linux/kernel/audit_tree.c
<<
>>
Prefs 
   1#include "audit.h"
   2#include <linux/fsnotify_backend.h>
   3#include <linux/namei.h>
   4#include <linux/mount.h>
   5#include <linux/kthread.h>
   6#include <linux/slab.h>
   7
   8struct audit_tree;
   9struct audit_chunk;
  10
  11struct audit_tree {
  12        atomic_t count;
  13        int goner;
  14        struct audit_chunk *root;
  15        struct list_head chunks;
  16        struct list_head rules;
  17        struct list_head list;
  18        struct list_head same_root;
  19        struct rcu_head head;
  20        char pathname[];
  21};
  22
  23struct audit_chunk {
  24        struct list_head hash;
  25        struct fsnotify_mark mark;
  26        struct list_head trees;         /* with root here */
  27        int dead;
  28        int count;
  29        atomic_long_t refs;
  30        struct rcu_head head;
  31        struct node {
  32                struct list_head list;
  33                struct audit_tree *owner;
  34                unsigned index;         /* index; upper bit indicates 'will prune' */
  35        } owners[];
  36};
  37
  38static LIST_HEAD(tree_list);
  39static LIST_HEAD(prune_list);
  40
  41/*
  42 * One struct chunk is attached to each inode of interest.
  43 * We replace struct chunk on tagging/untagging.
  44 * Rules have pointer to struct audit_tree.
  45 * Rules have struct list_head rlist forming a list of rules over
  46 * the same tree.
  47 * References to struct chunk are collected at audit_inode{,_child}()
  48 * time and used in AUDIT_TREE rule matching.
  49 * These references are dropped at the same time we are calling
  50 * audit_free_names(), etc.
  51 *
  52 * Cyclic lists galore:
  53 * tree.chunks anchors chunk.owners[].list                      hash_lock
  54 * tree.rules anchors rule.rlist                                audit_filter_mutex
  55 * chunk.trees anchors tree.same_root                           hash_lock
  56 * chunk.hash is a hash with middle bits of watch.inode as
  57 * a hash function.                                             RCU, hash_lock
  58 *
  59 * tree is refcounted; one reference for "some rules on rules_list refer to
  60 * it", one for each chunk with pointer to it.
  61 *
  62 * chunk is refcounted by embedded fsnotify_mark + .refs (non-zero refcount
  63 * of watch contributes 1 to .refs).
  64 *
  65 * node.index allows to get from node.list to containing chunk.
  66 * MSB of that sucker is stolen to mark taggings that we might have to
  67 * revert - several operations have very unpleasant cleanup logics and
  68 * that makes a difference.  Some.
  69 */
  70
  71static struct fsnotify_group *audit_tree_group;
  72
  73static struct audit_tree *alloc_tree(const char *s)
  74{
  75        struct audit_tree *tree;
  76
  77        tree = kmalloc(sizeof(struct audit_tree) + strlen(s) + 1, GFP_KERNEL);
  78        if (tree) {
  79                atomic_set(&tree->count, 1);
  80                tree->goner = 0;
  81                INIT_LIST_HEAD(&tree->chunks);
  82                INIT_LIST_HEAD(&tree->rules);
  83                INIT_LIST_HEAD(&tree->list);
  84                INIT_LIST_HEAD(&tree->same_root);
  85                tree->root = NULL;
  86                strcpy(tree->pathname, s);
  87        }
  88        return tree;
  89}
  90
  91static inline void get_tree(struct audit_tree *tree)
  92{
  93        atomic_inc(&tree->count);
  94}
  95
  96static inline void put_tree(struct audit_tree *tree)
  97{
  98        if (atomic_dec_and_test(&tree->count))
  99                kfree_rcu(tree, head);
 100}
 101
 102/* to avoid bringing the entire thing in audit.h */
 103const char *audit_tree_path(struct audit_tree *tree)
 104{
 105        return tree->pathname;
 106}
 107
 108static void free_chunk(struct audit_chunk *chunk)
 109{
 110        int i;
 111
 112        for (i = 0; i < chunk->count; i++) {
 113                if (chunk->owners[i].owner)
 114                        put_tree(chunk->owners[i].owner);
 115        }
 116        kfree(chunk);
 117}
 118
 119void audit_put_chunk(struct audit_chunk *chunk)
 120{
 121        if (atomic_long_dec_and_test(&chunk->refs))
 122                free_chunk(chunk);
 123}
 124
