Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Oct 12, 2012

  1. audit: optimize audit_compare_dname_path

    In the cases where we already know the length of the parent, pass it as
    a parm so we don't need to recompute it. In the cases where we don't
    know the length, pass in AUDIT_NAME_FULL (-1) to indicate that it should
    be determined.
    Signed-off-by: Jeff Layton <>
    Signed-off-by: Al Viro <>
    Jeff Layton authored Al Viro committed
  2. audit: remove dirlen argument to audit_compare_dname_path

    All the callers set this to NULL now.
    Signed-off-by: Jeff Layton <>
    Signed-off-by: Al Viro <>
    Jeff Layton authored Al Viro committed

Sep 18, 2012

  1. ebiederm

    userns: Convert the audit loginuid to be a kuid

    Always store audit loginuids in type kuid_t.
    Print loginuids by converting them into uids in the appropriate user
    namespace, and then printing the resulting uid.
    Modify audit_get_loginuid to return a kuid_t.
    Modify audit_set_loginuid to take a kuid_t.
    Modify /proc/<pid>/loginuid on read to convert the loginuid into the
    user namespace of the opener of the file.
    Modify /proc/<pid>/loginud on write to convert the loginuid
    rom the user namespace of the opener of the file.
    Cc: Al Viro <>
    Cc: Eric Paris <>
    Cc: Paul Moore <> ?
    Cc: David Miller <>
    Signed-off-by: Eric W. Biederman <>
    ebiederm authored

Jul 14, 2012

  1. get rid of kern_path_parent()

    all callers want the same thing, actually - a kinda-sorta analog of
    kern_path_create().  I.e. they want parent vfsmount/dentry (with
    ->i_mutex held, to make sure the child dentry is still their child)
    + the child dentry.
    Signed-off-by Al Viro <>
    Al Viro authored

Mar 14, 2011

  1. kill path_lookup()

    all remaining callers pass LOOKUP_PARENT to it, so
    flags argument can die; renamed to kern_path_parent()
    Signed-off-by: Al Viro <>
    Al Viro authored
  2. fix race in audit_get_nd()

    don't rely on pathname resolution ending up twice at the same point...
    Signed-off-by: Al Viro <>
    Al Viro authored

Oct 30, 2010

  1. audit: make functions static

    I was doing some namespace checks and found some simple stuff in
    audit that could be cleaned up. Make some functions static, and
    put const on make_reply payload arg.
    Signed-off-by: Stephen Hemminger <>
    Signed-off-by: Al Viro <>
    Stephen Hemminger authored Al Viro committed

Aug 12, 2010

  1. Linus Torvalds

    Revert "fsnotify: store struct file not struct path"

    This reverts commit 3bcf386 (and the
    accompanying commit c1e5c95 "vfs/fsnotify: fsnotify_close can delay
    the final work in fput" that was a horribly ugly hack to make it work at
    The 'struct file' approach not only causes that disgusting hack, it
    somehow breaks pulseaudio, probably due to some other subtlety with
    f_count handling.
    Fix up various conflicts due to later fsnotify work.
    Signed-off-by: Linus Torvalds <>

Jul 28, 2010

  1. eparis

    fanotify: use both marks when possible

    fanotify currently, when given a vfsmount_mark will look up (if it exists)
    the corresponding inode mark.  This patch drops that lookup and uses the
    mark provided.
    Signed-off-by: Eric Paris <>
    eparis authored
  2. eparis

    fsnotify: pass both the vfsmount mark and inode mark

    should_send_event() and handle_event() will both need to look up the inode
    event if they get a vfsmount event.  Lets just pass both at the same time
    since we have them both after walking the lists in lockstep.
    Signed-off-by: Eric Paris <>
    eparis authored
  3. eparis

    fsnotify: remove group->mask

    group->mask is now useless.  It was originally a shortcut for fsnotify to
    save on performance.  These checks are now redundant, so we remove them.
    Signed-off-by: Eric Paris <>
    eparis authored
  4. eparis

