1 #include "audit.h"
2 #include <linux/fsnotify_backend.h>
3 #include <linux/namei.h>
4 #include <linux/mount.h>
5 #include <linux/kthread.h>
6 #include <linux/slab.h>
7
8 struct audit_tree;
9 struct audit_chunk;
10
11 struct audit_tree {
12 atomic_t count;
13 int goner;
14 struct audit_chunk *root;
15 struct list_head chunks;
16 struct list_head rules;
17 struct list_head list;
18 struct list_head same_root;
19 struct rcu_head head;
20 char pathname[];
21 };
22
23 struct audit_chunk {
24 struct list_head hash;
25 struct fsnotify_mark mark;
26 struct list_head trees; /* with root here */
27 int dead;
28 int count;
29 atomic_long_t refs;
30 struct rcu_head head;
31 struct node {
32 struct list_head list;
33 struct audit_tree *owner;
34 unsigned index; /* index; upper bit indicates 'will prune' */
35 } owners[];
36 };
37
38 static LIST_HEAD(tree_list);
39 static LIST_HEAD(prune_list);
40
41 /*
42 * One struct chunk is attached to each inode of interest.
43 * We replace struct chunk on tagging/untagging.
44 * Rules have pointer to struct audit_tree.
45 * Rules have struct list_head rlist forming a list of rules over
46 * the same tree.
47 * References to struct chunk are collected at audit_inode{,_child}()
48 * time and used in AUDIT_TREE rule matching.
49 * These references are dropped at the same time we are calling
50 * audit_free_names(), etc.
51 *
52 * Cyclic lists galore:
53 * tree.chunks anchors chunk.owners[].list hash_lock
54 * tree.rules anchors rule.rlist audit_filter_mutex
55 * chunk.trees anchors tree.same_root hash_lock
56 * chunk.hash is a hash with middle bits of watch.inode as
57 * a hash function. RCU, hash_lock
58 *
59 * tree is refcounted; one reference for "some rules on rules_list refer to
60 * it", one for each chunk with pointer to it.
61 *
62 * chunk is refcounted by embedded fsnotify_mark + .refs (non-zero refcount
63 * of watch contributes 1 to .refs).
64 *
65 * node.index allows to get from node.list to containing chunk.
66 * MSB of that sucker is stolen to mark taggings that we might have to
67 * revert - several operations have very unpleasant cleanup logics and
68 * that makes a difference. Some.
69 */
70
71 static struct fsnotify_group *audit_tree_group;
72
alloc_tree(const char * s)73 static struct audit_tree *alloc_tree(const char *s)
74 {
75 struct audit_tree *tree;
76
77 tree = kmalloc(sizeof(struct audit_tree) + strlen(s) + 1, GFP_KERNEL);
78 if (tree) {
79 atomic_set(&tree->count, 1);
80 tree->goner = 0;
81 INIT_LIST_HEAD(&tree->chunks);
82 INIT_LIST_HEAD(&tree->rules);
83 INIT_LIST_HEAD(&tree->list);
84 INIT_LIST_HEAD(&tree->same_root);
85 tree->root = NULL;
86 strcpy(tree->pathname, s);
87 }
88 return tree;
89 }
90
get_tree(struct audit_tree * tree)91 static inline void get_tree(struct audit_tree *tree)
92 {
93 atomic_inc(&tree->count);
94 }
95
put_tree(struct audit_tree * tree)96 static inline void put_tree(struct audit_tree *tree)
97 {
98 if (atomic_dec_and_test(&tree->count))
99 kfree_rcu(tree, head);
100 }
101
102 /* to avoid bringing the entire thing in audit.h */
audit_tree_path(struct audit_tree * tree)103 const char *audit_tree_path(struct audit_tree *tree)
104 {
105 return tree->pathname;
106 }
107
free_chunk(struct audit_chunk * chunk)108 static void free_chunk(struct audit_chunk *chunk)
109 {
110 int i;
111
112 for (i = 0; i < chunk->count; i++) {
