[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dazuko-devel] Symlink reporting
|
From: |
Sami Tikka |
|
Subject: |
Re: [Dazuko-devel] Symlink reporting |
|
Date: |
Fri, 28 Jan 2005 10:58:14 +0200 |
|
User-agent: |
Mozilla Thunderbird 1.0 (X11/20050103) |
Sami Tikka wrote:
Later we modified our symlink-patch so that symlink access was reported
as an ON_LINK event and the real file reported as an ON_OPEN event.
Anyway, I will send you the patch. Code speaks clearer that words. Or at
least my words...
Here she comes. This patch was made against dazuko 2.0.4-pre2.
I tried to apply the patches against your latest dazuko release but that
did not produce a good version. I define a good version as a version
that sends the name of the symlink to the daemon if a symlink was
accessed. I'll try to find out the problem but I thought I'd send you
this patch just so you can see what I'm getting at.
--
Sami Tikka tel: +358 9 2520 5115
Senior Software Engineer fax: +358 9 2520 5013
F-Secure Corporation http://www.F-Secure.com/
Be Sure.
--- orig/dazuko_linux26.c
+++ mod/dazuko_linux26.c
@@ -52,6 +52,13 @@
int dazuko_register_security(const char *name, struct security_operations
*ops);
int dazuko_unregister_security(const char *name, struct security_operations
*ops);
+
+enum {
+ DPUT_UNSET=0,
+ DPUT_FREE=1,
+ DPUT_DONTFREE=2
+};
+
static struct file_operations fops = {
.owner = THIS_MODULE,
.read = linux_dazuko_device_read,
@@ -342,7 +349,7 @@
if (xfs->inode == NULL)
return 0;
- if (!S_ISREG(xfs->inode->i_mode))
+ if (!S_ISREG(xfs->inode->i_mode) && !S_ISLNK(xfs->inode->i_mode))
return 0;
if (xfs->nd == NULL || xfs->free_full_filename)
@@ -375,12 +382,12 @@
}
/* make sure we don't already have a dentry */
- if (!xfs->dput_dentry)
+ if (xfs->dput_dentry == DPUT_UNSET)
{
xfs->dentry = dget(xfs->nd->dentry);
/* the dentry will need to be put back */
- xfs->dput_dentry = 1;
+ xfs->dput_dentry = DPUT_FREE;
}
rootmnt = mntget(orig_rootmnt);
@@ -460,10 +467,10 @@
dfs->extra_data->free_page_buffer = 0;
}
- if (dfs->extra_data->dput_dentry)
+ if (dfs->extra_data->dput_dentry == DPUT_FREE)
{
dput(dfs->extra_data->dentry);
- dfs->extra_data->dput_dentry = 0;
+ dfs->extra_data->dput_dentry = DPUT_UNSET;
}
if (dfs->extra_data->mntput_vfsmount)
@@ -741,6 +748,7 @@
{
dazuko_bzero(dfs->extra_data, sizeof(struct
xp_file_struct));
+ dfs->extra_data->dput_dentry = DPUT_UNSET;
dfs->extra_data->nd = nd;
dfs->extra_data->inode = inode;
@@ -762,6 +770,67 @@
return 0;
}
+int dazuko_inode_follow_link(struct dentry *dentry, struct nameidata *nd)
+{
+ struct dazuko_file_struct *dfs = NULL;
+ int error = 0;
+ int check_error = 0;
+ struct event_properties event_p;
+ struct xp_daemon_id xp_id;
+
+ xp_id.pid = current->pid;
+ xp_id.ppid = current->parent ? current->parent->pid : 0;
+ xp_id.file = NULL;
+
+ dazuko_bzero(&event_p, sizeof(event_p));
+
+ event_p.flags = 0;
+ event_p.set_flags = 0;
+
+ check_error = dazuko_sys_check(DAZUKO_ON_LINK, 1, &xp_id);
+
+ if (!check_error)
+ {
+ event_p.mode = dentry->d_inode->i_mode;
+ event_p.set_mode = 1;
+ event_p.pid = current->pid;
+ event_p.set_pid = 1;
+ event_p.uid = current->uid;
+ event_p.set_uid = 1;
+
+ dfs = (struct dazuko_file_struct *)xp_malloc(sizeof(struct
dazuko_file_struct));
+ if (dfs != NULL)
+ {
+ dazuko_bzero(dfs, sizeof(struct dazuko_file_struct));
+
+ dfs->extra_data = (struct xp_file_struct
*)xp_malloc(sizeof(struct xp_file_struct));
+ if (dfs->extra_data != NULL)
+ {
+ dazuko_bzero(dfs->extra_data, sizeof(struct
xp_file_struct));
+
+ dfs->extra_data->dentry = dentry;
+ dfs->extra_data->dput_dentry = DPUT_DONTFREE;
+ dfs->extra_data->nd = nd;
+ dfs->extra_data->inode = dentry->d_inode;
+
+ error = dazuko_sys_pre(DAZUKO_ON_LINK, dfs,
&event_p);
+ }
+ else
+ {
+ xp_free(dfs);
+ dfs = NULL;
+ }
+
+ dazuko_file_struct_cleanup(&dfs);
+ }
+ }
+
+ if (error)
+ return XP_ERROR_PERMISSION;
+
+ return 0;
+}
+
inline int xp_sys_hook()
{
struct security_operations dummy_ops;
@@ -816,6 +885,7 @@
memcpy(&dazuko_security_ops, &dazuko_security_default_ops,
sizeof(dazuko_security_ops));
dazuko_security_ops.inode_permission = dazuko_inode_permission;
+ dazuko_security_ops.inode_follow_link = dazuko_inode_follow_link;
if (!got_dummy || register_security(&dazuko_register_security_ops) != 0)
{
--- orig/dazuko_xp.c
+++ mod/dazuko_xp.c
@@ -46,6 +46,7 @@
#define SCAN_ON_CLOSE (access_mask & DAZUKO_ON_CLOSE)
#define SCAN_ON_EXEC (access_mask & DAZUKO_ON_EXEC)
#define SCAN_ON_CLOSE_MODIFIED (access_mask & DAZUKO_ON_CLOSE_MODIFIED)
+#define SCAN_ON_LINK (access_mask & DAZUKO_ON_LINK)
struct path
{
--- orig/dazukoio.h
+++ mod/dazukoio.h
@@ -42,6 +42,7 @@
#define DAZUKO_ON_CLOSE_MODIFIED 8
#define DAZUKO_ON_UNLINK 16
#define DAZUKO_ON_RMDIR 32
+#define DAZUKO_ON_LINK 64
struct dazuko_access
{
--- orig/example_c/example.c
+++ mod/example_c/example.c
@@ -97,6 +97,9 @@
case DAZUKO_ON_RMDIR:
printf("RMDIR ");
break;
+ case DAZUKO_ON_LINK:
+ printf("LINK ");
+ break;
default:
printf("???? event:%d ", acc->event);
break;
@@ -166,7 +169,7 @@
signal(SIGINT, sigterm);
/* set access mask */
- if (dazukoSetAccessMask(DAZUKO_ON_OPEN | DAZUKO_ON_CLOSE |
DAZUKO_ON_CLOSE_MODIFIED | DAZUKO_ON_EXEC | DAZUKO_ON_UNLINK | DAZUKO_ON_RMDIR)
!= 0)
+ if (dazukoSetAccessMask(DAZUKO_ON_OPEN | DAZUKO_ON_CLOSE |
DAZUKO_ON_CLOSE_MODIFIED | DAZUKO_ON_EXEC | DAZUKO_ON_UNLINK | DAZUKO_ON_RMDIR
| DAZUKO_ON_LINK) != 0)
{
printf("error: failed to set access mask\n");
dazukoUnregister();
--- orig/dazuko_linux.c
+++ mod/dazuko_linux.c
@@ -379,7 +379,7 @@
dazuko_bzero(&(xfs->nd), sizeof(struct nameidata));
/* initialize nameidata structure for finding file data */
- if (!path_init(xfs->filename, LOOKUP_FOLLOW | LOOKUP_POSITIVE,
&(xfs->nd)))
+ if (!path_init(xfs->filename, LOOKUP_POSITIVE, &(xfs->nd)))
return 0;
if (!xfs->path_release_nd)
@@ -563,7 +563,8 @@
#endif
{
/* make sure the file is readable */
- if (S_ISREG(dfs->extra_data->dentry->d_inode->i_mode))
+ if (S_ISREG(dfs->extra_data->dentry->d_inode->i_mode) ||
+ S_ISLNK(dfs->extra_data->dentry->d_inode->i_mode))
{
/* make sure we can get the full path */
if (dazuko_get_full_filename(dfs->extra_data))