RETURN(rc);
}
+int mds_audit_perm(struct ptlrpc_request *req, struct inode *inode, audit_op op)
+{
+ struct obd_device *obd = req->rq_export->exp_obd;
+ ptl_nid_t nid = req->rq_peer.peer_id.nid;
+ struct audit_info info = {
+ .name = NULL,
+ .namelen = 0,
+ };
+ int rc = 0;
+
+ ENTRY;
+
+ LASSERT(inode);
+ info.m.nid = nid;
+ info.m.uid = current->uid;
+ info.m.gid = current->gid;
+ info.m.result = -EACCES;
+ info.m.code = op;
+
+ /* failed access, log child id only */
+ mds_pack_inode2id(obd, &info.m.id, inode, 1);
+
+ fsfilt_set_info(obd, inode->i_sb, inode,
+ 10, "audit_info", sizeof(info), (void*)&info);
+
+ RETURN(rc);
+}
+
int mds_audit_open(struct ptlrpc_request *req, struct lustre_id * id,
struct inode *inode, char *name, int namelen, int ret)
{
int mds_audit_open(struct ptlrpc_request *, struct lustre_id *,
struct inode *, char*, int, int);
int mds_audit_reint(struct ptlrpc_request *, struct mds_update_record *);
+int mds_audit_perm(struct ptlrpc_request *, struct inode *, audit_op);
/* mds_acl.c */
struct upcall_cache *__mds_get_global_rmtacl_upcall_cache(void);
int mds_init_rmtacl_upcall_cache(void);
}
switch (cleanup_phase) {
case 2: /* child dentry */
+ if (rc == -EACCES)
+ mds_audit_perm(req, dchild->d_inode, AUDIT_CREATE);
l_dput(dchild);
case 1: /* locked parent dentry */
#ifdef S_PDIROPS
if (!rc)
(void)obd_set_info(mds->mds_dt_exp, strlen("unlinked"),
"unlinked", 0, NULL);
+
switch(cleanup_phase) {
case 5: /* pending_dir semaphore */
up(&mds->mds_pending_dir->d_inode->i_sem);
if (dchild->d_inode && rc && (dchild->d_inode->i_nlink == 0 ||
mds_inode_is_orphan(dchild->d_inode)))
CDEBUG(D_ERROR, "unlink, but return %d\n", rc);
+
+ /* catching failed permissions check for audit */
+ if (rc == -EACCES)
+ mds_audit_perm(req, dchild->d_inode, AUDIT_UNLINK);
+
l_dput(dchild);
l_dput(dchild);
l_dput(dparent);