113 if (chunk->owners[i].owner)
114 put_tree(chunk->owners[i].owner);
115 }
116 kfree(chunk);
117 }
118
audit_put_chunk(struct audit_chunk * chunk)119 void audit_put_chunk(struct audit_chunk *chunk)
120 {
121 if (atomic_long_dec_and_test(&chunk->refs))
122 free_chunk(chunk);
123 }
124
__put_chunk(struct rcu_head * rcu)125 static void __put_chunk(struct rcu_head *rcu)
126 {
127 struct audit_chunk *chunk = container_of(rcu, struct audit_chunk, head);
128 audit_put_chunk(chunk);
129 }
130
audit_tree_destroy_watch(struct fsnotify_mark * entry)131 static void audit_tree_destroy_watch(struct fsnotify_mark *entry)
132 {
133 struct audit_chunk *chunk = container_of(entry, struct audit_chunk, mark);
134 call_rcu(&chunk->head, __put_chunk);
135 }
136
alloc_chunk(int count)137 static struct audit_chunk *alloc_chunk(int count)
138 {
139 struct audit_chunk *chunk;
140 size_t size;
141 int i;
142
143 size = offsetof(struct audit_chunk, owners) + count * sizeof(struct node);
144 chunk = kzalloc(size, GFP_KERNEL);
145 if (!chunk)
146 return NULL;
147
148 INIT_LIST_HEAD(&chunk->hash);
149 INIT_LIST_HEAD(&chunk->trees);
150 chunk->count = count;
151 atomic_long_set(&chunk->refs, 1);
152 for (i = 0; i < count; i++) {
153 INIT_LIST_HEAD(&chunk->owners[i].list);
154 chunk->owners[i].index = i;
155 }
156 fsnotify_init_mark(&chunk->mark, audit_tree_destroy_watch);
157 chunk->mark.mask = FS_IN_IGNORED;
158 return chunk;
159 }
160
161 enum {HASH_SIZE = 128};
162 static struct list_head chunk_hash_heads[HASH_SIZE];
163 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(hash_lock);
164
chunk_hash(const struct inode * inode)165 static inline struct list_head *chunk_hash(const struct inode *inode)
166 {
167 unsigned long n = (unsigned long)inode / L1_CACHE_BYTES;
168 return chunk_hash_heads + n % HASH_SIZE;
169 }
170
171 /* hash_lock & entry->lock is held by caller */
insert_hash(struct audit_chunk * chunk)172 static void insert_hash(struct audit_chunk *chunk)
173 {
174 struct fsnotify_mark *entry = &chunk->mark;
175 struct list_head *list;
176
177 if (!entry->i.inode)
178 return;
179 list = chunk_hash(entry->i.inode);
180 list_add_rcu(&chunk->hash, list);
181 }
182
183 /* called under rcu_read_lock */
audit_tree_lookup(const struct inode * inode)184 struct audit_chunk *audit_tree_lookup(const struct inode *inode)
185 {
186 struct list_head *list = chunk_hash(inode);
187 struct audit_chunk *p;
188
189 list_for_each_entry_rcu(p, list, hash) {
190 /* mark.inode may have gone NULL, but who cares? */
191 if (p->mark.i.inode == inode) {
192 atomic_long_inc(&p->refs);
193 return p;
194 }
195 }
196 return NULL;
197 }
198
audit_tree_match(struct audit_chunk * chunk,struct audit_tree * tree)199 int audit_tree_match(struct audit_chunk *chunk, struct audit_tree *tree)
200 {
201 int n;
202 for (n = 0; n < chunk->count; n++)
203 if (chunk->owners[n].owner == tree)
204 return 1;
205 return 0;
206 }
207
208 /* tagging and untagging inodes with trees */
209
find_chunk(struct node * p)210 static struct audit_chunk *find_chunk(struct node *p)
211 {
212 int index = p->index & ~(1U<<31);
213 p -= index;
214 return container_of(p, struct audit_chunk, owners[0]);
215 }
216
untag_chunk(struct node * p)217 static void untag_chunk(struct node *p)
218 {
219 struct audit_chunk *chunk = find_chunk(p);
220 struct fsnotify_mark *entry = &chunk->mark;
