Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
L
linux-davinci
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
linux
linux-davinci
Commits
471a5c7c
Commit
471a5c7c
authored
Jul 10, 2006
by
Al Viro
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[PATCH] introduce audit rules counter
Signed-off-by:
Al Viro
<
viro@zeniv.linux.org.uk
>
parent
5422e01a
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
29 additions
and
0 deletions
+29
-0
include/linux/audit.h
include/linux/audit.h
+2
-0
kernel/auditfilter.c
kernel/auditfilter.c
+24
-0
kernel/auditsc.c
kernel/auditsc.c
+3
-0
No files found.
include/linux/audit.h
View file @
471a5c7c
...
@@ -410,6 +410,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
...
@@ -410,6 +410,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
return
__audit_mq_getsetattr
(
mqdes
,
mqstat
);
return
__audit_mq_getsetattr
(
mqdes
,
mqstat
);
return
0
;
return
0
;
}
}
extern
int
audit_n_rules
;
#else
#else
#define audit_alloc(t) ({ 0; })
#define audit_alloc(t) ({ 0; })
#define audit_free(t) do { ; } while (0)
#define audit_free(t) do { ; } while (0)
...
@@ -437,6 +438,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
...
@@ -437,6 +438,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
#define audit_mq_timedreceive(d,l,p,t) ({ 0; })
#define audit_mq_timedreceive(d,l,p,t) ({ 0; })
#define audit_mq_notify(d,n) ({ 0; })
#define audit_mq_notify(d,n) ({ 0; })
#define audit_mq_getsetattr(d,s) ({ 0; })
#define audit_mq_getsetattr(d,s) ({ 0; })
#define audit_n_rules 0
#endif
#endif
#ifdef CONFIG_AUDIT
#ifdef CONFIG_AUDIT
...
...
kernel/auditfilter.c
View file @
471a5c7c
...
@@ -1136,6 +1136,14 @@ static inline int audit_add_rule(struct audit_entry *entry,
...
@@ -1136,6 +1136,14 @@ static inline int audit_add_rule(struct audit_entry *entry,
struct
audit_watch
*
watch
=
entry
->
rule
.
watch
;
struct
audit_watch
*
watch
=
entry
->
rule
.
watch
;
struct
nameidata
*
ndp
,
*
ndw
;
struct
nameidata
*
ndp
,
*
ndw
;
int
h
,
err
,
putnd_needed
=
0
;
int
h
,
err
,
putnd_needed
=
0
;
#ifdef CONFIG_AUDITSYSCALL
int
dont_count
=
0
;
/* If either of these, don't count towards total */
if
(
entry
->
rule
.
listnr
==
AUDIT_FILTER_USER
||
entry
->
rule
.
listnr
==
AUDIT_FILTER_TYPE
)
dont_count
=
1
;
#endif
if
(
inode_f
)
{
if
(
inode_f
)
{
h
=
audit_hash_ino
(
inode_f
->
val
);
h
=
audit_hash_ino
(
inode_f
->
val
);
...
@@ -1176,6 +1184,10 @@ static inline int audit_add_rule(struct audit_entry *entry,
...
@@ -1176,6 +1184,10 @@ static inline int audit_add_rule(struct audit_entry *entry,
}
else
{
}
else
{
list_add_tail_rcu
(
&
entry
->
list
,
list
);
list_add_tail_rcu
(
&
entry
->
list
,
list
);
}
}
#ifdef CONFIG_AUDITSYSCALL
if
(
!
dont_count
)
audit_n_rules
++
;
#endif
mutex_unlock
(
&
audit_filter_mutex
);
mutex_unlock
(
&
audit_filter_mutex
);
if
(
putnd_needed
)
if
(
putnd_needed
)
...
@@ -1200,6 +1212,14 @@ static inline int audit_del_rule(struct audit_entry *entry,
...
@@ -1200,6 +1212,14 @@ static inline int audit_del_rule(struct audit_entry *entry,
struct
audit_watch
*
watch
,
*
tmp_watch
=
entry
->
rule
.
watch
;
struct
audit_watch
*
watch
,
*
tmp_watch
=
entry
->
rule
.
watch
;
LIST_HEAD
(
inotify_list
);
LIST_HEAD
(
inotify_list
);
int
h
,
ret
=
0
;
int
h
,
ret
=
0
;
#ifdef CONFIG_AUDITSYSCALL
int
dont_count
=
0
;
/* If either of these, don't count towards total */
if
(
entry
->
rule
.
listnr
==
AUDIT_FILTER_USER
||
entry
->
rule
.
listnr
==
AUDIT_FILTER_TYPE
)
dont_count
=
1
;
#endif
if
(
inode_f
)
{
if
(
inode_f
)
{
h
=
audit_hash_ino
(
inode_f
->
val
);
h
=
audit_hash_ino
(
inode_f
->
val
);
...
@@ -1237,6 +1257,10 @@ static inline int audit_del_rule(struct audit_entry *entry,
...
@@ -1237,6 +1257,10 @@ static inline int audit_del_rule(struct audit_entry *entry,
list_del_rcu
(
&
e
->
list
);
list_del_rcu
(
&
e
->
list
);
call_rcu
(
&
e
->
rcu
,
audit_free_rule_rcu
);
call_rcu
(
&
e
->
rcu
,
audit_free_rule_rcu
);
#ifdef CONFIG_AUDITSYSCALL
if
(
!
dont_count
)
audit_n_rules
--
;
#endif
mutex_unlock
(
&
audit_filter_mutex
);
mutex_unlock
(
&
audit_filter_mutex
);
if
(
!
list_empty
(
&
inotify_list
))
if
(
!
list_empty
(
&
inotify_list
))
...
...
kernel/auditsc.c
View file @
471a5c7c
...
@@ -85,6 +85,9 @@ extern int audit_enabled;
...
@@ -85,6 +85,9 @@ extern int audit_enabled;
/* Indicates that audit should log the full pathname. */
/* Indicates that audit should log the full pathname. */
#define AUDIT_NAME_FULL -1
#define AUDIT_NAME_FULL -1
/* number of audit rules */
int
audit_n_rules
;
/* When fs/namei.c:getname() is called, we store the pointer in name and
/* When fs/namei.c:getname() is called, we store the pointer in name and
* we don't let putname() free it (instead we free all of the saved
* we don't let putname() free it (instead we free all of the saved
* pointers at syscall exit time).
* pointers at syscall exit time).
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment