1 #include "audit.h" 2 #include <linux/fsnotify_backend.h> 3 #include <linux/namei.h> 4 #include <linux/mount.h> 5 #include <linux/kthread.h> 6 #include <linux/slab.h> 7 8 struct audit_tree; 9 struct audit_chunk; 10 11 struct audit_tree { 12 atomic_t count; 13 int goner; 14 struct audit_chunk *root; 15 struct list_head chunks; 16 struct list_head rules; 17 struct list_head list; 18 struct list_head same_root; 19 struct rcu_head head; 20 char pathname[]; 21 }; 22 23 struct audit_chunk { 24 struct list_head hash; 25 struct fsnotify_mark mark; 26 struct list_head trees; /* with root here */ 27 int dead; 28 int count; 29 atomic_long_t refs; 30 struct rcu_head head; 31 struct node { 32 struct list_head list; 33 struct audit_tree *owner; 34 unsigned index; /* index; upper bit indicates 'will prune' */ 35 } owners[]; 36 }; 37 38 static LIST_HEAD(tree_list); 39 static LIST_HEAD(prune_list); 40 41 /* 42 * One struct chunk is attached to each inode of interest. 43 * We replace struct chunk on tagging/untagging. 44 * Rules have pointer to struct audit_tree. 45 * Rules have struct list_head rlist forming a list of rules over 46 * the same tree. 47 * References to struct chunk are collected at audit_inode{,_child}() 48 * time and used in AUDIT_TREE rule matching. 49 * These references are dropped at the same time we are calling 50 * audit_free_names(), etc. 51 * 52 * Cyclic lists galore: 53 * tree.chunks anchors chunk.owners[].list hash_lock 54 * tree.rules anchors rule.rlist audit_filter_mutex 55 * chunk.trees anchors tree.same_root hash_lock 56 * chunk.hash is a hash with middle bits of watch.inode as 57 * a hash function. RCU, hash_lock 58 * 59 * tree is refcounted; one reference for "some rules on rules_list refer to 60 * it", one for each chunk with pointer to it. 61 * 62 * chunk is refcounted by embedded fsnotify_mark + .refs (non-zero refcount 63 * of watch contributes 1 to .refs). 64 * 65 * node.index allows to get from node.list to containing chunk. 66 * MSB of that sucker is stolen to mark taggings that we might have to 67 * revert - several operations have very unpleasant cleanup logics and 68 * that makes a difference. Some. 69 */ 70 71 static struct fsnotify_group *audit_tree_group; 72 73 static struct audit_tree *alloc_tree(const char *s) 74 { 75 struct audit_tree *tree; 76 77 tree = kmalloc(sizeof(struct audit_tree) + strlen(s) + 1, GFP_KERNEL); 78 if (tree) { 79 atomic_set(&tree->count, 1); 80 tree->goner = 0; 81 INIT_LIST_HEAD(&tree->chunks); 82 INIT_LIST_HEAD(&tree->rules); 83 INIT_LIST_HEAD(&tree->list); 84 INIT_LIST_HEAD(&tree->same_root); 85 tree->root = NULL; 86 strcpy(tree->pathname, s); 87 } 88 return tree; 89 } 90 91 static inline void get_tree(struct audit_tree *tree) 92 { 93 atomic_inc(&tree->count); 94 } 95 96 static inline void put_tree(struct audit_tree *tree) 97 { 98 if (atomic_dec_and_test(&tree->count)) 99 kfree_rcu(tree, head); 100 } 101 102 /* to avoid bringing the entire thing in audit.h */ 103 const char *audit_tree_path(struct audit_tree *tree) 104 { 105 return tree->pathname; 106 } 107 108 static void free_chunk(struct audit_chunk *chunk) 109 { 110 int i; 111 112 for (i = 0; i < chunk->count; i++) { 113 if (chunk->owners[i].owner) 114 put_tree(chunk->owners[i].owner); 115 } 116 kfree(chunk); 117 } 118 119 void audit_put_chunk(struct audit_chunk *chunk) 120 { 121 if (atomic_long_dec_and_test(&chunk->refs)) 122 free_chunk(chunk); 123 } 124 125 static void __put_chunk(struct rcu_head *rcu) 126 { 127 struct audit_chunk *chunk = container_of(rcu, struct audit_chunk, head); 128 audit_put_chunk(chunk); 129 } 130 131 static void audit_tree_destroy_watch(struct fsnotify_mark *entry) 132 { 133 struct audit_chunk *chunk = container_of(entry, struct audit_chunk, mark); 134 call_rcu(&chunk->head, __put_chunk); 135 } 136 137 static struct audit_chunk *alloc_chunk(int count) 138 { 139 struct audit_chunk *chunk; 140 size_t size; 141 int i; 142 143 size = offsetof(struct audit_chunk, owners) + count * sizeof(struct node); 144 chunk = kzalloc(size, GFP_KERNEL); 145 if (!chunk) 146 return NULL; 147 148 INIT_LIST_HEAD(&chunk->hash); 149 INIT_LIST_HEAD(&chunk->trees); 150 chunk->count = count; 151 atomic_long_set(&chunk->refs, 1); 152 for (i = 0; i < count; i++) { 153 INIT_LIST_HEAD(&chunk->owners[i].list); 154 chunk->owners[i].index = i; 155 } 156 fsnotify_init_mark(&chunk->mark, audit_tree_destroy_watch); 157 chunk->mark.mask = FS_IN_IGNORED; 158 return chunk; 159 } 160 161 enum {HASH_SIZE = 128}; 162 static struct list_head chunk_hash_heads[HASH_SIZE]; 163 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(hash_lock); 164 165 static inline struct list_head *chunk_hash(const struct inode *inode) 166 { 167 unsigned long n = (unsigned long)inode / L1_CACHE_BYTES; 168 return chunk_hash_heads + n % HASH_SIZE; 169 } 170 171 /* hash_lock & entry->lock is held by caller */ 172 static void insert_hash(struct audit_chunk *chunk) 173 { 174 struct fsnotify_mark *entry = &chunk->mark; 175 struct list_head *list; 176 177 if (!entry->i.inode) 178 return; 179 list = chunk_hash(entry->i.inode); 180 list_add_rcu(&chunk->hash, list); 181 } 182 183 /* called under rcu_read_lock */ 184 struct audit_chunk *audit_tree_lookup(const struct inode *inode) 185 { 186 struct list_head *list = chunk_hash(inode); 187 struct audit_chunk *p; 188 189 list_for_each_entry_rcu(p, list, hash) { 190 /* mark.inode may have gone NULL, but who cares? */ 191 if (p->mark.i.inode == inode) { 192 atomic_long_inc(&p->refs); 193 return p; 194 } 195 } 196 return NULL; 197 } 198 199 int audit_tree_match(struct audit_chunk *chunk, struct audit_tree *tree) 200 { 201 int n; 202 for (n = 0; n < chunk->count; n++) 203 if (chunk->owners[n].owner == tree) 204 return 1; 205 return 0; 206 } 207 208 /* tagging and untagging inodes with trees */ 209 210 static struct audit_chunk *find_chunk(struct node *p) 211 { 212 int index = p->index & ~(1U<<31); 213 p -= index; 214 return container_of(p, struct audit_chunk, owners[0]); 215 } 216 217 static void untag_chunk(struct node *p) 218 { 219 struct audit_chunk *chunk = find_chunk(p); 220 struct fsnotify_mark *entry = &chunk->mark; 221 struct audit_chunk *new = NULL; 222 struct audit_tree *owner; 223 int size = chunk->count - 1; 224 int i, j; 225 226 fsnotify_get_mark(entry); 227 228 spin_unlock(&hash_lock); 229 230 if (size) 231 new = alloc_chunk(size); 232 233 spin_lock(&entry->lock); 234 if (chunk->dead || !entry->i.inode) { 235 spin_unlock(&entry->lock); 236 if (new) 237 free_chunk(new); 238 goto out; 239 } 240 241 owner = p->owner; 242 243 if (!size) { 244 chunk->dead = 1; 245 spin_lock(&hash_lock); 246 list_del_init(&chunk->trees); 247 if (owner->root == chunk) 248 owner->root = NULL; 249 list_del_init(&p->list); 250 list_del_rcu(&chunk->hash); 251 spin_unlock(&hash_lock); 252 spin_unlock(&entry->lock); 253 fsnotify_destroy_mark(entry, audit_tree_group); 254 goto out; 255 } 256 257 if (!new) 258 goto Fallback; 259 260 fsnotify_duplicate_mark(&new->mark, entry); 261 if (fsnotify_add_mark(&new->mark, new->mark.group, new->mark.i.inode, NULL, 1)) { 262 fsnotify_put_mark(&new->mark); 263 goto Fallback; 264 } 265 266 chunk->dead = 1; 267 spin_lock(&hash_lock); 268 list_replace_init(&chunk->trees, &new->trees); 269 if (owner->root == chunk) { 270 list_del_init(&owner->same_root); 271 owner->root = NULL; 272 } 273 274 for (i = j = 0; j <= size; i++, j++) { 275 struct audit_tree *s; 276 if (&chunk->owners[j] == p) { 277 list_del_init(&p->list); 278 i--; 279 continue; 280 } 281 s = chunk->owners[j].owner; 282 new->owners[i].owner = s; 283 new->owners[i].index = chunk->owners[j].index - j + i; 284 if (!s) /* result of earlier fallback */ 285 continue; 286 get_tree(s); 287 list_replace_init(&chunk->owners[j].list, &new->owners[i].list); 288 } 289 290 list_replace_rcu(&chunk->hash, &new->hash); 291 list_for_each_entry(owner, &new->trees, same_root) 292 owner->root = new; 293 spin_unlock(&hash_lock); 294 spin_unlock(&entry->lock); 295 fsnotify_destroy_mark(entry, audit_tree_group); 296 fsnotify_put_mark(&new->mark); /* drop initial reference */ 297 goto out; 298 299 Fallback: 300 // do the best we can 301 spin_lock(&hash_lock); 302 if (owner->root == chunk) { 303 list_del_init(&owner->same_root); 304 owner->root = NULL; 305 } 306 list_del_init(&p->list); 307 p->owner = NULL; 308 put_tree(owner); 309 spin_unlock(&hash_lock); 310 spin_unlock(&entry->lock); 311 out: 312 fsnotify_put_mark(entry); 313 spin_lock(&hash_lock); 314 } 315 316 static int create_chunk(struct inode *inode, struct audit_tree *tree) 317 { 318 struct fsnotify_mark *entry; 319 struct audit_chunk *chunk = alloc_chunk(1); 320 if (!chunk) 321 return -ENOMEM; 322 323 entry = &chunk->mark; 324 if (fsnotify_add_mark(entry, audit_tree_group, inode, NULL, 0)) { 325 fsnotify_put_mark(entry); 326 return -ENOSPC; 327 } 328 329 spin_lock(&entry->lock); 330 spin_lock(&hash_lock); 331 if (tree->goner) { 332 spin_unlock(&hash_lock); 333 chunk->dead = 1; 334 spin_unlock(&entry->lock); 335 fsnotify_destroy_mark(entry, audit_tree_group); 336 fsnotify_put_mark(entry); 337 return 0; 338 } 339 chunk->owners[0].index = (1U << 31); 340 chunk->owners[0].owner = tree; 341 get_tree(tree); 342 list_add(&chunk->owners[0].list, &tree->chunks); 343 if (!tree->root) { 344 tree->root = chunk; 345 list_add(&tree->same_root, &chunk->trees); 346 } 347 insert_hash(chunk); 348 spin_unlock(&hash_lock); 349 spin_unlock(&entry->lock); 350 fsnotify_put_mark(entry); /* drop initial reference */ 351 return 0; 352 } 353 354 /* the first tagged inode becomes root of tree */ 355 static int tag_chunk(struct inode *inode, struct audit_tree *tree) 356 { 357 struct fsnotify_mark *old_entry, *chunk_entry; 358 struct audit_tree *owner; 359 struct audit_chunk *chunk, *old; 360 struct node *p; 361 int n; 362 363 old_entry = fsnotify_find_inode_mark(audit_tree_group, inode); 364 if (!old_entry) 365 return create_chunk(inode, tree); 366 367 old = container_of(old_entry, struct audit_chunk, mark); 368 369 /* are we already there? */ 370 spin_lock(&hash_lock); 371 for (n = 0; n < old->count; n++) { 372 if (old->owners[n].owner == tree) { 373 spin_unlock(&hash_lock); 374 fsnotify_put_mark(old_entry); 375 return 0; 376 } 377 } 378 spin_unlock(&hash_lock); 379 380 chunk = alloc_chunk(old->count + 1); 381 if (!chunk) { 382 fsnotify_put_mark(old_entry); 383 return -ENOMEM; 384 } 385 386 chunk_entry = &chunk->mark; 387 388 spin_lock(&old_entry->lock); 389 if (!old_entry->i.inode) { 390 /* old_entry is being shot, lets just lie */ 391 spin_unlock(&old_entry->lock); 392 fsnotify_put_mark(old_entry); 393 free_chunk(chunk); 394 return -ENOENT; 395 } 396 397 fsnotify_duplicate_mark(chunk_entry, old_entry); 398 if (fsnotify_add_mark(chunk_entry, chunk_entry->group, chunk_entry->i.inode, NULL, 1)) { 399 spin_unlock(&old_entry->lock); 400 fsnotify_put_mark(chunk_entry); 401 fsnotify_put_mark(old_entry); 402 return -ENOSPC; 403 } 404 405 /* even though we hold old_entry->lock, this is safe since chunk_entry->lock could NEVER have been grabbed before */ 406 spin_lock(&chunk_entry->lock); 407 spin_lock(&hash_lock); 408 409 /* we now hold old_entry->lock, chunk_entry->lock, and hash_lock */ 410 if (tree->goner) { 411 spin_unlock(&hash_lock); 412 chunk->dead = 1; 413 spin_unlock(&chunk_entry->lock); 414 spin_unlock(&old_entry->lock); 415 416 fsnotify_destroy_mark(chunk_entry, audit_tree_group); 417 418 fsnotify_put_mark(chunk_entry); 419 fsnotify_put_mark(old_entry); 420 return 0; 421 } 422 list_replace_init(&old->trees, &chunk->trees); 423 for (n = 0, p = chunk->owners; n < old->count; n++, p++) { 424 struct audit_tree *s = old->owners[n].owner; 425 p->owner = s; 426 p->index = old->owners[n].index; 427 if (!s) /* result of fallback in untag */ 428 continue; 429 get_tree(s); 430 list_replace_init(&old->owners[n].list, &p->list); 431 } 432 p->index = (chunk->count - 1) | (1U<<31); 433 p->owner = tree; 434 get_tree(tree); 435 list_add(&p->list, &tree->chunks); 436 list_replace_rcu(&old->hash, &chunk->hash); 437 list_for_each_entry(owner, &chunk->trees, same_root) 438 owner->root = chunk; 439 old->dead = 1; 440 if (!tree->root) { 441 tree->root = chunk; 442 list_add(&tree->same_root, &chunk->trees); 443 } 444 spin_unlock(&hash_lock); 445 spin_unlock(&chunk_entry->lock); 446 spin_unlock(&old_entry->lock); 447 fsnotify_destroy_mark(old_entry, audit_tree_group); 448 fsnotify_put_mark(chunk_entry); /* drop initial reference */ 449 fsnotify_put_mark(old_entry); /* pair to fsnotify_find mark_entry */ 450 return 0; 451 } 452 453 static void audit_tree_log_remove_rule(struct audit_krule *rule) 454 { 455 struct audit_buffer *ab; 456 457 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE); 458 if (unlikely(!ab)) 459 return; 460 audit_log_format(ab, "op="); 461 audit_log_string(ab, "remove_rule"); 462 audit_log_format(ab, " dir="); 463 audit_log_untrustedstring(ab, rule->tree->pathname); 464 audit_log_key(ab, rule->filterkey); 465 audit_log_format(ab, " list=%d res=1", rule->listnr); 466 audit_log_end(ab); 467 } 468 469 static void kill_rules(struct audit_tree *tree) 470 { 471 struct audit_krule *rule, *next; 472 struct audit_entry *entry; 473 474 list_for_each_entry_safe(rule, next, &tree->rules, rlist) { 475 entry = container_of(rule, struct audit_entry, rule); 476 477 list_del_init(&rule->rlist); 478 if (rule->tree) { 479 /* not a half-baked one */ 480 audit_tree_log_remove_rule(rule); 481 rule->tree = NULL; 482 list_del_rcu(&entry->list); 483 list_del(&entry->rule.list); 484 call_rcu(&entry->rcu, audit_free_rule_rcu); 485 } 486 } 487 } 488 489 /* 490 * finish killing struct audit_tree 491 */ 492 static void prune_one(struct audit_tree *victim) 493 { 494 spin_lock(&hash_lock); 495 while (!list_empty(&victim->chunks)) { 496 struct node *p; 497 498 p = list_entry(victim->chunks.next, struct node, list); 499 500 untag_chunk(p); 501 } 502 spin_unlock(&hash_lock); 503 put_tree(victim); 504 } 505 506 /* trim the uncommitted chunks from tree */ 507 508 static void trim_marked(struct audit_tree *tree) 509 { 510 struct list_head *p, *q; 511 spin_lock(&hash_lock); 512 if (tree->goner) { 513 spin_unlock(&hash_lock); 514 return; 515 } 516 /* reorder */ 517 for (p = tree->chunks.next; p != &tree->chunks; p = q) { 518 struct node *node = list_entry(p, struct node, list); 519 q = p->next; 520 if (node->index & (1U<<31)) { 521 list_del_init(p); 522 list_add(p, &tree->chunks); 523 } 524 } 525 526 while (!list_empty(&tree->chunks)) { 527 struct node *node; 528 529 node = list_entry(tree->chunks.next, struct node, list); 530 531 /* have we run out of marked? */ 532 if (!(node->index & (1U<<31))) 533 break; 534 535 untag_chunk(node); 536 } 537 if (!tree->root && !tree->goner) { 538 tree->goner = 1; 539 spin_unlock(&hash_lock); 540 mutex_lock(&audit_filter_mutex); 541 kill_rules(tree); 542 list_del_init(&tree->list); 543 mutex_unlock(&audit_filter_mutex); 544 prune_one(tree); 545 } else { 546 spin_unlock(&hash_lock); 547 } 548 } 549 550 static void audit_schedule_prune(void); 551 552 /* called with audit_filter_mutex */ 553 int audit_remove_tree_rule(struct audit_krule *rule) 554 { 555 struct audit_tree *tree; 556 tree = rule->tree; 557 if (tree) { 558 spin_lock(&hash_lock); 559 list_del_init(&rule->rlist); 560 if (list_empty(&tree->rules) && !tree->goner) { 561 tree->root = NULL; 562 list_del_init(&tree->same_root); 563 tree->goner = 1; 564 list_move(&tree->list, &prune_list); 565 rule->tree = NULL; 566 spin_unlock(&hash_lock); 567 audit_schedule_prune(); 568 return 1; 569 } 570 rule->tree = NULL; 571 spin_unlock(&hash_lock); 572 return 1; 573 } 574 return 0; 575 } 576 577 static int compare_root(struct vfsmount *mnt, void *arg) 578 { 579 return mnt->mnt_root->d_inode == arg; 580 } 581 582 void audit_trim_trees(void) 583 { 584 struct list_head cursor; 585 586 mutex_lock(&audit_filter_mutex); 587 list_add(&cursor, &tree_list); 588 while (cursor.next != &tree_list) { 589 struct audit_tree *tree; 590 struct path path; 591 struct vfsmount *root_mnt; 592 struct node *node; 593 int err; 594 595 tree = container_of(cursor.next, struct audit_tree, list); 596 get_tree(tree); 597 list_del(&cursor); 598 list_add(&cursor, &tree->list); 599 mutex_unlock(&audit_filter_mutex); 600 601 err = kern_path(tree->pathname, 0, &path); 602 if (err) 603 goto skip_it; 604 605 root_mnt = collect_mounts(&path); 606 path_put(&path); 607 if (IS_ERR(root_mnt)) 608 goto skip_it; 609 610 spin_lock(&hash_lock); 611 list_for_each_entry(node, &tree->chunks, list) { 612 struct audit_chunk *chunk = find_chunk(node); 613 /* this could be NULL if the watch is dying else where... */ 614 struct inode *inode = chunk->mark.i.inode; 615 node->index |= 1U<<31; 616 if (iterate_mounts(compare_root, inode, root_mnt)) 617 node->index &= ~(1U<<31); 618 } 619 spin_unlock(&hash_lock); 620 trim_marked(tree); 621 drop_collected_mounts(root_mnt); 622 skip_it: 623 put_tree(tree); 624 mutex_lock(&audit_filter_mutex); 625 } 626 list_del(&cursor); 627 mutex_unlock(&audit_filter_mutex); 628 } 629 630 int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op) 631 { 632 633 if (pathname[0] != '/' || 634 rule->listnr != AUDIT_FILTER_EXIT || 635 op != Audit_equal || 636 rule->inode_f || rule->watch || rule->tree) 637 return -EINVAL; 638 rule->tree = alloc_tree(pathname); 639 if (!rule->tree) 640 return -ENOMEM; 641 return 0; 642 } 643 644 void audit_put_tree(struct audit_tree *tree) 645 { 646 put_tree(tree); 647 } 648 649 static int tag_mount(struct vfsmount *mnt, void *arg) 650 { 651 return tag_chunk(mnt->mnt_root->d_inode, arg); 652 } 653 654 /* called with audit_filter_mutex */ 655 int audit_add_tree_rule(struct audit_krule *rule) 656 { 657 struct audit_tree *seed = rule->tree, *tree; 658 struct path path; 659 struct vfsmount *mnt; 660 int err; 661 662 rule->tree = NULL; 663 list_for_each_entry(tree, &tree_list, list) { 664 if (!strcmp(seed->pathname, tree->pathname)) { 665 put_tree(seed); 666 rule->tree = tree; 667 list_add(&rule->rlist, &tree->rules); 668 return 0; 669 } 670 } 671 tree = seed; 672 list_add(&tree->list, &tree_list); 673 list_add(&rule->rlist, &tree->rules); 674 /* do not set rule->tree yet */ 675 mutex_unlock(&audit_filter_mutex); 676 677 err = kern_path(tree->pathname, 0, &path); 678 if (err) 679 goto Err; 680 mnt = collect_mounts(&path); 681 path_put(&path); 682 if (IS_ERR(mnt)) { 683 err = PTR_ERR(mnt); 684 goto Err; 685 } 686 687 get_tree(tree); 688 err = iterate_mounts(tag_mount, tree, mnt); 689 drop_collected_mounts(mnt); 690 691 if (!err) { 692 struct node *node; 693 spin_lock(&hash_lock); 694 list_for_each_entry(node, &tree->chunks, list) 695 node->index &= ~(1U<<31); 696 spin_unlock(&hash_lock); 697 } else { 698 trim_marked(tree); 699 goto Err; 700 } 701 702 mutex_lock(&audit_filter_mutex); 