221 struct audit_chunk *new = NULL;
222 struct audit_tree *owner;
223 int size = chunk->count - 1;
224 int i, j;
225
226 fsnotify_get_mark(entry);
227
228 spin_unlock(&hash_lock);
229
230 if (size)
231 new = alloc_chunk(size);
232
233 spin_lock(&entry->lock);
234 if (chunk->dead || !entry->i.inode) {
235 spin_unlock(&entry->lock);
236 if (new)
237 free_chunk(new);
238 goto out;
239 }
240
241 owner = p->owner;
242
243 if (!size) {
244 chunk->dead = 1;
245 spin_lock(&hash_lock);
246 list_del_init(&chunk->trees);
247 if (owner->root == chunk)
248 owner->root = NULL;
249 list_del_init(&p->list);
250 list_del_rcu(&chunk->hash);
251 spin_unlock(&hash_lock);
252 spin_unlock(&entry->lock);
253 fsnotify_destroy_mark(entry, audit_tree_group);
254 goto out;
255 }
256
257 if (!new)
258 goto Fallback;
259
260 fsnotify_duplicate_mark(&new->mark, entry);
261 if (fsnotify_add_mark(&new->mark, new->mark.group, new->mark.i.inode, NULL, 1)) {
262 fsnotify_put_mark(&new->mark);
263 goto Fallback;
264 }
265
266 chunk->dead = 1;
267 spin_lock(&hash_lock);
268 list_replace_init(&chunk->trees, &new->trees);
269 if (owner->root == chunk) {
270 list_del_init(&owner->same_root);
271 owner->root = NULL;
272 }
273
274 for (i = j = 0; j <= size; i++, j++) {
275 struct audit_tree *s;
276 if (&chunk->owners[j] == p) {
277 list_del_init(&p->list);
278 i--;
279 continue;
280 }
281 s = chunk->owners[j].owner;
282 new->owners[i].owner = s;
283 new->owners[i].index = chunk->owners[j].index - j + i;
284 if (!s) /* result of earlier fallback */
285 continue;
286 get_tree(s);
287 list_replace_init(&chunk->owners[j].list, &new->owners[i].list);
288 }
289
290 list_replace_rcu(&chunk->hash, &new->hash);
291 list_for_each_entry(owner, &new->trees, same_root)
292 owner->root = new;
293 spin_unlock(&hash_lock);
294 spin_unlock(&entry->lock);
295 fsnotify_destroy_mark(entry, audit_tree_group);
296 fsnotify_put_mark(&new->mark); /* drop initial reference */
297 goto out;
298
299 Fallback:
300 // do the best we can
301 spin_lock(&hash_lock);
302 if (owner->root == chunk) {
303 list_del_init(&owner->same_root);
304 owner->root = NULL;
305 }
306 list_del_init(&p->list);
307 p->owner = NULL;
308 put_tree(owner);
309 spin_unlock(&hash_lock);
310 spin_unlock(&entry->lock);
311 out:
312 fsnotify_put_mark(entry);
313 spin_lock(&hash_lock);
314 }
315
create_chunk(struct inode * inode,struct audit_tree * tree)316 static int create_chunk(struct inode *inode, struct audit_tree *tree)
317 {
318 struct fsnotify_mark *entry;
319 struct audit_chunk *chunk = alloc_chunk(1);
320 if (!chunk)
321 return -ENOMEM;
322
323 entry = &chunk->mark;
324 if (fsnotify_add_mark(entry, audit_tree_group, inode, NULL, 0)) {
325 fsnotify_put_mark(entry);
326 return -ENOSPC;
327 }
328
329 spin_lock(&entry->lock);
330 spin_lock(&hash_lock);
331 if (tree->goner) {
332 spin_unlock(&hash_lock);
333 chunk->dead = 1;
334 spin_unlock(&entry->lock);
335 fsnotify_destroy_mark(entry, audit_tree_group);
336 fsnotify_put_mark(entry);
337 return 0;
338 }
339 chunk->owners[0].index = (1U << 31);
340 chunk->owners[0].owner = tree;
341 get_tree(tree);
342 list_add(&chunk->owners[0].list, &tree->chunks);
343 if (!tree->root) {
344 tree->root = chunk;
345 list_add(&tree->same_root, &chunk->trees);
346 }
347 insert_hash(chunk);
348 spin_unlock(&hash_lock);
