1 #include <linux/fanotify.h>
2 #include <linux/fcntl.h>
3 #include <linux/file.h>
5 #include <linux/anon_inodes.h>
6 #include <linux/fsnotify_backend.h>
7 #include <linux/init.h>
8 #include <linux/mount.h>
9 #include <linux/namei.h>
10 #include <linux/poll.h>
11 #include <linux/security.h>
12 #include <linux/syscalls.h>
13 #include <linux/slab.h>
14 #include <linux/types.h>
15 #include <linux/uaccess.h>
16 #include <linux/compat.h>
17 #include <linux/sched/signal.h>
19 #include <asm/ioctls.h>
21 #include "../../mount.h"
22 #include "../fdinfo.h"
25 #define FANOTIFY_DEFAULT_MAX_EVENTS 16384
26 #define FANOTIFY_DEFAULT_MAX_MARKS 8192
27 #define FANOTIFY_DEFAULT_MAX_LISTENERS 128
30 * All flags that may be specified in parameter event_f_flags of fanotify_init.
32 * Internal and external open flags are stored together in field f_flags of
33 * struct file. Only external open flags shall be allowed in event_f_flags.
34 * Internal flags like FMODE_NONOTIFY, FMODE_EXEC, FMODE_NOCMTIME shall be
37 #define FANOTIFY_INIT_ALL_EVENT_F_BITS ( \
38 O_ACCMODE | O_APPEND | O_NONBLOCK | \
39 __O_SYNC | O_DSYNC | O_CLOEXEC | \
40 O_LARGEFILE | O_NOATIME )
42 extern const struct fsnotify_ops fanotify_fsnotify_ops;
44 struct kmem_cache *fanotify_mark_cache __read_mostly;
45 struct kmem_cache *fanotify_event_cachep __read_mostly;
46 struct kmem_cache *fanotify_perm_event_cachep __read_mostly;
49 * Get an fsnotify notification event if one exists and is small
50 * enough to fit in "count". Return an error pointer if the count
51 * is not large enough.
53 * Called with the group->notification_lock held.
55 static struct fsnotify_event *get_one_event(struct fsnotify_group *group,
58 assert_spin_locked(&group->notification_lock);
60 pr_debug("%s: group=%p count=%zd\n", __func__, group, count);
62 if (fsnotify_notify_queue_is_empty(group))
65 if (FAN_EVENT_METADATA_LEN > count)
66 return ERR_PTR(-EINVAL);
68 /* held the notification_lock the whole time, so this is the
69 * same event we peeked above */
70 return fsnotify_remove_first_event(group);
73 static int create_fd(struct fsnotify_group *group,
74 struct fanotify_event_info *event,
78 struct file *new_file;
80 pr_debug("%s: group=%p event=%p\n", __func__, group, event);
82 client_fd = get_unused_fd_flags(group->fanotify_data.f_flags);
87 * we need a new file handle for the userspace program so it can read even if it was
88 * originally opened O_WRONLY.
90 /* it's possible this event was an overflow event. in that case dentry and mnt
91 * are NULL; That's fine, just don't call dentry open */
92 if (event->path.dentry && event->path.mnt)
93 new_file = dentry_open(&event->path,
94 group->fanotify_data.f_flags | FMODE_NONOTIFY,
97 new_file = ERR_PTR(-EOVERFLOW);
98 if (IS_ERR(new_file)) {
100 * we still send an event even if we can't open the file. this
101 * can happen when say tasks are gone and we try to open their
102 * /proc files or we try to open a WRONLY file like in sysfs
103 * we just send the errno to userspace since there isn't much
106 put_unused_fd(client_fd);
107 client_fd = PTR_ERR(new_file);
115 static int fill_event_metadata(struct fsnotify_group *group,
116 struct fanotify_event_metadata *metadata,
117 struct fsnotify_event *fsn_event,
121 struct fanotify_event_info *event;
123 pr_debug("%s: group=%p metadata=%p event=%p\n", __func__,
124 group, metadata, fsn_event);
127 event = container_of(fsn_event, struct fanotify_event_info, fse);
128 metadata->event_len = FAN_EVENT_METADATA_LEN;
129 metadata->metadata_len = FAN_EVENT_METADATA_LEN;
130 metadata->vers = FANOTIFY_METADATA_VERSION;