 125static void __put_chunk(struct rcu_head *rcu)
 126{
 127        struct audit_chunk *chunk = container_of(rcu, struct audit_chunk, head);
 128        audit_put_chunk(chunk);
 129}
 130
 131static void audit_tree_destroy_watch(struct fsnotify_mark *entry)
 132{
 133        struct audit_chunk *chunk = container_of(entry, struct audit_chunk, mark);
 134        call_rcu(&chunk->head, __put_chunk);
 135}
 136
 137static struct audit_chunk *alloc_chunk(int count)
 138{
 139        struct audit_chunk *chunk;
 140        size_t size;
 141        int i;
 142
 143        size = offsetof(struct audit_chunk, owners) + count * sizeof(struct node);
 144        chunk = kzalloc(size, GFP_KERNEL);
 145        if (!chunk)
 146                return NULL;
 147
 148        INIT_LIST_HEAD(&chunk->hash);
 149        INIT_LIST_HEAD(&chunk->trees);
 150        chunk->count = count;
 151        atomic_long_set(&chunk->refs, 1);
 152        for (i = 0; i < count; i++) {
 153                INIT_LIST_HEAD(&chunk->owners[i].list);
 154                chunk->owners[i].index = i;
 155        }
 156        fsnotify_init_mark(&chunk->mark, audit_tree_destroy_watch);
 157        chunk->mark.mask = FS_IN_IGNORED;
 158        return chunk;
 159}
 160
 161enum {HASH_SIZE = 128};
 162static struct list_head chunk_hash_heads[HASH_SIZE];
 163static __cacheline_aligned_in_smp DEFINE_SPINLOCK(hash_lock);
 164
 165static inline struct list_head *chunk_hash(const struct inode *inode)
 166{
 167        unsigned long n = (unsigned long)inode / L1_CACHE_BYTES;
 168        return chunk_hash_heads + n % HASH_SIZE;
 169}
 170
 171/* hash_lock & entry->lock is held by caller */
 172static void insert_hash(struct audit_chunk *chunk)
 173{
 174        struct fsnotify_mark *entry = &chunk->mark;
 175        struct list_head *list;
 176
 177        if (!entry->i.inode)
 178                return;
 179        list = chunk_hash(entry->i.inode);
 180        list_add_rcu(&chunk->hash, list);
 181}
 182
 183/* called under rcu_read_lock */
 184struct audit_chunk *audit_tree_lookup(const struct inode *inode)
 185{
 186        struct list_head *list = chunk_hash(inode);
 187        struct audit_chunk *p;
 188
 189        list_for_each_entry_rcu(p, list, hash) {
 190                /* mark.inode may have gone NULL, but who cares? */
 191                if (p->mark.i.inode == inode) {
 192                        atomic_long_inc(&p->refs);
 193                        return p;
 194                }
 195        }
 196        return NULL;
 197}
 198
 199int audit_tree_match(struct audit_chunk *chunk, struct audit_tree *tree)
 200{
 201        int n;
 202        for (n = 0; n < chunk->count; n++)
 203                if (chunk->owners[n].owner == tree)
 204                        return 1;
 205        return 0;
 206}
 207
 208/* tagging and untagging inodes with trees */
 209
 210static struct audit_chunk *find_chunk(struct node *p)
 211{
 212        int index = p->index & ~(1U<<31);
 213        p -= index;
 214        return container_of(p, struct audit_chunk, owners[0]);
 215}
 216
 217static void untag_chunk(struct node *p)
 218{
 219        struct audit_chunk *chunk = find_chunk(p);
 220        struct fsnotify_mark *entry = &chunk->mark;
 221        struct audit_chunk *new = NULL;
 222        struct audit_tree *owner;
 223        int size = chunk->count - 1;
 224        int i, j;
 225
 226        fsnotify_get_mark(entry);
 227
 228        spin_unlock(&hash_lock);
 229
 230        if (size)
 231                new = alloc_chunk(size);
 232
 233        spin_lock(&entry->lock);
 234        if (chunk->dead || !entry->i.inode) {
 235                spin_unlock(&entry->lock);
 236                if (new)
 237                        free_chunk(new);
 238                goto out;
 239        }
 240
 241        owner = p->owner;
 242
 243        if (!size) {
 244                chunk->dead = 1;
 245                spin_lock(&hash_lock);
 246                list_del_init(&chunk->trees);
 247                if (owner->root == chunk)
 248                        owner->root = NULL;
 249                list_del_init(&p->list);
 250                list_del_rcu(&chunk->hash);
 251                spin_unlock(&hash_lock);
 252                spin_unlock(&entry->lock);