349 spin_unlock(&entry->lock);
350 fsnotify_put_mark(entry); /* drop initial reference */
351 return 0;
352 }
353
354 /* the first tagged inode becomes root of tree */
tag_chunk(struct inode * inode,struct audit_tree * tree)355 static int tag_chunk(struct inode *inode, struct audit_tree *tree)
356 {
357 struct fsnotify_mark *old_entry, *chunk_entry;
358 struct audit_tree *owner;
359 struct audit_chunk *chunk, *old;
360 struct node *p;
361 int n;
362
363 old_entry = fsnotify_find_inode_mark(audit_tree_group, inode);
364 if (!old_entry)
365 return create_chunk(inode, tree);
366
367 old = container_of(old_entry, struct audit_chunk, mark);
368
369 /* are we already there? */
370 spin_lock(&hash_lock);
371 for (n = 0; n < old->count; n++) {
372 if (old->owners[n].owner == tree) {
373 spin_unlock(&hash_lock);
374 fsnotify_put_mark(old_entry);
375 return 0;
376 }
377 }
378 spin_unlock(&hash_lock);
379
380 chunk = alloc_chunk(old->count + 1);
381 if (!chunk) {
382 fsnotify_put_mark(old_entry);
383 return -ENOMEM;
384 }
385
386 chunk_entry = &chunk->mark;
387
388 spin_lock(&old_entry->lock);
389 if (!old_entry->i.inode) {
390 /* old_entry is being shot, lets just lie */
391 spin_unlock(&old_entry->lock);
392 fsnotify_put_mark(old_entry);
393 free_chunk(chunk);
394 return -ENOENT;
395 }
396
397 fsnotify_duplicate_mark(chunk_entry, old_entry);
398 if (fsnotify_add_mark(chunk_entry, chunk_entry->group, chunk_entry->i.inode, NULL, 1)) {
399 spin_unlock(&old_entry->lock);
400 fsnotify_put_mark(chunk_entry);
401 fsnotify_put_mark(old_entry);
402 return -ENOSPC;
403 }
404
405 /* even though we hold old_entry->lock, this is safe since chunk_entry->lock could NEVER have been grabbed before */
406 spin_lock(&chunk_entry->lock);
407 spin_lock(&hash_lock);
408
409 /* we now hold old_entry->lock, chunk_entry->lock, and hash_lock */
410 if (tree->goner) {
411 spin_unlock(&hash_lock);
412 chunk->dead = 1;
413 spin_unlock(&chunk_entry->lock);
414 spin_unlock(&old_entry->lock);
415
416 fsnotify_destroy_mark(chunk_entry, audit_tree_group);
417
418 fsnotify_put_mark(chunk_entry);
419 fsnotify_put_mark(old_entry);
420 return 0;
421 }
422 list_replace_init(&old->trees, &chunk->trees);
423 for (n = 0, p = chunk->owners; n < old->count; n++, p++) {
424 struct audit_tree *s = old->owners[n].owner;
425 p->owner = s;
426 p->index = old->owners[n].index;
427 if (!s) /* result of fallback in untag */
428 continue;
429 get_tree(s);
430 list_replace_init(&old->owners[n].list, &p->list);
431 }
432 p->index = (chunk->count - 1) | (1U<<31);
433 p->owner = tree;
434 get_tree(tree);
435 list_add(&p->list, &tree->chunks);
436 list_replace_rcu(&old->hash, &chunk->hash);
437 list_for_each_entry(owner, &chunk->trees, same_root)
438 owner->root = chunk;
439 old->dead = 1;
440 if (!tree->root) {
441 tree->root = chunk;
442 list_add(&tree->same_root, &chunk->trees);
443 }
444 spin_unlock(&hash_lock);
445 spin_unlock(&chunk_entry->lock);
446 spin_unlock(&old_entry->lock);
447 fsnotify_destroy_mark(old_entry, audit_tree_group);
448 fsnotify_put_mark(chunk_entry); /* drop initial reference */
449 fsnotify_put_mark(old_entry); /* pair to fsnotify_find mark_entry */
450 return 0;
451 }
452
audit_tree_log_remove_rule(struct audit_krule * rule)453 static void audit_tree_log_remove_rule(struct audit_krule *rule)
454 {
455 struct audit_buffer *ab;
456