703 if (list_empty(&rule->rlist)) { 704 put_tree(tree); 705 return -ENOENT; 706 } 707 rule->tree = tree; 708 put_tree(tree); 709 710 return 0; 711 Err: 712 mutex_lock(&audit_filter_mutex); 713 list_del_init(&tree->list); 714 list_del_init(&tree->rules); 715 put_tree(tree); 716 return err; 717 } 718 719 int audit_tag_tree(char *old, char *new) 720 { 721 struct list_head cursor, barrier; 722 int failed = 0; 723 struct path path1, path2; 724 struct vfsmount *tagged; 725 int err; 726 727 err = kern_path(new, 0, &path2); 728 if (err) 729 return err; 730 tagged = collect_mounts(&path2); 731 path_put(&path2); 732 if (IS_ERR(tagged)) 733 return PTR_ERR(tagged); 734 735 err = kern_path(old, 0, &path1); 736 if (err) { 737 drop_collected_mounts(tagged); 738 return err; 739 } 740 741 mutex_lock(&audit_filter_mutex); 742 list_add(&barrier, &tree_list); 743 list_add(&cursor, &barrier); 744 745 while (cursor.next != &tree_list) { 746 struct audit_tree *tree; 747 int good_one = 0; 748 749 tree = container_of(cursor.next, struct audit_tree, list); 750 get_tree(tree); 751 list_del(&cursor); 752 list_add(&cursor, &tree->list); 753 mutex_unlock(&audit_filter_mutex); 754 755 err = kern_path(tree->pathname, 0, &path2); 756 if (!err) { 757 good_one = path_is_under(&path1, &path2); 758 path_put(&path2); 759 } 760 761 if (!good_one) { 762 put_tree(tree); 763 mutex_lock(&audit_filter_mutex); 764 continue; 765 } 766 767 failed = iterate_mounts(tag_mount, tree, tagged); 768 if (failed) { 769 put_tree(tree); 770 mutex_lock(&audit_filter_mutex); 771 break; 772 } 773 774 mutex_lock(&audit_filter_mutex); 775 spin_lock(&hash_lock); 776 if (!tree->goner) { 777 list_del(&tree->list); 778 list_add(&tree->list, &tree_list); 779 } 780 spin_unlock(&hash_lock); 781 put_tree(tree); 782 } 783 784 while (barrier.prev != &tree_list) { 785 struct audit_tree *tree; 786 787 tree = container_of(barrier.prev, struct audit_tree, list); 788 get_tree(tree); 789 list_del(&tree->list); 790 list_add(&tree->list, &barrier); 791 mutex_unlock(&audit_filter_mutex); 792 793 if (!failed) { 794 struct node *node; 795 spin_lock(&hash_lock); 796 list_for_each_entry(node, &tree->chunks, list) 797 node->index &= ~(1U<<31); 798 spin_unlock(&hash_lock); 799 } else { 800 trim_marked(tree); 801 } 802 803 put_tree(tree); 804 mutex_lock(&audit_filter_mutex); 805 } 806 list_del(&barrier); 807 list_del(&cursor); 808 mutex_unlock(&audit_filter_mutex); 809 path_put(&path1); 810 drop_collected_mounts(tagged); 811 return failed; 812 } 813 814 /* 815 * That gets run when evict_chunk() ends up needing to kill audit_tree. 816 * Runs from a separate thread. 817 */ 818 static int prune_tree_thread(void *unused) 819 { 820 mutex_lock(&audit_cmd_mutex); 821 mutex_lock(&audit_filter_mutex); 822 823 while (!list_empty(&prune_list)) { 824 struct audit_tree *victim; 825 826 victim = list_entry(prune_list.next, struct audit_tree, list); 827 list_del_init(&victim->list); 828 829 mutex_unlock(&audit_filter_mutex); 830 831 prune_one(victim); 832 833 mutex_lock(&audit_filter_mutex); 834 } 835 836 mutex_unlock(&audit_filter_mutex); 837 mutex_unlock(&audit_cmd_mutex); 838 return 0; 839 } 840 841 static void audit_schedule_prune(void) 842 { 843 kthread_run(prune_tree_thread, NULL, "audit_prune_tree"); 844 } 845 846 /* 847 * ... and that one is done if evict_chunk() decides to delay until the end 848 * of syscall. Runs synchronously. 