return 0;
//if audit is only for failures?
- if (!ret && IS_AUDIT_OP(mask, AUDIT_FAIL))
+ if (ret >= 0 && IS_AUDIT_OP(mask, AUDIT_FAIL))
return 0;
return (IS_AUDIT_OP(mask,op));
return inode;
}
-
+/* is called also from fsfilt_smfs_get_info */
int smfs_get_audit(struct super_block * sb, struct inode * parent,
struct inode * inode, __u64 * mask)
{
struct smfs_super_info * smb = S2SMI(sb);
struct fsfilt_operations *fsfilt = smb->sm_fsfilt;
+ struct obd_device * obd = smb->smsi_exp->exp_obd;
int rc;
struct audit_priv * priv = NULL;
priv = smfs_get_plg_priv(S2SMI(sb), SMFS_PLG_AUDIT);
- //omit __iopen__ dir
+ /* omit __iopen__ dir */
if (parent->i_ino == SMFS_IOPEN_INO)
RETURN(-ENOENT);
RETURN(-ENOENT);
if (IS_AUDIT(priv->a_mask)) {
+ /* no audit for directories on OSS */
+ if (inode && S_ISDIR(inode->i_mode) &&
+ !strcmp(obd->obd_type->typ_name, OBD_FILTER_DEVICENAME))
+ RETURN(-EINVAL);
(*mask) = priv->a_mask;
RETURN(0);
}
- //get inode audit EA
+ /* get inode audit EA */
rc = fsfilt->fs_get_xattr(parent, AUDIT_ATTR_EA,
mask, sizeof(*mask));
if (rc <= 0)
RETURN(-ENODATA);
- //check if parent has audit
+ /* check if parent has audit */
if (IS_AUDIT(*mask))
RETURN(0);
//char name[32];
struct audit_priv * priv;
+ ENTRY;
+
do_gettimeofday(&cur_time);
priv = smfs_get_plg_priv(smb, SMFS_PLG_AUDIT);
#include <linux/lustre_audit.h>
#include "smfs_internal.h"
+static inline int audit_fill_id_rec (char **pbuf, struct inode * inode)
+{
+ struct fsfilt_operations *fsfilt = I2FOPS(inode);
+ struct audit_id_record * rec = (void*)(*pbuf);
+ int len = sizeof(*rec);
+ struct lustre_fid fid;
+ int rc = 0;
+
+ rec->au_num = inode->i_ino;
+ rec->au_type = (S_IFMT & inode->i_mode);
+ rec->au_gen = inode->i_generation;
+
+ //fid & mdsnum
+ rc = fsfilt->fs_get_md(I2CI(inode), &fid, sizeof(fid), EA_SID);
+ if (rc > 0) {
+ rec->au_fid = fid.lf_id;
+ rec->au_mds = fid.lf_group;
+ }
+
+ *pbuf += len;
+ return len;
+}
+
int static audit_mds_create_rec(struct inode * parent, void * arg,
struct audit_priv * priv, char * buffer,
__u32 * type)
#include <linux/lustre_audit.h>
#include "smfs_internal.h"
+static int audit_ost_get_id(struct inode * inode, struct lustre_id * id)
+{
+ struct fsfilt_operations *fsfilt = S2SMI(inode->i_sb)->sm_fsfilt;
+
+ ENTRY;
+ if(fsfilt->fs_get_md(inode, id, sizeof(*id), EA_SID) <= 0)
+ RETURN(-ENODATA);
+ RETURN(0);
+}
+
static int audit_ost_create_rec(struct inode * parent, void * arg,
struct audit_priv * priv, char * buffer,
__u32 * type)
struct audit_record * rec = (void*)buffer;
char * pbuf = buffer + sizeof(*rec);
struct inode * inode = msg->dentry->d_inode;
+ struct lustre_id id;
int len = sizeof(*rec);
- //TODO: useless until lustre inode id is in EA
+ if (audit_ost_get_id(inode, &id) < 0)
+ CERROR("Cannot get lustre id from object EA\n");
+
rec->opcode = AUDIT_CREATE;
- len += audit_fill_id_rec(&pbuf, inode);
+ len += audit_rec_from_id(&pbuf, &id);
*type = SMFS_AUDIT_GEN_REC;
return len;
}
struct audit_record * rec = (void*)buffer;
char * pbuf = buffer + sizeof(*rec);
int len = sizeof(*rec);
+ struct lustre_id id;
- //TODO: useless until lustre inode id is in EA
- rec->opcode = AUDIT_UNLINK;
- len += audit_fill_id_rec(&pbuf, inode);
- len += audit_fill_id_rec(&pbuf, parent);
+ if (audit_ost_get_id(inode, &id) < 0)
+ CERROR("Cannot get lustre id from object EA\n");
+
+ rec->opcode = AUDIT_UNLINK;
+ len += audit_rec_from_id(&pbuf, &id);
+ //len += audit_fill_id_rec(&pbuf, parent);
*type = SMFS_AUDIT_GEN_REC;
return len;
struct audit_record * rec = (void*)buffer;
char * pbuf = buffer + sizeof(*rec);
int len = sizeof(*rec);
+ struct lustre_id id;
- //TODO: useless until lustre inode id is in EA
+ if (audit_ost_get_id(inode, &id) < 0)
+ CERROR("Cannot get lustre id from object EA\n");
+
rec->opcode = AUDIT_SETATTR;
- len += audit_fill_id_rec(&pbuf, inode);
+ len += audit_rec_from_id(&pbuf, &id);
*type = SMFS_AUDIT_GEN_REC;
return len;
static audit_get_op audit_ost_record[HOOK_MAX] = {
[HOOK_SI_READ] audit_ost_rw_rec,
[HOOK_SI_WRITE] audit_ost_rw_rec,
- [HOOK_CREATE] audit_ost_create_rec,
+ [HOOK_CREATE] NULL, /* audit_ost_create_rec, */
[HOOK_UNLINK] audit_ost_unlink_rec,
[HOOK_SETATTR] audit_ost_setattr_rec,
[HOOK_F_SETATTR] audit_ost_setattr_rec
};
#define construct_header(buf, size, rec, id_rec) \
- snprintf(buf, size, "AUDIT:"LPU64":%u/%u:%s:%d:"DLID4":", \
+ snprintf(buf, size, "AUDIT:"LPX64":%u/%u:%s:%d:"DLID4":", \
rec->nid, rec->uid, rec->gid, opstr[rec->opcode], (__s16)rec->result,\
(unsigned long)id_rec->au_fid, (unsigned long)id_rec->au_mds, \
(unsigned long)id_rec->au_num, (unsigned long)id_rec->au_gen);
return len;
}
-static inline int audit_fill_id_rec (char **pbuf, struct inode * inode)
-{
- struct fsfilt_operations *fsfilt = I2FOPS(inode);
- struct audit_id_record * rec = (void*)(*pbuf);
- int len = sizeof(*rec);
- struct lustre_fid fid;
- int rc = 0;
-
- rec->au_num = inode->i_ino;
- rec->au_type = (S_IFMT & inode->i_mode);
- rec->au_gen = inode->i_generation;
-
- //fid & mdsnum
- rc = fsfilt->fs_get_md(I2CI(inode), &fid, sizeof(fid), EA_SID);
- if (rc > 0) {
- rec->au_fid = fid.lf_id;
- rec->au_mds = fid.lf_group;
- }
-
- *pbuf += len;
- return len;
-}
-
static inline int audit_fill_name_rec (char **pbuf, const char * name, int nlen)
{
struct audit_name_record * n_rec = (void*)(*pbuf);