131 metadata->reserved = 0;
132 metadata->mask = fsn_event->mask & FAN_ALL_OUTGOING_EVENTS;
133 metadata->pid = pid_vnr(event->tgid);
134 if (unlikely(fsn_event->mask & FAN_Q_OVERFLOW))
135 metadata->fd = FAN_NOFD;
137 metadata->fd = create_fd(group, event, file);
138 if (metadata->fd < 0)
145 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
146 static struct fanotify_perm_event_info *dequeue_event(
147 struct fsnotify_group *group, int fd)
149 struct fanotify_perm_event_info *event, *return_e = NULL;
151 spin_lock(&group->notification_lock);
152 list_for_each_entry(event, &group->fanotify_data.access_list,
157 list_del_init(&event->fae.fse.list);
161 spin_unlock(&group->notification_lock);
163 pr_debug("%s: found return_re=%p\n", __func__, return_e);
168 static int process_access_response(struct fsnotify_group *group,
169 struct fanotify_response *response_struct)
171 struct fanotify_perm_event_info *event;
172 int fd = response_struct->fd;
173 int response = response_struct->response;
175 pr_debug("%s: group=%p fd=%d response=%d\n", __func__, group,
178 * make sure the response is valid, if invalid we do nothing and either
179 * userspace can send a valid response or we will clean it up after the
182 switch (response & ~FAN_AUDIT) {
193 if ((response & FAN_AUDIT) && !group->fanotify_data.audit)
196 event = dequeue_event(group, fd);
200 event->response = response;
201 wake_up(&group->fanotify_data.access_waitq);
207 static ssize_t copy_event_to_user(struct fsnotify_group *group,
208 struct fsnotify_event *event,
211 struct fanotify_event_metadata fanotify_event_metadata;
215 pr_debug("%s: group=%p event=%p\n", __func__, group, event);
217 ret = fill_event_metadata(group, &fanotify_event_metadata, event, &f);
221 fd = fanotify_event_metadata.fd;
223 if (copy_to_user(buf, &fanotify_event_metadata,
224 fanotify_event_metadata.event_len))
227 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
228 if (event->mask & FAN_ALL_PERM_EVENTS)
229 FANOTIFY_PE(event)->fd = fd;
234 return fanotify_event_metadata.event_len;
237 if (fd != FAN_NOFD) {
244 /* intofiy userspace file descriptor functions */
245 static unsigned int fanotify_poll(struct file *file, poll_table *wait)
247 struct fsnotify_group *group = file->private_data;
250 poll_wait(file, &group->notification_waitq, wait);
251 spin_lock(&group->notification_lock);
252 if (!fsnotify_notify_queue_is_empty(group))
253 ret = POLLIN | POLLRDNORM;
254 spin_unlock(&group->notification_lock);
259 static ssize_t fanotify_read(struct file *file, char __user *buf,
260 size_t count, loff_t *pos)
262 struct fsnotify_group *group;
263 struct fsnotify_event *kevent;
266 DEFINE_WAIT_FUNC(wait, woken_wake_function);
269 group = file->private_data;
271 pr_debug("%s: group=%p\n", __func__, group);
273 add_wait_queue(&group->notification_waitq, &wait);
275 spin_lock(&group->notification_lock);
276 kevent = get_one_event(group, count);
277 spin_unlock(&group->notification_lock);
279 if (IS_ERR(kevent)) {
280 ret = PTR_ERR(kevent);
286 if (file->f_flags & O_NONBLOCK)
290 if (signal_pending(current))
296 wait_woken(&wait, TASK_INTERRUPTIBLE, MAX_SCHEDULE_TIMEOUT);
300 ret = copy_event_to_user(group, kevent, buf);
301 if (unlikely(ret == -EOPENSTALE)) {
303 * We cannot report events with stale fd so drop it.
304 * Setting ret to 0 will continue the event loop and
305 * do the right thing if there are no more events to
306 * read (i.e. return bytes read, -EAGAIN or wait).
312 * Permission events get queued to wait for response. Other
313 * events can be destroyed now.