849 */ 850 void audit_kill_trees(struct list_head *list) 851 { 852 mutex_lock(&audit_cmd_mutex); 853 mutex_lock(&audit_filter_mutex); 854 855 while (!list_empty(list)) { 856 struct audit_tree *victim; 857 858 victim = list_entry(list->next, struct audit_tree, list); 859 kill_rules(victim); 860 list_del_init(&victim->list); 861 862 mutex_unlock(&audit_filter_mutex); 863 864 prune_one(victim); 865 866 mutex_lock(&audit_filter_mutex); 867 } 868 869 mutex_unlock(&audit_filter_mutex); 870 mutex_unlock(&audit_cmd_mutex); 871 } 872 873 /* 874 * Here comes the stuff asynchronous to auditctl operations 875 */ 876 877 static void evict_chunk(struct audit_chunk *chunk) 878 { 879 struct audit_tree *owner; 880 struct list_head *postponed = audit_killed_trees(); 881 int need_prune = 0; 882 int n; 883 884 if (chunk->dead) 885 return; 886 887 chunk->dead = 1; 888 mutex_lock(&audit_filter_mutex); 889 spin_lock(&hash_lock); 890 while (!list_empty(&chunk->trees)) { 891 owner = list_entry(chunk->trees.next, 892 struct audit_tree, same_root); 893 owner->goner = 1; 894 owner->root = NULL; 895 list_del_init(&owner->same_root); 896 spin_unlock(&hash_lock); 897 if (!postponed) { 898 kill_rules(owner); 899 list_move(&owner->list, &prune_list); 900 need_prune = 1; 901 } else { 902 list_move(&owner->list, postponed); 903 } 904 spin_lock(&hash_lock); 905 } 906 list_del_rcu(&chunk->hash); 907 for (n = 0; n < chunk->count; n++) 908 list_del_init(&chunk->owners[n].list); 909 spin_unlock(&hash_lock); 910 if (need_prune) 911 audit_schedule_prune(); 912 mutex_unlock(&audit_filter_mutex); 913 } 914 915 static int audit_tree_handle_event(struct fsnotify_group *group, 916 struct inode *to_tell, 917 struct fsnotify_mark *inode_mark, 918 struct fsnotify_mark *vfsmount_mark, 919 u32 mask, void *data, int data_type, 920 const unsigned char *file_name, u32 cookie) 921 { 922 return 0; 923 } 924 925 static void audit_tree_freeing_mark(struct fsnotify_mark *entry, struct fsnotify_group *group) 926 { 927 struct audit_chunk *chunk = container_of(entry, struct audit_chunk, mark); 928 929 evict_chunk(chunk); 930 931 /* 932 * We are guaranteed to have at least one reference to the mark from 933 * either the inode or the caller of fsnotify_destroy_mark(). 934 */ 935 BUG_ON(atomic_read(&entry->refcnt) < 1); 936 } 937 938 static const struct fsnotify_ops audit_tree_ops = { 939 .handle_event = audit_tree_handle_event, 940 .freeing_mark = audit_tree_freeing_mark, 941 }; 942 943 static int __init audit_tree_init(void) 944 { 945 int i; 946 947 audit_tree_group = fsnotify_alloc_group(&audit_tree_ops); 948 if (IS_ERR(audit_tree_group)) 949 audit_panic("cannot initialize fsnotify group for rectree watches"); 950 951 for (i = 0; i < HASH_SIZE; i++) 952 INIT_LIST_HEAD(&chunk_hash_heads[i]); 953 954 return 0; 955 } 956 __initcall(audit_tree_init); 957