457 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE);
458 if (unlikely(!ab))
459 return;
460 audit_log_format(ab, "op=");
461 audit_log_string(ab, "remove_rule");
462 audit_log_format(ab, " dir=");
463 audit_log_untrustedstring(ab, rule->tree->pathname);
464 audit_log_key(ab, rule->filterkey);
465 audit_log_format(ab, " list=%d res=1", rule->listnr);
466 audit_log_end(ab);
467 }
468
kill_rules(struct audit_tree * tree)469 static void kill_rules(struct audit_tree *tree)
470 {
471 struct audit_krule *rule, *next;
472 struct audit_entry *entry;
473
474 list_for_each_entry_safe(rule, next, &tree->rules, rlist) {
475 entry = container_of(rule, struct audit_entry, rule);
476
477 list_del_init(&rule->rlist);
478 if (rule->tree) {
479 /* not a half-baked one */
480 audit_tree_log_remove_rule(rule);
481 rule->tree = NULL;
482 list_del_rcu(&entry->list);
483 list_del(&entry->rule.list);
484 call_rcu(&entry->rcu, audit_free_rule_rcu);
485 }
486 }
487 }
488
489 /*
490 * finish killing struct audit_tree
491 */
prune_one(struct audit_tree * victim)492 static void prune_one(struct audit_tree *victim)
493 {
494 spin_lock(&hash_lock);
495 while (!list_empty(&victim->chunks)) {
496 struct node *p;
497
498 p = list_entry(victim->chunks.next, struct node, list);
499
500 untag_chunk(p);
501 }
502 spin_unlock(&hash_lock);
503 put_tree(victim);
504 }
505
506 /* trim the uncommitted chunks from tree */
507
trim_marked(struct audit_tree * tree)508 static void trim_marked(struct audit_tree *tree)
509 {
510 struct list_head *p, *q;
511 spin_lock(&hash_lock);
512 if (tree->goner) {
513 spin_unlock(&hash_lock);
514 return;
515 }
516 /* reorder */
517 for (p = tree->chunks.next; p != &tree->chunks; p = q) {
518 struct node *node = list_entry(p, struct node, list);
519 q = p->next;
520 if (node->index & (1U<<31)) {
521 list_del_init(p);
522 list_add(p, &tree->chunks);
523 }
524 }
525
526 while (!list_empty(&tree->chunks)) {
527 struct node *node;
528
529 node = list_entry(tree->chunks.next, struct node, list);
530
531 /* have we run out of marked? */
532 if (!(node->index & (1U<<31)))
533 break;
534
535 untag_chunk(node);
536 }
537 if (!tree->root && !tree->goner) {
538 tree->goner = 1;
539 spin_unlock(&hash_lock);
540 mutex_lock(&audit_filter_mutex);
541 kill_rules(tree);
542 list_del_init(&tree->list);
543 mutex_unlock(&audit_filter_mutex);
544 prune_one(tree);
545 } else {
546 spin_unlock(&hash_lock);
547 }
548 }
549
550 static void audit_schedule_prune(void);
551
552 /* called with audit_filter_mutex */
audit_remove_tree_rule(struct audit_krule * rule)553 int audit_remove_tree_rule(struct audit_krule *rule)
554 {
555 struct audit_tree *tree;
556 tree = rule->tree;
557 if (tree) {
558 spin_lock(&hash_lock);
559 list_del_init(&rule->rlist);
560 if (list_empty(&tree->rules) && !tree->goner) {
561 tree->root = NULL;
562 list_del_init(&tree->same_root);
563 tree->goner = 1;
564 list_move(&tree->list, &prune_list);
565 rule->tree = NULL;
566 spin_unlock(&hash_lock);
567 audit_schedule_prune();
568 return 1;
569 }
570 rule->tree = NULL;
571 spin_unlock(&hash_lock);
572 return 1;
573 }
574 return 0;
575 }
576
compare_root(struct vfsmount * mnt,void * arg)577 static int compare_root(struct vfsmount *mnt, void *arg)
578 {
579 return mnt->mnt_root->d_inode == arg;
580 }
581
audit_trim_trees(void)582 void audit_trim_trees(void)
