d_inode);

		audit_inode(name, nd->dentry);

out_fail:

	return retval;
@@ -1214,7 +1214,7 @@ int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt, 
	retval = path_walk(name, nd);

	if (unlikely(!retval && !audit_dummy_context() && nd->dentry &&

				nd->dentry->d_inode))

		audit_inode(name, nd->dentry->d_inode);

		audit_inode(name, nd->dentry);



	return retval;
@@ -1469,7 +1469,7 @@ static int may_delete(struct inode *dir,struct dentry *victim,int isdir) 
		return -ENOENT;



	BUG_ON(victim->d_parent->d_inode != dir);

	audit_inode_child(victim->d_name.name, victim->d_inode, dir);

	audit_inode_child(victim->d_name.name, victim, dir);



	error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);

	if (error)
@@ -1783,7 +1783,7 @@ int open_namei(int dfd, const char *pathname, int flag, 
	 * It already exists.

	 */

	mutex_unlock(&dir->d_inode->i_mutex);

	audit_inode(pathname, path.dentry->d_inode);

	audit_inode(pathname, path.dentry);



	error = -EEXIST;

	if (flag & O_EXCL)
@@ -2562,7 +2562,7 @@ int vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 
	if (!error) {

		const char *new_name = old_dentry->d_name.name;

		fsnotify_move(old_dir, new_dir, old_name, new_name, is_dir,

			      new_dentry->d_inode, old_dentry->d_inode);

			      new_dentry->d_inode, old_dentry);

	}

	fsnotify_oldname_free(old_name);

fs/open.c

+2 −2
Original line number Diff line number Diff line
@@ -569,7 +569,7 @@ asmlinkage long sys_fchmod(unsigned int fd, mode_t mode) 
	dentry = file->f_path.dentry;

	inode = dentry->d_inode;



	audit_inode(NULL, inode);

	audit_inode(NULL, dentry);



	err = -EROFS;

	if (IS_RDONLY(inode))
@@ -727,7 +727,7 @@ asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group) 
		goto out;



	dentry = file->f_path.dentry;

	audit_inode(NULL, dentry->d_inode);

	audit_inode(NULL, dentry);

	error = chown_common(dentry, user, group);

	fput(file);

out:

fs/xattr.c

+4 −4
Original line number Diff line number Diff line
@@ -267,7 +267,7 @@ sys_fsetxattr(int fd, char __user *name, void __user *value, 
	if (!f)

		return error;

	dentry = f->f_path.dentry;

	audit_inode(NULL, dentry->d_inode);

	audit_inode(NULL, dentry);

	error = setxattr(dentry, name, value, size, flags);

	fput(f);

	return error;
@@ -349,7 +349,7 @@ sys_fgetxattr(int fd, char __user *name, void __user *value, size_t size) 
	f = fget(fd);

	if (!f)

		return error;

	audit_inode(NULL, f->f_path.dentry->d_inode);

	audit_inode(NULL, f->f_path.dentry);

	error = getxattr(f->f_path.dentry, name, value, size);

	fput(f);

	return error;
@@ -422,7 +422,7 @@ sys_flistxattr(int fd, char __user *list, size_t size) 
	f = fget(fd);

	if (!f)

		return error;

	audit_inode(NULL, f->f_path.dentry->d_inode);

	audit_inode(NULL, f->f_path.dentry);

	error = listxattr(f->f_path.dentry, list, size);

	fput(f);

	return error;
@@ -485,7 +485,7 @@ sys_fremovexattr(int fd, char __user *name) 
	if (!f)

		return error;

	dentry = f->f_path.dentry;

	audit_inode(NULL, dentry->d_inode);

	audit_inode(NULL, dentry);

	error = removexattr(dentry, name);

	fput(f);

	return error;

include/linux/audit.h

+8 −8
Original line number Diff line number Diff line
@@ -366,8 +366,8 @@ extern void audit_syscall_entry(int arch, 
extern void audit_syscall_exit(int failed, long return_code);

extern void __audit_getname(const char *name);

extern void audit_putname(const char *name);

extern void __audit_inode(const char *name, const struct inode *inode);

extern void __audit_inode_child(const char *dname, const struct inode *inode,

extern void __audit_inode(const char *name, const struct dentry *dentry);

extern void __audit_inode_child(const char *dname, const struct dentry *dentry,

				const struct inode *parent);

extern void __audit_ptrace(struct task_struct *t);
@@ -381,15 +381,15 @@ static inline void audit_getname(const char *name) 
	if (unlikely(!audit_dummy_context()))

		__audit_getname(name);

}

static inline void audit_inode(const char *name, const struct inode *inode) {

static inline void audit_inode(const char *name, const struct dentry *dentry) {

	if (unlikely(!audit_dummy_context()))

		__audit_inode(name, inode);

		__audit_inode(name, dentry);

}

static inline void audit_inode_child(const char *dname, 

				     const struct inode *inode,

				     const struct dentry *dentry,

				     const struct inode *parent) {

	if (unlikely(!audit_dummy_context()))

		__audit_inode_child(dname, inode, parent);

		__audit_inode_child(dname, dentry, parent);

}

void audit_core_dumps(long signr);
@@ -477,9 +477,9 @@ extern int audit_signals; 
#define audit_dummy_context() 1

#define audit_getname(n) do { ; } while (0)

#define audit_putname(n) do { ; } while (0)

#define __audit_inode(n,i) do { ; } while (0)

#define __audit_inode(n,d) do { ; } while (0)

#define __audit_inode_child(d,i,p) do { ; } while (0)

#define audit_inode(n,i) do { ; } while (0)

#define audit_inode(n,d) do { ; } while (0)

#define audit_inode_child(d,i,p) do { ; } while (0)

#define audit_core_dumps(i) do { ; } while (0)

#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)