summaryrefslogtreecommitdiff
path: root/include/linux/fsnotify.h
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-12-18 05:24:34 +0300
committerEric Paris <eparis@redhat.com>2010-07-28 17:59:01 +0400
commitc4ec54b40d33f8016fea970a383cc584dd0e6019 (patch)
tree8e8865170cf340d1e79dc379f56417588715b2c8 /include/linux/fsnotify.h
parentd14f1729483fad3a8817fbbcbd017678b7d1ad26 (diff)
downloadlinux-c4ec54b40d33f8016fea970a383cc584dd0e6019.tar.xz
fsnotify: new fsnotify hooks and events types for access decisions
introduce a new fsnotify hook, fsnotify_perm(), which is called from the security code. This hook is used to allow fsnotify groups to make access control decisions about events on the system. We also must change the generic fsnotify function to return an error code if we intend these hooks to be in any way useful. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'include/linux/fsnotify.h')
-rw-r--r--include/linux/fsnotify.h19
1 files changed, 19 insertions, 0 deletions
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h
index b8cf161f5a6d..64efda9aae62 100644
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@ -34,6 +34,25 @@ static inline void fsnotify_parent(struct path *path, struct dentry *dentry, __u
__fsnotify_parent(path, dentry, mask);
}
+/* simple call site for access decisions */
+static inline int fsnotify_perm(struct file *file, int mask)
+{
+ struct path *path = &file->f_path;
+ struct inode *inode = path->dentry->d_inode;
+ __u32 fsnotify_mask;
+
+ if (file->f_mode & FMODE_NONOTIFY)
+ return 0;
+ if (!(mask & (MAY_READ | MAY_OPEN)))
+ return 0;
+ if (mask & MAY_READ)
+ fsnotify_mask = FS_ACCESS_PERM;
+ if (mask & MAY_OPEN)
+ fsnotify_mask = FS_OPEN_PERM;
+
+ return fsnotify(inode, fsnotify_mask, path, FSNOTIFY_EVENT_PATH, NULL, 0);
+}
+
/*
* fsnotify_d_move - dentry has been moved
* Called with dcache_lock and dentry->d_lock held.