 253                fsnotify_destroy_mark(entry, audit_tree_group);
 254                goto out;
 255        }
 256
 257        if (!new)
 258                goto Fallback;
 259
 260        fsnotify_duplicate_mark(&new->mark, entry);
 261        if (fsnotify_add_mark(&new->mark, new->mark.group, new->mark.i.inode, NULL, 1)) {
 262                fsnotify_put_mark(&new->mark);
 263                goto Fallback;
 264        }
 265
 266        chunk->dead = 1;
 267        spin_lock(&hash_lock);
 268        list_replace_init(&chunk->trees, &new->trees);
 269        if (owner->root == chunk) {
 270                list_del_init(&owner->same_root);
 271                owner->root = NULL;
 272        }
 273
 274        for (i = j = 0; j <= size; i++, j++) {
 275                struct audit_tree *s;
 276                if (&chunk->owners[j] == p) {
 277                        list_del_init(&p->list);
 278                        i--;
 279                        continue;
 280                }
 281                s = chunk->owners[j].owner;
 282                new->owners[i].owner = s;
 283                new->owners[i].index = chunk->owners[j].index - j + i;
 284                if (!s) /* result of earlier fallback */
 285                        continue;
 286                get_tree(s);
 287                list_replace_init(&chunk->owners[j].list, &new->owners[i].list);
 288        }
 289
 290        list_replace_rcu(&chunk->hash, &new->hash);
 291        list_for_each_entry(owner, &new->trees, same_root)
 292                owner->root = new;
 293        spin_unlock(&hash_lock);
 294        spin_unlock(&entry->lock);
 295        fsnotify_destroy_mark(entry, audit_tree_group);
 296        fsnotify_put_mark(&new->mark);  /* drop initial reference */
 297        goto out;
 298
 299Fallback:
 300        // do the best we can
 301        spin_lock(&hash_lock);
 302        if (owner->root == chunk) {
 303                list_del_init(&owner->same_root);
 304                owner->root = NULL;
 305        }
 306        list_del_init(&p->list);
 307        p->owner = NULL;
 308        put_tree(owner);
 309        spin_unlock(&hash_lock);
 310        spin_unlock(&entry->lock);
 311out:
 312        fsnotify_put_mark(entry);
 313        spin_lock(&hash_lock);
 314}
 315
 316static int create_chunk(struct inode *inode, struct audit_tree *tree)
 317{
 318        struct fsnotify_mark *entry;
 319        struct audit_chunk *chunk = alloc_chunk(1);
 320        if (!chunk)
 321                return -ENOMEM;
 322
 323        entry = &chunk->mark;
 324        if (fsnotify_add_mark(entry, audit_tree_group, inode, NULL, 0)) {
 325                fsnotify_put_mark(entry);
 326                return -ENOSPC;
 327        }
 328
 329        spin_lock(&entry->lock);
 330        spin_lock(&hash_lock);
 331        if (tree->goner) {
 332                spin_unlock(&hash_lock);
 333                chunk->dead = 1;
 334                spin_unlock(&entry->lock);
 335                fsnotify_destroy_mark(entry, audit_tree_group);
 336                fsnotify_put_mark(entry);
 337                return 0;
 338        }
 339        chunk->owners[0].index = (1U << 31);
 340        chunk->owners[0].owner = tree;
 341        get_tree(tree);
 342        list_add(&chunk->owners[0].list, &tree->chunks);
 343        if (!tree->root) {
 344                tree->root = chunk;
 345                list_add(&tree->same_root, &chunk->trees);
 346        }
 347        insert_hash(chunk);
 348        spin_unlock(&hash_lock);
 349        spin_unlock(&entry->lock);
 350        fsnotify_put_mark(entry);       /* drop initial reference */
 351        return 0;
 352}
 353
 354/* the first tagged inode becomes root of tree */
 355static int tag_chunk(struct inode *inode, struct audit_tree *tree)
 356{
 357        struct fsnotify_mark *old_entry, *chunk_entry;
 358        struct audit_tree *owner;
 359        struct audit_chunk *chunk, *old;
 360        struct node *p;
 361        int n;
 362
 363        old_entry = fsnotify_find_inode_mark(audit_tree_group, inode);
 364        if (!old_entry)
 365                return create_chunk(inode, tree);
 366
 367        old = container_of(old_entry, struct audit_chunk, mark);
 368
 369        /* are we already there? */
