diff options
author | Jan Kara | 2017-11-14 11:09:53 +0100 |
---|---|---|
committer | Jan Kara | 2017-11-14 11:09:53 +0100 |
commit | 838bee9e756ec46e9b5be25f9e44388d7e185a2a (patch) | |
tree | ebabacacc94478173d2707ea3f931a79b7bae214 /fs/notify/fanotify/fanotify_user.c | |
parent | quota: Generate warnings for DQUOT_SPACE_NOFAIL allocations (diff) | |
parent | quota: be aware of error from dquot_initialize (diff) | |
download | kernel-qcow2-linux-838bee9e756ec46e9b5be25f9e44388d7e185a2a.tar.gz kernel-qcow2-linux-838bee9e756ec46e9b5be25f9e44388d7e185a2a.tar.xz kernel-qcow2-linux-838bee9e756ec46e9b5be25f9e44388d7e185a2a.zip |
Merge udf, isofs, quota, ext2 changes for 4.15-rc1.
Diffstat (limited to 'fs/notify/fanotify/fanotify_user.c')
-rw-r--r-- | fs/notify/fanotify/fanotify_user.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 907a481ac781..0455ea729384 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -179,7 +179,7 @@ static int process_access_response(struct fsnotify_group *group, * userspace can send a valid response or we will clean it up after the * timeout */ - switch (response) { + switch (response & ~FAN_AUDIT) { case FAN_ALLOW: case FAN_DENY: break; @@ -190,6 +190,9 @@ static int process_access_response(struct fsnotify_group *group, if (fd < 0) return -EINVAL; + if ((response & FAN_AUDIT) && !group->fanotify_data.audit) + return -EINVAL; + event = dequeue_event(group, fd); if (!event) return -ENOENT; @@ -721,7 +724,11 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) if (!capable(CAP_SYS_ADMIN)) return -EPERM; +#ifdef CONFIG_AUDITSYSCALL + if (flags & ~(FAN_ALL_INIT_FLAGS | FAN_ENABLE_AUDIT)) +#else if (flags & ~FAN_ALL_INIT_FLAGS) +#endif return -EINVAL; if (event_f_flags & ~FANOTIFY_INIT_ALL_EVENT_F_BITS) @@ -805,6 +812,13 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags) group->fanotify_data.max_marks = FANOTIFY_DEFAULT_MAX_MARKS; } + if (flags & FAN_ENABLE_AUDIT) { + fd = -EPERM; + if (!capable(CAP_AUDIT_WRITE)) + goto out_destroy_group; + group->fanotify_data.audit = true; + } + fd = anon_inode_getfd("[fanotify]", &fanotify_fops, group, f_flags); if (fd < 0) goto out_destroy_group; |