583 {
584 struct list_head cursor;
585
586 mutex_lock(&audit_filter_mutex);
587 list_add(&cursor, &tree_list);
588 while (cursor.next != &tree_list) {
589 struct audit_tree *tree;
590 struct path path;
591 struct vfsmount *root_mnt;
592 struct node *node;
593 int err;
594
595 tree = container_of(cursor.next, struct audit_tree, list);
596 get_tree(tree);
597 list_del(&cursor);
598 list_add(&cursor, &tree->list);
599 mutex_unlock(&audit_filter_mutex);
600
601 err = kern_path(tree->pathname, 0, &path);
602 if (err)
603 goto skip_it;
604
605 root_mnt = collect_mounts(&path);
606 path_put(&path);
607 if (IS_ERR(root_mnt))
608 goto skip_it;
609
610 spin_lock(&hash_lock);
611 list_for_each_entry(node, &tree->chunks, list) {
612 struct audit_chunk *chunk = find_chunk(node);
613 /* this could be NULL if the watch is dying else where... */
614 struct inode *inode = chunk->mark.i.inode;
615 node->index |= 1U<<31;
616 if (iterate_mounts(compare_root, inode, root_mnt))
617 node->index &= ~(1U<<31);
618 }
619 spin_unlock(&hash_lock);
620 trim_marked(tree);
621 drop_collected_mounts(root_mnt);
622 skip_it:
623 put_tree(tree);
624 mutex_lock(&audit_filter_mutex);
625 }
626 list_del(&cursor);
627 mutex_unlock(&audit_filter_mutex);
628 }
629
audit_make_tree(struct audit_krule * rule,char * pathname,u32 op)630 int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op)
631 {
632
633 if (pathname[0] != '/' ||
634 rule->listnr != AUDIT_FILTER_EXIT ||
635 op != Audit_equal ||
636 rule->inode_f || rule->watch || rule->tree)
637 return -EINVAL;
638 rule->tree = alloc_tree(pathname);
639 if (!rule->tree)
640 return -ENOMEM;
641 return 0;
642 }
643
audit_put_tree(struct audit_tree * tree)644 void audit_put_tree(struct audit_tree *tree)
645 {
646 put_tree(tree);
647 }
648
tag_mount(struct vfsmount * mnt,void * arg)649 static int tag_mount(struct vfsmount *mnt, void *arg)
650 {
651 return tag_chunk(mnt->mnt_root->d_inode, arg);
652 }
653
654 /* called with audit_filter_mutex */
audit_add_tree_rule(struct audit_krule * rule)655 int audit_add_tree_rule(struct audit_krule *rule)
656 {
657 struct audit_tree *seed = rule->tree, *tree;
658 struct path path;
659 struct vfsmount *mnt;
660 int err;
661
662 rule->tree = NULL;
663 list_for_each_entry(tree, &tree_list, list) {
664 if (!strcmp(seed->pathname, tree->pathname)) {
665 put_tree(seed);
666 rule->tree = tree;
667 list_add(&rule->rlist, &tree->rules);
668 return 0;
669 }
670 }
671 tree = seed;
672 list_add(&tree->list, &tree_list);
673 list_add(&rule->rlist, &tree->rules);
674 /* do not set rule->tree yet */
675 mutex_unlock(&audit_filter_mutex);
676
677 err = kern_path(tree->pathname, 0, &path);
678 if (err)
679 goto Err;
680 mnt = collect_mounts(&path);
681 path_put(&path);
682 if (IS_ERR(mnt)) {
683 err = PTR_ERR(mnt);
684 goto Err;
685 }
686
687 get_tree(tree);
688 err = iterate_mounts(tag_mount, tree, mnt);
689 drop_collected_mounts(mnt);
690
691 if (!err) {
692 struct node *node;
693 spin_lock(&hash_lock);
694 list_for_each_entry(node, &tree->chunks, list)
695 node->index &= ~(1U<<31);
696 spin_unlock(&hash_lock);
697 } else {
698 trim_marked(tree);
699 goto Err;
700 }
701
702 mutex_lock(&audit_filter_mutex);
703 if (list_empty(&rule->rlist)) {
704 put_tree(tree);
705 return -ENOENT;
706 }
707 rule->tree = tree;
708 put_tree(tree);
709
710 return 0;