 370        spin_lock(&hash_lock);
 371        for (n = 0; n < old->count; n++) {
 372                if (old->owners[n].owner == tree) {
 373                        spin_unlock(&hash_lock);
 374                        fsnotify_put_mark(old_entry);
 375                        return 0;
 376                }
 377        }
 378        spin_unlock(&hash_lock);
 379
 380        chunk = alloc_chunk(old->count + 1);
 381        if (!chunk) {
 382                fsnotify_put_mark(old_entry);
 383                return -ENOMEM;
 384        }
 385
 386        chunk_entry = &chunk->mark;
 387
 388        spin_lock(&old_entry->lock);
 389        if (!old_entry->i.inode) {
 390                /* old_entry is being shot, lets just lie */
 391                spin_unlock(&old_entry->lock);
 392                fsnotify_put_mark(old_entry);
 393                free_chunk(chunk);
 394                return -ENOENT;
 395        }
 396
 397        fsnotify_duplicate_mark(chunk_entry, old_entry);
 398        if (fsnotify_add_mark(chunk_entry, chunk_entry->group, chunk_entry->i.inode, NULL, 1)) {
 399                spin_unlock(&old_entry->lock);
 400                fsnotify_put_mark(chunk_entry);
 401                fsnotify_put_mark(old_entry);
 402                return -ENOSPC;
 403        }
 404
 405        /* even though we hold old_entry->lock, this is safe since chunk_entry->lock could NEVER have been grabbed before */
 406        spin_lock(&chunk_entry->lock);
 407        spin_lock(&hash_lock);
 408
 409        /* we now hold old_entry->lock, chunk_entry->lock, and hash_lock */
 410        if (tree->goner) {
 411                spin_unlock(&hash_lock);
 412                chunk->dead = 1;
 413                spin_unlock(&chunk_entry->lock);
 414                spin_unlock(&old_entry->lock);
 415
 416                fsnotify_destroy_mark(chunk_entry, audit_tree_group);
 417
 418                fsnotify_put_mark(chunk_entry);
 419                fsnotify_put_mark(old_entry);
 420                return 0;
 421        }
 422        list_replace_init(&old->trees, &chunk->trees);
 423        for (n = 0, p = chunk->owners; n < old->count; n++, p++) {
 424                struct audit_tree *s = old->owners[n].owner;
 425                p->owner = s;
 426                p->index = old->owners[n].index;
 427                if (!s) /* result of fallback in untag */
 428                        continue;
 429                get_tree(s);
 430                list_replace_init(&old->owners[n].list, &p->list);
 431        }
 432        p->index = (chunk->count - 1) | (1U<<31);
 433        p->owner = tree;
 434        get_tree(tree);
 435        list_add(&p->list, &tree->chunks);
 436        list_replace_rcu(&old->hash, &chunk->hash);
 437        list_for_each_entry(owner, &chunk->trees, same_root)
 438                owner->root = chunk;
 439        old->dead = 1;
 440        if (!tree->root) {
 441                tree->root = chunk;
 442                list_add(&tree->same_root, &chunk->trees);
 443        }
 444        spin_unlock(&hash_lock);
 445        spin_unlock(&chunk_entry->lock);
 446        spin_unlock(&old_entry->lock);
 447        fsnotify_destroy_mark(old_entry, audit_tree_group);
 448        fsnotify_put_mark(chunk_entry); /* drop initial reference */
 449        fsnotify_put_mark(old_entry); /* pair to fsnotify_find mark_entry */
 450        return 0;
 451}
 452
 453static void audit_tree_log_remove_rule(struct audit_krule *rule)
 454{
 455        struct audit_buffer *ab;
 456
 457        ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
 458        if (unlikely(!ab))
 459                return;
 460        audit_log_format(ab, "op=");
 461        audit_log_string(ab, "remove_rule");
 462        audit_log_format(ab, " dir=");
 463        audit_log_untrustedstring(ab, rule->tree->pathname);
 464        audit_log_key(ab, rule->filterkey);
 465        audit_log_format(ab, " list=%d res=1", rule->listnr);
 466        audit_log_end(ab);
 467}
 468
 469static void kill_rules(struct audit_tree *tree)
 470{
 471        struct audit_krule *rule, *next;
 472        struct audit_entry *entry;
 473
 474        list_for_each_entry_safe(rule, next, &tree->rules, rlist) {