    fsnotify: cleanup should_send_event

    The change to use srcu and walk the object list rather than the global
    fsnotify_group list means that should_send_event is no longer needed for a
    number of groups and can be simplified for others.  Do that.
    Signed-off-by: Eric Paris <>
    eparis authored
  5. eparis

    audit: use the mark in handler functions

    audit now gets a mark in the should_send_event and handle_event
    functions.  Rather than look up the mark themselves audit should just use
    the mark it was handed.
    Signed-off-by: Eric Paris <>
    eparis authored
  6. eparis

    fsnotify: send fsnotify_mark to groups in event handling functions

    With the change of fsnotify to use srcu walking the marks list instead of
    walking the global groups list we now know the mark in question.  The code can
    send the mark to the group's handling functions and the groups won't have to
    find those marks themselves.
    Signed-off-by: Eric Paris <>
    eparis authored
  7. eparis

    fsnotify: store struct file not struct path

    Al explains that calling dentry_open() with a mnt/dentry pair is only
    garunteed to be safe if they are already used in an open struct file.  To
    make sure this is the case don't store and use a struct path in fsnotify,
    always use a struct file.
    Signed-off-by: Eric Paris <>
    eparis authored
  8. eparis

    fsnotify: split generic and inode specific mark code

    currently all marking is done by functions in inode-mark.c.  Some of this
    is pretty generic and should be instead done in a generic function and we
    should only put the inode specific code in inode-mark.c
    Signed-off-by: Eric Paris <>
    eparis authored
  9. fsnotify: take inode->i_lock inside fsnotify_find_mark_entry()

    All callers to fsnotify_find_mark_entry() except one take and
    release inode->i_lock around the call.  Take the lock inside
    fsnotify_find_mark_entry() instead.
    Signed-off-by: Andreas Gruenbacher <>
    Signed-off-by: Eric Paris <>
    Andreas Gruenbacher authored eparis committed
  10. eparis

    fsnotify: rename fsnotify_find_mark_entry to fsnotify_find_mark

    the _entry portion of fsnotify functions is useless.  Drop it.
    Signed-off-by: Eric Paris <>
    eparis authored
  11. eparis

    fsnotify: rename fsnotify_mark_entry to just fsnotify_mark

    The name is long and it serves no real purpose.  So rename
    fsnotify_mark_entry to just fsnotify_mark.
    Signed-off-by: Eric Paris <>
    eparis authored
  12. eparis

    fsnotify: include vfsmount in should_send_event when appropriate

    To ensure that a group will not duplicate events when it receives it based
    on the vfsmount and the inode should_send_event test we should distinguish
    those two cases.  We pass a vfsmount to this function so groups can make
    their own determinations.
    Signed-off-by: Eric Paris <>
    eparis authored
  13. eparis

    fsnotify: drop mask argument from fsnotify_alloc_group

    Nothing uses the mask argument to fsnotify_alloc_group.  This patch drops
    that argument.
    Signed-off-by: Eric Paris <>
    eparis authored
  14. eparis

    Audit: only set group mask when something is being watched

    Currently the audit watch group always sets a mask equal to all events it
    might care about.  We instead should only set the group mask if we are
    actually watching inodes.  This should be a perf win when audit watches are
    compiled in.
    Signed-off-by: Eric Paris <>
    eparis authored
  15. eparis

    fsnotify: fsnotify_obtain_group should be fsnotify_alloc_group

    fsnotify_obtain_group was intended to be able to find an already existing
    group.  Nothing uses that functionality.  This just renames it to
    fsnotify_alloc_group so it is clear what it is doing.
    Signed-off-by: Eric Paris <>
    eparis authored
  16. eparis

    fsnotify: remove group_num altogether

    The original fsnotify interface has a group-num which was intended to be
    able to find a group after it was added.  I no longer think this is a
    necessary thing to do and so we remove the group_num.
    Signed-off-by: Eric Paris <>
    eparis authored
  17. eparis

    fsnotify: include data in should_send calls

    fanotify is going to need to look at file->private_data to know if an event
    should be sent or not.  This passes the data (which might be a file,
    dentry, inode, or none) to the should_send function calls so fanotify can
    get that information when available
    Signed-off-by: Eric Paris <>
    eparis authored
  18. eparis

    fsnotify: provide the data type to should_send_event

    fanotify is only interested in event types which contain enough information
    to open the original file in the context of the fanotify listener.  Since
    fanotify may not want to send events if that data isn't present we pass
    the data type to the should_send_event function call so fanotify can express
    its lack of interest.
    Signed-off-by: Eric Paris <>
    eparis authored
  19. eparis