711 Err:
712 mutex_lock(&audit_filter_mutex);
713 list_del_init(&tree->list);
714 list_del_init(&tree->rules);
715 put_tree(tree);
716 return err;
717 }
718
audit_tag_tree(char * old,char * new)719 int audit_tag_tree(char *old, char *new)
720 {
721 struct list_head cursor, barrier;
722 int failed = 0;
723 struct path path1, path2;
724 struct vfsmount *tagged;
725 int err;
726
727 err = kern_path(new, 0, &path2);
728 if (err)
729 return err;
730 tagged = collect_mounts(&path2);
731 path_put(&path2);
732 if (IS_ERR(tagged))
733 return PTR_ERR(tagged);
734
735 err = kern_path(old, 0, &path1);
736 if (err) {
737 drop_collected_mounts(tagged);
738 return err;
739 }
740
741 mutex_lock(&audit_filter_mutex);
742 list_add(&barrier, &tree_list);
743 list_add(&cursor, &barrier);
744
745 while (cursor.next != &tree_list) {
746 struct audit_tree *tree;
747 int good_one = 0;
748
749 tree = container_of(cursor.next, struct audit_tree, list);
750 get_tree(tree);
751 list_del(&cursor);
752 list_add(&cursor, &tree->list);
753 mutex_unlock(&audit_filter_mutex);
754
755 err = kern_path(tree->pathname, 0, &path2);
756 if (!err) {
757 good_one = path_is_under(&path1, &path2);
758 path_put(&path2);
759 }
760
761 if (!good_one) {
762 put_tree(tree);
763 mutex_lock(&audit_filter_mutex);
764 continue;
765 }
766
767 failed = iterate_mounts(tag_mount, tree, tagged);
768 if (failed) {
769 put_tree(tree);
770 mutex_lock(&audit_filter_mutex);
771 break;
772 }
773
774 mutex_lock(&audit_filter_mutex);
775 spin_lock(&hash_lock);
776 if (!tree->goner) {
777 list_del(&tree->list);
778 list_add(&tree->list, &tree_list);
779 }
780 spin_unlock(&hash_lock);
781 put_tree(tree);
782 }
783
784 while (barrier.prev != &tree_list) {
785 struct audit_tree *tree;
786
787 tree = container_of(barrier.prev, struct audit_tree, list);
788 get_tree(tree);
789 list_del(&tree->list);
790 list_add(&tree->list, &barrier);
791 mutex_unlock(&audit_filter_mutex);
792
793 if (!failed) {
794 struct node *node;
795 spin_lock(&hash_lock);
796 list_for_each_entry(node, &tree->chunks, list)
797 node->index &= ~(1U<<31);
798 spin_unlock(&hash_lock);
799 } else {
800 trim_marked(tree);
801 }
802
803 put_tree(tree);
804 mutex_lock(&audit_filter_mutex);
805 }
806 list_del(&barrier);
807 list_del(&cursor);
808 mutex_unlock(&audit_filter_mutex);
809 path_put(&path1);
810 drop_collected_mounts(tagged);
811 return failed;
812 }
813
814 /*
815 * That gets run when evict_chunk() ends up needing to kill audit_tree.
816 * Runs from a separate thread.
817 */
prune_tree_thread(void * unused)818 static int prune_tree_thread(void *unused)
819 {
820 mutex_lock(&audit_cmd_mutex);
821 mutex_lock(&audit_filter_mutex);
822
823 while (!list_empty(&prune_list)) {
824 struct audit_tree *victim;
825
826 victim = list_entry(prune_list.next, struct audit_tree, list);
827 list_del_init(&victim->list);
828
829 mutex_unlock(&audit_filter_mutex);
830
831 prune_one(victim);
832
833 mutex_lock(&audit_filter_mutex);
834 }
835
836 mutex_unlock(&audit_filter_mutex);
837 mutex_unlock(&audit_cmd_mutex);
838 return 0;
839 }
840
audit_schedule_prune(void)841 static void audit_schedule_prune(void)
842 {
843 kthread_run(prune_tree_thread, NULL, "audit_prune_tree");
844 }
845
846 /*
847 * ... and that one is done if evict_chunk() decides to delay until the end
848 * of syscall. Runs synchronously.