 475                entry = container_of(rule, struct audit_entry, rule);
 476
 477                list_del_init(&rule->rlist);
 478                if (rule->tree) {
 479                        /* not a half-baked one */
 480                        audit_tree_log_remove_rule(rule);
 481                        rule->tree = NULL;
 482                        list_del_rcu(&entry->list);
 483                        list_del(&entry->rule.list);
 484                        call_rcu(&entry->rcu, audit_free_rule_rcu);
 485                }
 486        }
 487}
 488
 489/*
 490 * finish killing struct audit_tree
 491 */
 492static void prune_one(struct audit_tree *victim)
 493{
 494        spin_lock(&hash_lock);
 495        while (!list_empty(&victim->chunks)) {
 496                struct node *p;
 497
 498                p = list_entry(victim->chunks.next, struct node, list);
 499
 500                untag_chunk(p);
 501        }
 502        spin_unlock(&hash_lock);
 503        put_tree(victim);
 504}
 505
 506/* trim the uncommitted chunks from tree */
 507
 508static void trim_marked(struct audit_tree *tree)
 509{
 510        struct list_head *p, *q;
 511        spin_lock(&hash_lock);
 512        if (tree->goner) {
 513                spin_unlock(&hash_lock);
 514                return;
 515        }
 516        /* reorder */
 517        for (p = tree->chunks.next; p != &tree->chunks; p = q) {
 518                struct node *node = list_entry(p, struct node, list);
 519                q = p->next;
 520                if (node->index & (1U<<31)) {
 521                        list_del_init(p);
 522                        list_add(p, &tree->chunks);
 523                }
 524        }
 525
 526        while (!list_empty(&tree->chunks)) {
 527                struct node *node;
 528
 529                node = list_entry(tree->chunks.next, struct node, list);
 530
 531                /* have we run out of marked? */
 532                if (!(node->index & (1U<<31)))
 533                        break;
 534
 535                untag_chunk(node);
 536        }
 537        if (!tree->root && !tree->goner) {
 538                tree->goner = 1;
 539                spin_unlock(&hash_lock);
 540                mutex_lock(&audit_filter_mutex);
 541                kill_rules(tree);
 542                list_del_init(&tree->list);
 543                mutex_unlock(&audit_filter_mutex);
 544                prune_one(tree);
 545        } else {
 546                spin_unlock(&hash_lock);
 547        }
 548}
 549
 550static void audit_schedule_prune(void);
 551
 552/* called with audit_filter_mutex */
 553int audit_remove_tree_rule(struct audit_krule *rule)
 554{
 555        struct audit_tree *tree;
 556        tree = rule->tree;
 557        if (tree) {
 558                spin_lock(&hash_lock);
 559                list_del_init(&rule->rlist);
 560                if (list_empty(&tree->rules) && !tree->goner) {
 561                        tree->root = NULL;
 562                        list_del_init(&tree->same_root);
 563                        tree->goner = 1;
 564                        list_move(&tree->list, &prune_list);
 565                        rule->tree = NULL;
 566                        spin_unlock(&hash_lock);
 567                        audit_schedule_prune();
 568                        return 1;
 569                }
 570                rule->tree = NULL;
 571                spin_unlock(&hash_lock);
 572                return 1;
 573        }
 574        return 0;
 575}
 576
 577static int compare_root(struct vfsmount *mnt, void *arg)
 578{
 579        return mnt->mnt_root->d_inode == arg;
 580}
 581
 582void audit_trim_trees(void)
 583{
 584        struct list_head cursor;
 585
 586        mutex_lock(&audit_filter_mutex);
 587        list_add(&cursor, &tree_list);
 588        while (cursor.next != &tree_list) {
 589                struct audit_tree *tree;
 590                struct path path;
 591                struct vfsmount *root_mnt;
 592                struct node *node;
 593                int err;
 594
 595                tree = container_of(cursor.next, struct audit_tree, list);
 596                get_tree(tree);
 597                list_del(&cursor);
 598                list_add(&cursor, &tree->list);
