From 1a2c28a865396a50b8fb30c696857110d5a7ca9d Mon Sep 17 00:00:00 2001 From: tappro Date: Thu, 25 Aug 2005 09:36:28 +0000 Subject: [PATCH] b=7390 audit on file didn't work on unlink due to loss of audit setting. Now audit mask is saved in smfs_inode_info also. --- lustre/include/linux/lustre_audit.h | 8 +++---- lustre/include/linux/lustre_smfs.h | 7 ++++++ lustre/smfs/audit.c | 43 ++++++++++++++++++++++++++----------- lustre/smfs/audit_transfer.c | 2 +- 4 files changed, 42 insertions(+), 18 deletions(-) diff --git a/lustre/include/linux/lustre_audit.h b/lustre/include/linux/lustre_audit.h index 05c8153..fe96a56 100644 --- a/lustre/include/linux/lustre_audit.h +++ b/lustre/include/linux/lustre_audit.h @@ -35,7 +35,7 @@ //AUDIT OPCODES, also bit number in audit_setting mask typedef enum { - AUDIT_NONE = 0, + AUDIT_UNKNOWN = 0, AUDIT_CREATE, AUDIT_LINK, AUDIT_UNLINK, @@ -51,9 +51,9 @@ typedef enum { AUDIT_MAX, } audit_op; -#define AUDIT_FAIL AUDIT_MAX -#define AUDIT_DIR (AUDIT_MAX + 1) -#define AUDIT_FS (AUDIT_MAX + 2) +#define AUDIT_FAIL AUDIT_MAX +#define AUDIT_DIR (AUDIT_MAX + 1) +#define AUDIT_FS (AUDIT_MAX + 2) #define AUD_BIT(a) (1 << a) diff --git a/lustre/include/linux/lustre_smfs.h b/lustre/include/linux/lustre_smfs.h index 6533c2a..3ef1a4b 100644 --- a/lustre/include/linux/lustre_smfs.h +++ b/lustre/include/linux/lustre_smfs.h @@ -32,6 +32,12 @@ struct snap_inode_info { int sn_index; /*the inode snap_index*/ ino_t sn_root_ino; /*the root ino of this snap*/ }; + +struct audit_inode_info { + __u64 au_mask; + __u8 au_valid; +}; + struct smfs_inode_info { /* this first part of struct should be the same as in mds_info_info */ //struct lustre_id smi_id; @@ -39,6 +45,7 @@ struct smfs_inode_info { /* smfs part. */ struct inode *smi_inode; __u32 smi_flags; + struct audit_inode_info au_info; struct snap_inode_info sm_sninfo; }; #if 0 diff --git a/lustre/smfs/audit.c b/lustre/smfs/audit.c index 2f365c9..8134204 100644 --- a/lustre/smfs/audit.c +++ b/lustre/smfs/audit.c @@ -43,7 +43,7 @@ static audit_op hook2audit(hook_op hook) { - audit_op opcode = AUDIT_NONE; + audit_op opcode = AUDIT_UNKNOWN; switch (hook) { @@ -82,7 +82,7 @@ static audit_op hook2audit(hook_op hook) return AUDIT_READDIR; default: - return AUDIT_NONE; + break; } return opcode; @@ -125,6 +125,25 @@ struct inode * get_inode_from_hook(hook_op hook, void * msg) return inode; } + +static inline int smfs_get_inode_audit(struct inode *inode, __u64 *mask) +{ + struct fsfilt_operations *fsfilt = S2SMI(inode->i_sb)->sm_cache_fsfilt; + struct smfs_inode_info * smi = I2SMI(inode); + int rc = 0; + + if (smi->au_info.au_valid) + *mask = smi->au_info.au_mask; + else { + rc = fsfilt->fs_get_xattr(I2CI(inode), AUDIT_ATTR_EA, mask, sizeof(*mask)); + if (rc <= 0) + *mask = AUDIT_OFF; + smi->au_info.au_valid = 1; + smi->au_info.au_mask = *mask; + } + return 0; +} + /* is called also from fsfilt_smfs_get_info */ int smfs_get_audit(struct super_block * sb, struct inode * parent, struct inode * inode, __u64 * mask) @@ -158,11 +177,7 @@ int smfs_get_audit(struct super_block * sb, struct inode * parent, RETURN(0); } /* get inode audit EA */ - rc = fsfilt->fs_get_xattr(parent, AUDIT_ATTR_EA, - mask, sizeof(*mask)); - if (rc <= 0) - RETURN(-ENODATA); - + smfs_get_inode_audit(parent, mask); /* check if parent has audit */ if (IS_AUDIT(*mask)) RETURN(0); @@ -170,11 +185,7 @@ int smfs_get_audit(struct super_block * sb, struct inode * parent, if (!inode) RETURN(-ENOENT); - rc = fsfilt->fs_get_xattr(inode, AUDIT_ATTR_EA, - mask, sizeof(*mask)); - if (rc <= 0) - RETURN(-ENODATA); - + smfs_get_inode_audit(inode, mask); if (IS_AUDIT(*mask)) RETURN(0); @@ -261,6 +272,7 @@ int smfs_set_audit(struct super_block * sb, struct inode * inode, { void * handle = NULL; struct fsfilt_operations * fsfilt = S2SMI(sb)->sm_fsfilt; + struct smfs_inode_info *smi = I2SMI(inode); int rc = 0; ENTRY; @@ -277,7 +289,12 @@ int smfs_set_audit(struct super_block * sb, struct inode * inode, if (fsfilt->fs_set_xattr) rc = fsfilt->fs_set_xattr(inode, handle, AUDIT_ATTR_EA, mask, sizeof(*mask)); - + /* save audit EA in inode_info */ + if (rc >= 0) { + smi->au_info.au_mask = *mask; + smi->au_info.au_valid = 1; + } + fsfilt->fs_commit(inode->i_sb, inode, handle, 1); RETURN(rc); diff --git a/lustre/smfs/audit_transfer.c b/lustre/smfs/audit_transfer.c index 5e58b0f..a814ed9 100644 --- a/lustre/smfs/audit_transfer.c +++ b/lustre/smfs/audit_transfer.c @@ -95,7 +95,7 @@ int audit_notify(struct llog_handle *llh, void * arg) } const char *opstr[AUDIT_MAX] = { - [AUDIT_NONE] "null", + [AUDIT_UNKNOWN] "unknown", [AUDIT_CREATE] "create", [AUDIT_LINK] "link", [AUDIT_UNLINK] "unlink", -- 1.8.3.1