849 */
audit_kill_trees(struct list_head * list)850 void audit_kill_trees(struct list_head *list)
851 {
852 mutex_lock(&audit_cmd_mutex);
853 mutex_lock(&audit_filter_mutex);
854
855 while (!list_empty(list)) {
856 struct audit_tree *victim;
857
858 victim = list_entry(list->next, struct audit_tree, list);
859 kill_rules(victim);
860 list_del_init(&victim->list);
861
862 mutex_unlock(&audit_filter_mutex);
863
864 prune_one(victim);
865
866 mutex_lock(&audit_filter_mutex);
867 }
868
869 mutex_unlock(&audit_filter_mutex);
870 mutex_unlock(&audit_cmd_mutex);
871 }
872
873 /*
874 * Here comes the stuff asynchronous to auditctl operations
875 */
876
evict_chunk(struct audit_chunk * chunk)877 static void evict_chunk(struct audit_chunk *chunk)
878 {
879 struct audit_tree *owner;
880 struct list_head *postponed = audit_killed_trees();
881 int need_prune = 0;
882 int n;
883
884 if (chunk->dead)
885 return;
886
887 chunk->dead = 1;
888 mutex_lock(&audit_filter_mutex);
889 spin_lock(&hash_lock);
890 while (!list_empty(&chunk->trees)) {
891 owner = list_entry(chunk->trees.next,
892 struct audit_tree, same_root);
893 owner->goner = 1;
894 owner->root = NULL;
895 list_del_init(&owner->same_root);
896 spin_unlock(&hash_lock);
897 if (!postponed) {
898 kill_rules(owner);
899 list_move(&owner->list, &prune_list);
900 need_prune = 1;
901 } else {
902 list_move(&owner->list, postponed);
903 }
904 spin_lock(&hash_lock);
905 }
906 list_del_rcu(&chunk->hash);
907 for (n = 0; n < chunk->count; n++)
908 list_del_init(&chunk->owners[n].list);
909 spin_unlock(&hash_lock);
910 if (need_prune)
911 audit_schedule_prune();
912 mutex_unlock(&audit_filter_mutex);
913 }
914
audit_tree_handle_event(struct fsnotify_group * group,struct inode * to_tell,struct fsnotify_mark * inode_mark,struct fsnotify_mark * vfsmount_mark,u32 mask,void * data,int data_type,const unsigned char * file_name,u32 cookie)915 static int audit_tree_handle_event(struct fsnotify_group *group,
916 struct inode *to_tell,
917 struct fsnotify_mark *inode_mark,
918 struct fsnotify_mark *vfsmount_mark,
919 u32 mask, void *data, int data_type,
920 const unsigned char *file_name, u32 cookie)
921 {
922 return 0;
923 }
924
audit_tree_freeing_mark(struct fsnotify_mark * entry,struct fsnotify_group * group)925 static void audit_tree_freeing_mark(struct fsnotify_mark *entry, struct fsnotify_group *group)
926 {
927 struct audit_chunk *chunk = container_of(entry, struct audit_chunk, mark);
928
929 evict_chunk(chunk);
930
931 /*
932 * We are guaranteed to have at least one reference to the mark from
933 * either the inode or the caller of fsnotify_destroy_mark().
934 */
935 BUG_ON(atomic_read(&entry->refcnt) < 1);
936 }
937
938 static const struct fsnotify_ops audit_tree_ops = {
939 .handle_event = audit_tree_handle_event,
940 .freeing_mark = audit_tree_freeing_mark,
941 };
942
audit_tree_init(void)943 static int __init audit_tree_init(void)
944 {
945 int i;
946
947 audit_tree_group = fsnotify_alloc_group(&audit_tree_ops);
948 if (IS_ERR(audit_tree_group))
949 audit_panic("cannot initialize fsnotify group for rectree watches");
950
951 for (i = 0; i < HASH_SIZE; i++)
952 INIT_LIST_HEAD(&chunk_hash_heads[i]);
953
954 return 0;
955 }
956 __initcall(audit_tree_init);
957