 599                mutex_unlock(&audit_filter_mutex);
 600
 601                err = kern_path(tree->pathname, 0, &path);
 602                if (err)
 603                        goto skip_it;
 604
 605                root_mnt = collect_mounts(&path);
 606                path_put(&path);
 607                if (IS_ERR(root_mnt))
 608                        goto skip_it;
 609
 610                spin_lock(&hash_lock);
 611                list_for_each_entry(node, &tree->chunks, list) {
 612                        struct audit_chunk *chunk = find_chunk(node);
 613                        /* this could be NULL if the watch is dying else where... */
 614                        struct inode *inode = chunk->mark.i.inode;
 615                        node->index |= 1U<<31;
 616                        if (iterate_mounts(compare_root, inode, root_mnt))
 617                                node->index &= ~(1U<<31);
 618                }
 619                spin_unlock(&hash_lock);
 620                trim_marked(tree);
 621                drop_collected_mounts(root_mnt);
 622skip_it:
 623                put_tree(tree);
 624                mutex_lock(&audit_filter_mutex);
 625        }
 626        list_del(&cursor);
 627        mutex_unlock(&audit_filter_mutex);
 628}
 629
 630int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op)
 631{
 632
 633        if (pathname[0] != '/' ||
 634            rule->listnr != AUDIT_FILTER_EXIT ||
 635            op != Audit_equal ||
 636            rule->inode_f || rule->watch || rule->tree)
 637                return -EINVAL;
 638        rule->tree = alloc_tree(pathname);
 639        if (!rule->tree)
 640                return -ENOMEM;
 641        return 0;
 642}
 643
 644void audit_put_tree(struct audit_tree *tree)
 645{
 646        put_tree(tree);
 647}
 648
 649static int tag_mount(struct vfsmount *mnt, void *arg)
 650{
 651        return tag_chunk(mnt->mnt_root->d_inode, arg);
 652}
 653
 654/* called with audit_filter_mutex */
 655int audit_add_tree_rule(struct audit_krule *rule)
 656{
 657        struct audit_tree *seed = rule->tree, *tree;
 658        struct path path;
 659        struct vfsmount *mnt;
 660        int err;
 661
 662        rule->tree = NULL;
 663        list_for_each_entry(tree, &tree_list, list) {
 664                if (!strcmp(seed->pathname, tree->pathname)) {
 665                        put_tree(seed);
 666                        rule->tree = tree;
 667                        list_add(&rule->rlist, &tree->rules);
 668                        return 0;
 669                }
 670        }
 671        tree = seed;
 672        list_add(&tree->list, &tree_list);
 673        list_add(&rule->rlist, &tree->rules);
 674        /* do not set rule->tree yet */
 675        mutex_unlock(&audit_filter_mutex);
 676
 677        err = kern_path(tree->pathname, 0, &path);
 678        if (err)
 679                goto Err;
 680        mnt = collect_mounts(&path);
 681        path_put(&path);
 682        if (IS_ERR(mnt)) {
 683                err = PTR_ERR(mnt);
 684                goto Err;
 685        }
 686
 687        get_tree(tree);
 688        err = iterate_mounts(tag_mount, tree, mnt);
 689        drop_collected_mounts(mnt);
 690
 691        if (!err) {
 692                struct node *node;
 693                spin_lock(&hash_lock);
 694                list_for_each_entry(node, &tree->chunks, list)
 695                        node->index &= ~(1U<<31);
 696                spin_unlock(&hash_lock);
 697        } else {
 698                trim_marked(tree);
 699                goto Err;
 700        }
 701
 702        mutex_lock(&audit_filter_mutex);
 703        if (list_empty(&rule->rlist)) {
 704                put_tree(tree);
 705                return -ENOENT;
 706        }
 707        rule->tree = tree;
 708        put_tree(tree);
 709
 710        return 0;
 711Err:
 712        mutex_lock(&audit_filter_mutex);
 713        list_del_init(&tree->list);
 714        list_del_init(&tree->rules);
 715        put_tree(tree);
 716        return err;
 717}
 718
 719int audit_tag_tree(char *old, char *new)
 720{
 721        struct list_head cursor, barrier;
 722        int failed = 0;
 723        struct path path1, path2;
 724        struct vfsmount *tagged;