315 if (!(kevent->mask & FAN_ALL_PERM_EVENTS)) {
316 fsnotify_destroy_event(group, kevent);
318 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
320 FANOTIFY_PE(kevent)->response = FAN_DENY;
321 wake_up(&group->fanotify_data.access_waitq);
323 spin_lock(&group->notification_lock);
324 list_add_tail(&kevent->list,
325 &group->fanotify_data.access_list);
326 spin_unlock(&group->notification_lock);
335 remove_wait_queue(&group->notification_waitq, &wait);
337 if (start != buf && ret != -EFAULT)
342 static ssize_t fanotify_write(struct file *file, const char __user *buf, size_t count, loff_t *pos)
344 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
345 struct fanotify_response response = { .fd = -1, .response = -1 };
346 struct fsnotify_group *group;
349 group = file->private_data;
351 if (count > sizeof(response))
352 count = sizeof(response);
354 pr_debug("%s: group=%p count=%zu\n", __func__, group, count);
356 if (copy_from_user(&response, buf, count))
359 ret = process_access_response(group, &response);
369 static int fanotify_release(struct inode *ignored, struct file *file)
371 struct fsnotify_group *group = file->private_data;
373 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
374 struct fanotify_perm_event_info *event, *next;
375 struct fsnotify_event *fsn_event;
378 * Stop new events from arriving in the notification queue. since
379 * userspace cannot use fanotify fd anymore, no event can enter or
380 * leave access_list by now either.
382 fsnotify_group_stop_queueing(group);
385 * Process all permission events on access_list and notification queue
386 * and simulate reply from userspace.
388 spin_lock(&group->notification_lock);
389 list_for_each_entry_safe(event, next, &group->fanotify_data.access_list,
391 pr_debug("%s: found group=%p event=%p\n", __func__, group,
394 list_del_init(&event->fae.fse.list);
395 event->response = FAN_ALLOW;
399 * Destroy all non-permission events. For permission events just
400 * dequeue them and set the response. They will be freed once the
401 * response is consumed and fanotify_get_response() returns.
403 while (!fsnotify_notify_queue_is_empty(group)) {
404 fsn_event = fsnotify_remove_first_event(group);
405 if (!(fsn_event->mask & FAN_ALL_PERM_EVENTS)) {
406 spin_unlock(&group->notification_lock);
407 fsnotify_destroy_event(group, fsn_event);
408 spin_lock(&group->notification_lock);
410 FANOTIFY_PE(fsn_event)->response = FAN_ALLOW;
412 spin_unlock(&group->notification_lock);
414 /* Response for all permission events it set, wakeup waiters */
415 wake_up(&group->fanotify_data.access_waitq);
418 /* matches the fanotify_init->fsnotify_alloc_group */
419 fsnotify_destroy_group(group);
424 static long fanotify_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
426 struct fsnotify_group *group;
427 struct fsnotify_event *fsn_event;
432 group = file->private_data;
434 p = (void __user *) arg;
438 spin_lock(&group->notification_lock);
439 list_for_each_entry(fsn_event, &group->notification_list, list)
440 send_len += FAN_EVENT_METADATA_LEN;
441 spin_unlock(&group->notification_lock);
442 ret = put_user(send_len, (int __user *) p);
449 static const struct file_operations fanotify_fops = {
450 .show_fdinfo = fanotify_show_fdinfo,
451 .poll = fanotify_poll,
452 .read = fanotify_read,
453 .write = fanotify_write,
455 .release = fanotify_release,
456 .unlocked_ioctl = fanotify_ioctl,
457 .compat_ioctl = fanotify_ioctl,
458 .llseek = noop_llseek,
461 static int fanotify_find_path(int dfd, const char __user *filename,
462 struct path *path, unsigned int flags)
466 pr_debug("%s: dfd=%d filename=%p flags=%x\n", __func__,
467 dfd, filename, flags);
469 if (filename == NULL) {
470 struct fd f = fdget(dfd);
477 if ((flags & FAN_MARK_ONLYDIR) &&
478 !(S_ISDIR(file_inode(f.file)->i_mode))) {
483 *path = f.file->f_path;
487 unsigned int lookup_flags = 0;
489 if (!(flags & FAN_MARK_DONT_FOLLOW))
490 lookup_flags |= LOOKUP_FOLLOW;
491 if (flags & FAN_MARK_ONLYDIR)
492 lookup_flags |= LOOKUP_DIRECTORY;