    Audit: audit watch init should not be before fsnotify init

    Audit watch init and fsnotify init both use subsys_initcall() but since the
    audit watch code is linked in before the fsnotify code the audit watch code
    would be using the fsnotify srcu struct before it was initialized.  This
    patch fixes that problem by moving audit watch init to device_initcall() so
    it happens after fsnotify is ready.
    Reported-by: Stephen Rothwell <>
    Signed-off-by: Eric Paris <>
    Tested-by : Sachin Sant <>
    eparis authored
  20. eparis

    fsnotify: allow addition of duplicate fsnotify marks

    This patch allows a task to add a second fsnotify mark to an inode for the
    same group.  This mark will be added to the end of the inode's list and
    this will never be found by the stand fsnotify_find_mark() function.   This
    is useful if a user wants to add a new mark before removing the old one.
    Signed-off-by: Eric Paris <>
    eparis authored
  21. eparis

    audit: do not get and put just to free a watch

    deleting audit watch rules is not currently done under audit_filter_mutex.
    It was done this way because we could not hold the mutex during inotify
    manipulation.  Since we are using fsnotify we don't need to do the extra
    get/put pair nor do we need the private list on which to store the parents
    while they are about to be freed.
    Signed-off-by: Eric Paris <>
    eparis authored
  22. eparis

    audit: redo audit watch locking and refcnt in light of fsnotify

    fsnotify can handle mutexes to be held across all fsnotify operations since
    it deals strickly in spinlocks.  This can simplify and reduce some of the
    audit_filter_mutex taking and dropping.
    Signed-off-by: Eric Paris <>
    eparis authored
  23. eparis

    audit: convert audit watches to use fsnotify instead of inotify

    Audit currently uses inotify to pin inodes in core and to detect when
    watched inodes are deleted or unmounted.  This patch uses fsnotify instead
    of inotify.
    Signed-off-by: Eric Paris <>
    eparis authored
  24. eparis

    Audit: clean up the audit_watch split

    No real changes, just cleanup to the audit_watch split patch which we done
    with minimal code changes for easy review.  Now fix interfaces to make
    things work better.
    Signed-off-by: Eric Paris <>
    eparis authored