 725        int err;
 726
 727        err = kern_path(new, 0, &path2);
 728        if (err)
 729                return err;
 730        tagged = collect_mounts(&path2);
 731        path_put(&path2);
 732        if (IS_ERR(tagged))
 733                return PTR_ERR(tagged);
 734
 735        err = kern_path(old, 0, &path1);
 736        if (err) {
 737                drop_collected_mounts(tagged);
 738                return err;
 739        }
 740
 741        mutex_lock(&audit_filter_mutex);
 742        list_add(&barrier, &tree_list);
 743        list_add(&cursor, &barrier);
 744
 745        while (cursor.next != &tree_list) {
 746                struct audit_tree *tree;
 747                int good_one = 0;
 748
 749                tree = container_of(cursor.next, struct audit_tree, list);
 750                get_tree(tree);
 751                list_del(&cursor);
 752                list_add(&cursor, &tree->list);
 753                mutex_unlock(&audit_filter_mutex);
 754
 755                err = kern_path(tree->pathname, 0, &path2);
 756                if (!err) {
 757                        good_one = path_is_under(&path1, &path2);
 758                        path_put(&path2);
 759                }
 760
 761                if (!good_one) {
 762                        put_tree(tree);
 763                        mutex_lock(&audit_filter_mutex);
 764                        continue;
 765                }
 766
 767                failed = iterate_mounts(tag_mount, tree, tagged);
 768                if (failed) {
 769                        put_tree(tree);
 770                        mutex_lock(&audit_filter_mutex);
 771                        break;
 772                }
 773
 774                mutex_lock(&audit_filter_mutex);
 775                spin_lock(&hash_lock);
 776                if (!tree->goner) {
 777                        list_del(&tree->list);
 778                        list_add(&tree->list, &tree_list);
 779                }
 780                spin_unlock(&hash_lock);
 781                put_tree(tree);
 782        }
 783
 784        while (barrier.prev != &tree_list) {
 785                struct audit_tree *tree;
 786
 787                tree = container_of(barrier.prev, struct audit_tree, list);
 788                get_tree(tree);
 789                list_del(&tree->list);
 790                list_add(&tree->list, &barrier);
 791                mutex_unlock(&audit_filter_mutex);
 792
 793                if (!failed) {
 794                        struct node *node;
 795                        spin_lock(&hash_lock);
 796                        list_for_each_entry(node, &tree->chunks, list)
 797                                node->index &= ~(1U<<31);
 798                        spin_unlock(&hash_lock);
 799                } else {
 800                        trim_marked(tree);
 801                }
 802
 803                put_tree(tree);
 804                mutex_lock(&audit_filter_mutex);
 805        }
 806        list_del(&barrier);
 807        list_del(&cursor);
 808        mutex_unlock(&audit_filter_mutex);
 809        path_put(&path1);
 810        drop_collected_mounts(tagged);
 811        return failed;
 812}
 813
 814/*
 815 * That gets run when evict_chunk() ends up needing to kill audit_tree.
 816 * Runs from a separate thread.
 817 */
 818static int prune_tree_thread(void *unused)
 819{
 820        mutex_lock(&audit_cmd_mutex);
 821        mutex_lock(&audit_filter_mutex);
 822
 823        while (!list_empty(&prune_list)) {
 824                struct audit_tree *victim;
 825
 826                victim = list_entry(prune_list.next, struct audit_tree, list);
 827                list_del_init(&victim->list);
 828
 829                mutex_unlock(&audit_filter_mutex);
 830
 831                prune_one(victim);
 832
 833                mutex_lock(&audit_filter_mutex);
 834        }
 835
 836        mutex_unlock(&audit_filter_mutex);
 837        mutex_unlock(&audit_cmd_mutex);
 838        return 0;
 839}
 840
 841static void audit_schedule_prune(void)
 842{
 843        kthread_run(prune_tree_thread, NULL, "audit_prune_tree");
 844}
 845
 846/*
 847 * ... and that one is done if evict_chunk() decides to delay until the end
 848 * of syscall.  Runs synchronously.