494 ret = user_path_at(dfd, filename, lookup_flags, path);
499 /* you can only watch an inode if you have read permissions on it */
500 ret = inode_permission(path->dentry->d_inode, MAY_READ);
507 static __u32 fanotify_mark_remove_from_mask(struct fsnotify_mark *fsn_mark,
514 spin_lock(&fsn_mark->lock);
515 if (!(flags & FAN_MARK_IGNORED_MASK)) {
516 __u32 tmask = fsn_mark->mask & ~mask;
518 if (flags & FAN_MARK_ONDIR)
521 oldmask = fsn_mark->mask;
522 fsn_mark->mask = tmask;
524 __u32 tmask = fsn_mark->ignored_mask & ~mask;
525 if (flags & FAN_MARK_ONDIR)
527 fsn_mark->ignored_mask = tmask;
529 *destroy = !(fsn_mark->mask | fsn_mark->ignored_mask);
530 spin_unlock(&fsn_mark->lock);
532 return mask & oldmask;
535 static int fanotify_remove_vfsmount_mark(struct fsnotify_group *group,
536 struct vfsmount *mnt, __u32 mask,
539 struct fsnotify_mark *fsn_mark = NULL;
543 mutex_lock(&group->mark_mutex);
544 fsn_mark = fsnotify_find_mark(&real_mount(mnt)->mnt_fsnotify_marks,
547 mutex_unlock(&group->mark_mutex);
551 removed = fanotify_mark_remove_from_mask(fsn_mark, mask, flags,
553 if (removed & real_mount(mnt)->mnt_fsnotify_mask)
554 fsnotify_recalc_mask(real_mount(mnt)->mnt_fsnotify_marks);
556 fsnotify_detach_mark(fsn_mark);
557 mutex_unlock(&group->mark_mutex);
559 fsnotify_free_mark(fsn_mark);
561 fsnotify_put_mark(fsn_mark);
565 static int fanotify_remove_inode_mark(struct fsnotify_group *group,
566 struct inode *inode, __u32 mask,
569 struct fsnotify_mark *fsn_mark = NULL;
573 mutex_lock(&group->mark_mutex);
574 fsn_mark = fsnotify_find_mark(&inode->i_fsnotify_marks, group);
576 mutex_unlock(&group->mark_mutex);
580 removed = fanotify_mark_remove_from_mask(fsn_mark, mask, flags,
582 if (removed & inode->i_fsnotify_mask)
583 fsnotify_recalc_mask(inode->i_fsnotify_marks);
585 fsnotify_detach_mark(fsn_mark);
586 mutex_unlock(&group->mark_mutex);
588 fsnotify_free_mark(fsn_mark);
590 /* matches the fsnotify_find_mark() */
591 fsnotify_put_mark(fsn_mark);
596 static __u32 fanotify_mark_add_to_mask(struct fsnotify_mark *fsn_mark,
602 spin_lock(&fsn_mark->lock);
603 if (!(flags & FAN_MARK_IGNORED_MASK)) {
604 __u32 tmask = fsn_mark->mask | mask;
606 if (flags & FAN_MARK_ONDIR)
609 oldmask = fsn_mark->mask;
610 fsn_mark->mask = tmask;
612 __u32 tmask = fsn_mark->ignored_mask | mask;
613 if (flags & FAN_MARK_ONDIR)
616 fsn_mark->ignored_mask = tmask;
617 if (flags & FAN_MARK_IGNORED_SURV_MODIFY)
618 fsn_mark->flags |= FSNOTIFY_MARK_FLAG_IGNORED_SURV_MODIFY;
620 spin_unlock(&fsn_mark->lock);
622 return mask & ~oldmask;
625 static struct fsnotify_mark *fanotify_add_new_mark(struct fsnotify_group *group,
627 struct vfsmount *mnt)
629 struct fsnotify_mark *mark;
632 if (atomic_read(&group->num_marks) > group->fanotify_data.max_marks)
633 return ERR_PTR(-ENOSPC);
635 mark = kmem_cache_alloc(fanotify_mark_cache, GFP_KERNEL);
637 return ERR_PTR(-ENOMEM);
639 fsnotify_init_mark(mark, group);
640 ret = fsnotify_add_mark_locked(mark, inode, mnt, 0);
642 fsnotify_put_mark(mark);
650 static int fanotify_add_vfsmount_mark(struct fsnotify_group *group,
651 struct vfsmount *mnt, __u32 mask,
654 struct fsnotify_mark *fsn_mark;
657 mutex_lock(&group->mark_mutex);
658 fsn_mark = fsnotify_find_mark(&real_mount(mnt)->mnt_fsnotify_marks,
661 fsn_mark = fanotify_add_new_mark(group, NULL, mnt);
662 if (IS_ERR(fsn_mark)) {
663 mutex_unlock(&group->mark_mutex);
664 return PTR_ERR(fsn_mark);
667 added = fanotify_mark_add_to_mask(fsn_mark, mask, flags);
668 if (added & ~real_mount(mnt)->mnt_fsnotify_mask)
669 fsnotify_recalc_mask(real_mount(mnt)->mnt_fsnotify_marks);
670 mutex_unlock(&group->mark_mutex);
672 fsnotify_put_mark(fsn_mark);
676 static int fanotify_add_inode_mark(struct fsnotify_group *group,
677 struct inode *inode, __u32 mask,
680 struct fsnotify_mark *fsn_mark;
683 pr_debug("%s: group=%p inode=%p\n", __func__, group, inode);
686 * If some other task has this inode open for write we should not add
687 * an ignored mark, unless that ignored mark is supposed to survive
688 * modification changes anyway.
690 if ((flags & FAN_MARK_IGNORED_MASK) &&
691 !(flags & FAN_MARK_IGNORED_SURV_MODIFY) &&
692 (atomic_read(&inode->i_writecount) > 0))
695 mutex_lock(&group->mark_mutex);
696 fsn_mark = fsnotify_find_mark(&inode->i_fsnotify_marks, group);
698 fsn_mark = fanotify_add_new_mark(group, inode, NULL);
699 if (IS_ERR(fsn_mark)) {
700 mutex_unlock(&group->mark_mutex);
701 return PTR_ERR(fsn_mark);
704 added = fanotify_mark_add_to_mask(fsn_mark, mask, flags);
705 if (added & ~inode->i_fsnotify_mask)
706 fsnotify_recalc_mask(inode->i_fsnotify_marks);
707 mutex_unlock(&group->mark_mutex);
709 fsnotify_put_mark(fsn_mark);
713 /* fanotify syscalls */
714 SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags)
716 struct fsnotify_group *group;
718 struct user_struct *user;
719 struct fanotify_event_info *oevent;
721 pr_debug("%s: flags=%d event_f_flags=%d\n",
722 __func__, flags, event_f_flags);
724 if (!capable(CAP_SYS_ADMIN))
727 #ifdef CONFIG_AUDITSYSCALL
728 if (flags & ~(FAN_ALL_INIT_FLAGS | FAN_ENABLE_AUDIT))
730 if (flags & ~FAN_ALL_INIT_FLAGS)
734 if (event_f_flags & ~FANOTIFY_INIT_ALL_EVENT_F_BITS)
737 switch (event_f_flags & O_ACCMODE) {
746 user = get_current_user();
747 if (atomic_read(&user->fanotify_listeners) > FANOTIFY_DEFAULT_MAX_LISTENERS) {
752 f_flags = O_RDWR | FMODE_NONOTIFY;
753 if (flags & FAN_CLOEXEC)
754 f_flags |= O_CLOEXEC;
755 if (flags & FAN_NONBLOCK)
756 f_flags |= O_NONBLOCK;
758 /* fsnotify_alloc_group takes a ref. Dropped in fanotify_release */
759 group = fsnotify_alloc_group(&fanotify_fsnotify_ops);
762 return PTR_ERR(group);
765 group->fanotify_data.user = user;
766 atomic_inc(&user->fanotify_listeners);
768 oevent = fanotify_alloc_event(NULL, FS_Q_OVERFLOW, NULL);
769 if (unlikely(!oevent)) {
771 goto out_destroy_group;
773 group->overflow_event = &oevent->fse;
775 if (force_o_largefile())
776 event_f_flags |= O_LARGEFILE;
777 group->fanotify_data.f_flags = event_f_flags;
778 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
779 init_waitqueue_head(&group->fanotify_data.access_waitq);
780 INIT_LIST_HEAD(&group->fanotify_data.access_list);
782 switch (flags & FAN_ALL_CLASS_BITS) {
783 case FAN_CLASS_NOTIF:
784 group->priority = FS_PRIO_0;
786 case FAN_CLASS_CONTENT:
787 group->priority = FS_PRIO_1;
789 case FAN_CLASS_PRE_CONTENT:
790 group->priority = FS_PRIO_2;
794 goto out_destroy_group;
797 if (flags & FAN_UNLIMITED_QUEUE) {
799 if (!capable(CAP_SYS_ADMIN))
800 goto out_destroy_group;
801 group->max_events = UINT_MAX;
803 group->max_events = FANOTIFY_DEFAULT_MAX_EVENTS;
806 if (flags & FAN_UNLIMITED_MARKS) {
808 if (!capable(CAP_SYS_ADMIN))
809 goto out_destroy_group;
810 group->fanotify_data.max_marks = UINT_MAX;
812 group->fanotify_data.max_marks = FANOTIFY_DEFAULT_MAX_MARKS;
815 if (flags & FAN_ENABLE_AUDIT) {
817 if (!capable(CAP_AUDIT_WRITE))
818 goto out_destroy_group;
819 group->fanotify_data.audit = true;
822 fd = anon_inode_getfd("[fanotify]", &fanotify_fops, group, f_flags);
824 goto out_destroy_group;