Mar 30, 2010

  1. include cleanup: Update gfp.h and slab.h includes to prepare for brea…

    …king implicit slab.h inclusion from percpu.h
    percpu.h is included by sched.h and module.h and thus ends up being
    included when building most .c files.  percpu.h includes slab.h which
    in turn includes gfp.h making everything defined by the two files
    universally available and complicating inclusion dependencies.
    percpu.h -> slab.h dependency is about to be removed.  Prepare for
    this change by updating users of gfp and slab facilities include those
    headers directly instead of assuming availability.  As this conversion
    needs to touch large number of source files, the following script is
    used as the basis of conversion.
    The script does the followings.
    * Scan files for gfp and slab usages and update includes such that
      only the necessary includes are there.  ie. if only gfp is used,
      gfp.h, if slab is used, slab.h.
    * When the script inserts a new include, it looks at the include
      blocks and try to put the new include such that its order conforms
      to its surrounding.  It's put in the include block which contains
      core kernel includes, in the same order that the rest are ordered -
      alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
      doesn't seem to be any matching order.
    * If the script can't find a place to put a new include (mostly
      because the file doesn't have fitting include block), it prints out
      an error message indicating which .h file needs to be added to the
    The conversion was done in the following steps.
    1. The initial automatic conversion of all .c files updated slightly
       over 4000 files, deleting around 700 includes and adding ~480 gfp.h
       and ~3000 slab.h inclusions.  The script emitted errors for ~400
    2. Each error was manually checked.  Some didn't need the inclusion,
       some needed manual addition while adding it to implementation .h or
       embedding .c file was more appropriate for others.  This step added
       inclusions to around 150 files.
    3. The script was run again and the output was compared to the edits
       from #2 to make sure no file was left behind.
    4. Several build tests were done and a couple of problems were fixed.
       e.g. lib/decompress_*.c used malloc/free() wrappers around slab
       APIs requiring slab.h to be added manually.
    5. The script was run on all .h files but without automatically
       editing them as sprinkling gfp.h and slab.h inclusions around .h
       files could easily lead to inclusion dependency hell.  Most gfp.h
       inclusion directives were ignored as stuff from gfp.h was usually
       wildly available and often used in preprocessor macros.  Each
       slab.h inclusion directive was examined and added manually as
    6. percpu.h was updated not to include slab.h.
    7. Build test were done on the following configurations and failures
       were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
       distributed build env didn't work with gcov compiles) and a few
       more options had to be turned off depending on archs to make things
       build (like ipr on powerpc/64 which failed due to missing writeq).
       * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
       * powerpc and powerpc64 SMP allmodconfig
       * sparc and sparc64 SMP allmodconfig
       * ia64 SMP allmodconfig
       * s390 SMP allmodconfig
       * alpha SMP allmodconfig
       * um on x86_64 SMP allmodconfig
    8. percpu.h modifications were reverted so that it could be applied as
       a separate patch and serve as bisection point.
    Given the fact that I had only a couple of failures from tests on step
    6, I'm fairly confident about the coverage of this conversion patch.
    If there is a breakage, it's likely to be something in one of the arch
    headers which should be easily discoverable easily on most builds of
    the specific arch.
    Signed-off-by: Tejun Heo <>
    Guess-its-ok-by: Christoph Lameter <>
    Cc: Ingo Molnar <>
    Cc: Lee Schermerhorn <>
    Tejun Heo authored

Sep 24, 2009

  1. eparis

    Audit: reorganize struct audit_watch to save 8 bytes

    pahole showed that struct audit_watch had two holes:
    struct audit_watch {
            atomic_t                   count;                /*     0     4 */
            /* XXX 4 bytes hole, try to pack */
            char *                     path;                 /*     8     8 */
            dev_t                      dev;                  /*    16     4 */
            /* XXX 4 bytes hole, try to pack */
            long unsigned int          ino;                  /*    24     8 */
            struct audit_parent *      parent;               /*    32     8 */
            struct list_head           wlist;                /*    40    16 */
            struct list_head           rules;                /*    56    16 */
            /* --- cacheline 1 boundary (64 bytes) was 8 bytes ago --- */
            /* size: 72, cachelines: 2, members: 7 */
            /* sum members: 64, holes: 2, sum holes: 8 */
            /* last cacheline: 8 bytes */
    };      /* definitions: 1 */
    by moving dev after count we save 8 bytes,  actually improving cacheline
    usage.  There are typically very few of these in the kernel so it won't be
    a large savings, but it's a good thing no matter what.
    Signed-off-by: Eric Paris <>
    Signed-off-by: Al Viro <>
    eparis authored Al Viro committed

Jun 24, 2009

  1. eparis

    Audit: clean up all op= output to include string quoting

    A number of places in the audit system we send an op= followed by a string
    that includes spaces.  Somehow this works but it's just wrong.  This patch
    moves all of those that I could find to be quoted.
    Change From: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
    subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op=remove rule
    key="number2" list=4 res=0
    Change To: type=CONFIG_CHANGE msg=audit(1244666690.117:31): auid=0 ses=1
    subj=unconfined_u:unconfined_r:auditctl_t:s0-s0:c0.c1023 op="remove rule"
    key="number2" list=4 res=0
    Signed-off-by: Eric Paris <>
    eparis authored Al Viro committed
Something went wrong with that request. Please try again.