 849 */
 850void audit_kill_trees(struct list_head *list)
 851{
 852        mutex_lock(&audit_cmd_mutex);
 853        mutex_lock(&audit_filter_mutex);
 854
 855        while (!list_empty(list)) {
 856                struct audit_tree *victim;
 857
 858                victim = list_entry(list->next, struct audit_tree, list);
 859                kill_rules(victim);
 860                list_del_init(&victim->list);
 861
 862                mutex_unlock(&audit_filter_mutex);
 863
 864                prune_one(victim);
 865
 866                mutex_lock(&audit_filter_mutex);
 867        }
 868
 869        mutex_unlock(&audit_filter_mutex);
 870        mutex_unlock(&audit_cmd_mutex);
 871}
 872
 873/*
 874 *  Here comes the stuff asynchronous to auditctl operations
 875 */
 876
 877static void evict_chunk(struct audit_chunk *chunk)
 878{
 879        struct audit_tree *owner;
 880        struct list_head *postponed = audit_killed_trees();
 881        int need_prune = 0;
 882        int n;
 883
 884        if (chunk->dead)
 885                return;
 886
 887        chunk->dead = 1;
 888        mutex_lock(&audit_filter_mutex);
 889        spin_lock(&hash_lock);
 890        while (!list_empty(&chunk->trees)) {
 891                owner = list_entry(chunk->trees.next,
 892                                   struct audit_tree, same_root);
 893                owner->goner = 1;
 894                owner->root = NULL;
 895                list_del_init(&owner->same_root);
 896                spin_unlock(&hash_lock);
 897                if (!postponed) {
 898                        kill_rules(owner);
 899                        list_move(&owner->list, &prune_list);
 900                        need_prune = 1;
 901                } else {
 902                        list_move(&owner->list, postponed);
 903                }
 904                spin_lock(&hash_lock);
 905        }
 906        list_del_rcu(&chunk->hash);
 907        for (n = 0; n < chunk->count; n++)
 908                list_del_init(&chunk->owners[n].list);
 909        spin_unlock(&hash_lock);
 910        if (need_prune)
 911                audit_schedule_prune();
 912        mutex_unlock(&audit_filter_mutex);
 913}
 914
 915static int audit_tree_handle_event(struct fsnotify_group *group,
 916                                   struct inode *to_tell,
 917                                   struct fsnotify_mark *inode_mark,
 918                                   struct fsnotify_mark *vfsmount_mark,
 919                                   u32 mask, void *data, int data_type,
 920                                   const unsigned char *file_name, u32 cookie)
 921{
 922        return 0;
 923}
 924
 925static void audit_tree_freeing_mark(struct fsnotify_mark *entry, struct fsnotify_group *group)
 926{
 927        struct audit_chunk *chunk = container_of(entry, struct audit_chunk, mark);
 928
 929        evict_chunk(chunk);
 930
 931        /*
 932         * We are guaranteed to have at least one reference to the mark from
 933         * either the inode or the caller of fsnotify_destroy_mark().
 934         */
 935        BUG_ON(atomic_read(&entry->refcnt) < 1);
 936}
 937
 938static const struct fsnotify_ops audit_tree_ops = {
 939        .handle_event = audit_tree_handle_event,
 940        .freeing_mark = audit_tree_freeing_mark,
 941};
 942
 943static int __init audit_tree_init(void)
 944{
 945        int i;
 946
 947        audit_tree_group = fsnotify_alloc_group(&audit_tree_ops);
 948        if (IS_ERR(audit_tree_group))
 949                audit_panic("cannot initialize fsnotify group for rectree watches");
 950
 951        for (i = 0; i < HASH_SIZE; i++)
 952                INIT_LIST_HEAD(&chunk_hash_heads[i]);
 953
 954        return 0;
 955}
 956__initcall(audit_tree_init);
 957
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.