lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 12 Nov 2008 11:11:30 -0500
From:	Eric Paris <eparis@...hat.com>
To:	linux-kernel@...r.kernel.org, malware-list@...ts.printk.net
Cc:	viro@...iv.linux.org.uk, alan@...rguk.ukuu.org.uk,
	arjan@...radead.org, greg@...ah.com, tytso@....edu,
	akpm@...ux-foundation.org
Subject: [PATCH =-v3 12/21] fanotify: user interface for access decisions

turns out that access decisions are useless if there is no way to do
anything about them.  So we add an interface.  Alan will hate it, but at
least it works...

Signed-off-by: Eric Paris <eparis@...hat.com>
---

 include/linux/fanotify.h   |    7 +++++++
 net/fanotify/af_fanotify.c |    9 +++++++++
 2 files changed, 16 insertions(+), 0 deletions(-)

diff --git a/include/linux/fanotify.h b/include/linux/fanotify.h
index efc62e9..7bc15ec 100644
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -76,8 +76,15 @@ struct fanotify_so_fastpath {
 	__u32 mask;
 }  __attribute__((packed));
 
+/* struct used for FANOTIFY_SEND_RESPONSE */
+struct fanotify_so_access {
+	__u64 cookie;
+	__u32 response;
+}  __attribute__((packed));
+
 /* fanotify setsockopt optvals */
 #define FANOTIFY_SET_FASTPATH	1
+#define FANOTIFY_SEND_RESPONSE	2
 
 #ifdef __KERNEL__
 
diff --git a/net/fanotify/af_fanotify.c b/net/fanotify/af_fanotify.c
index 3b7283e..eef7e2a 100644
--- a/net/fanotify/af_fanotify.c
+++ b/net/fanotify/af_fanotify.c
@@ -162,6 +162,7 @@ static int fan_setsockopt(struct socket *sock, int level, int optname, char __us
 	struct fanotify_group *group;
 	union {
 		struct fanotify_so_fastpath fastpath;
+		struct fanotify_so_access access;
 	} data;
 	int ret = 0;
 
@@ -183,6 +184,14 @@ static int fan_setsockopt(struct socket *sock, int level, int optname, char __us
 			return ret;
 		ret = fanotify_fastpath_add(group, data.fastpath.fd, data.fastpath.mask);
 		break;
+	case FANOTIFY_SEND_RESPONSE:
+		if (optlen < sizeof(struct fanotify_so_access))
+			return -ENOMEM;
+		ret = copy_from_user(&data.access, optval, sizeof(struct fanotify_so_access));
+		if (ret)
+			return ret;
+		ret = fanotify_process_access_response(group, data.access.cookie, data.access.response);
+		break;
 	default:
 		return -ENOPROTOOPT;
 	}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