829 fsnotify_destroy_group(group);
833 SYSCALL_DEFINE5(fanotify_mark, int, fanotify_fd, unsigned int, flags,
834 __u64, mask, int, dfd,
835 const char __user *, pathname)
837 struct inode *inode = NULL;
838 struct vfsmount *mnt = NULL;
839 struct fsnotify_group *group;
844 pr_debug("%s: fanotify_fd=%d flags=%x dfd=%d pathname=%p mask=%llx\n",
845 __func__, fanotify_fd, flags, dfd, pathname, mask);
847 /* we only use the lower 32 bits as of right now. */
848 if (mask & ((__u64)0xffffffff << 32))
851 if (flags & ~FAN_ALL_MARK_FLAGS)
853 switch (flags & (FAN_MARK_ADD | FAN_MARK_REMOVE | FAN_MARK_FLUSH)) {
854 case FAN_MARK_ADD: /* fallthrough */
855 case FAN_MARK_REMOVE:
860 if (flags & ~(FAN_MARK_MOUNT | FAN_MARK_FLUSH))
867 if (mask & FAN_ONDIR) {
868 flags |= FAN_MARK_ONDIR;
872 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
873 if (mask & ~(FAN_ALL_EVENTS | FAN_ALL_PERM_EVENTS | FAN_EVENT_ON_CHILD))
875 if (mask & ~(FAN_ALL_EVENTS | FAN_EVENT_ON_CHILD))
879 f = fdget(fanotify_fd);
880 if (unlikely(!f.file))
883 /* verify that this is indeed an fanotify instance */
885 if (unlikely(f.file->f_op != &fanotify_fops))
887 group = f.file->private_data;
890 * group->priority == FS_PRIO_0 == FAN_CLASS_NOTIF. These are not
891 * allowed to set permissions events.
894 if (mask & FAN_ALL_PERM_EVENTS &&
895 group->priority == FS_PRIO_0)
898 if (flags & FAN_MARK_FLUSH) {
900 if (flags & FAN_MARK_MOUNT)
901 fsnotify_clear_vfsmount_marks_by_group(group);
903 fsnotify_clear_inode_marks_by_group(group);
907 ret = fanotify_find_path(dfd, pathname, &path, flags);
911 /* inode held in place by reference to path; group by fget on fd */
912 if (!(flags & FAN_MARK_MOUNT))
913 inode = path.dentry->d_inode;
917 /* create/update an inode mark */
918 switch (flags & (FAN_MARK_ADD | FAN_MARK_REMOVE)) {
920 if (flags & FAN_MARK_MOUNT)
921 ret = fanotify_add_vfsmount_mark(group, mnt, mask, flags);
923 ret = fanotify_add_inode_mark(group, inode, mask, flags);
925 case FAN_MARK_REMOVE:
926 if (flags & FAN_MARK_MOUNT)
927 ret = fanotify_remove_vfsmount_mark(group, mnt, mask, flags);
929 ret = fanotify_remove_inode_mark(group, inode, mask, flags);
942 COMPAT_SYSCALL_DEFINE6(fanotify_mark,
943 int, fanotify_fd, unsigned int, flags,
944 __u32, mask0, __u32, mask1, int, dfd,
945 const char __user *, pathname)
947 return sys_fanotify_mark(fanotify_fd, flags,
949 ((__u64)mask0 << 32) | mask1,
951 ((__u64)mask1 << 32) | mask0,
958 * fanotify_user_setup - Our initialization function. Note that we cannot return
959 * error because we have compiled-in VFS hooks. So an (unlikely) failure here
960 * must result in panic().
962 static int __init fanotify_user_setup(void)
964 fanotify_mark_cache = KMEM_CACHE(fsnotify_mark, SLAB_PANIC);
965 fanotify_event_cachep = KMEM_CACHE(fanotify_event_info, SLAB_PANIC);
966 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
967 fanotify_perm_event_cachep = KMEM_CACHE(fanotify_perm_event_info,
973 device_initcall(fanotify_user_setup);
projects / linux.git / blob