lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 11 Sep 2018 06:51:43 +0000
From:   Nixiaoming <nixiaoming@...wei.com>
To:     Eric Paris <eparis@...isplace.org>,
        "rlove@...ve.org" <rlove@...ve.org>,
        "john@...nmccutchan.com" <john@...nmccutchan.com>,
        "amir73il@...il.com" <amir73il@...il.com>,
        "jack@...e.cz" <jack@...e.cz>,
        "viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
Subject: Is it possible to add pid and comm members to the event structure
 to increase the display of user and thread information?

Inotify api cannot display information about users and processes.
That is, you can only know that the file event is generated, but you don't know who triggered the event, which is not conducive to fault location.
Is it possible to add pid and comm members to the event structure to increase the display of user and thread information?

Example:
diff --git a/fs/notify/inotify/inotify.h b/fs/notify/inotify/inotify.h
index 7e4578d..be91844 100644
--- a/fs/notify/inotify/inotify.h
+++ b/fs/notify/inotify/inotify.h
@@ -7,6 +7,8 @@ struct inotify_event_info {
        struct fsnotify_event fse;
        int wd;
        u32 sync_cookie;
+ int pid;
+ char comm[TASK_COMM_LEN];
        int name_len;
        char name[];
 };
diff --git a/fs/notify/inotify/inotify_fsnotify.c b/fs/notify/inotify/inotify_fsnotify.c
index f4184b4..f7ad298 100644
--- a/fs/notify/inotify/inotify_fsnotify.c
+++ b/fs/notify/inotify/inotify_fsnotify.c
@@ -117,6 +117,8 @@ int inotify_handle_event(struct fsnotify_group *group,
        fsnotify_init_event(fsn_event, inode, mask);
        event->wd = i_mark->wd;
        event->sync_cookie = cookie;
+ event->pid = current->pid;
+ strncpy(event->comm, current->comm, TASK_COMM_LEN);
        event->name_len = len;
        if (len)
                strcpy(event->name, file_name);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