summaryrefslogtreecommitdiff
path: root/kernel/Makefile
diff options
context:
space:
mode:
authorRichard Guy Briggs <rgb@redhat.com>2015-08-05 16:29:36 -0400
committerPaul Moore <pmoore@redhat.com>2015-08-06 16:14:53 -0400
commit7f49294282c49ef426ed05eb4959728524ba140c (patch)
tree6f942f046ecbd173c5fb34b589f4dd41413a6e30 /kernel/Makefile
parent84cb777e67814f2e06a99ff228f743409e9617e9 (diff)
downloadlinux-sh-7f49294282c49ef426ed05eb4959728524ba140c.tar.gz
audit: clean simple fsnotify implementation
This is to be used to audit by executable path rules, but audit watches should be able to share this code eventually. At the moment the audit watch code is a lot more complex. That code only creates one fsnotify watch per parent directory. That 'audit_parent' in turn has a list of 'audit_watches' which contain the name, ino, dev of the specific object we care about. This just creates one fsnotify watch per object we care about. So if you watch 100 inodes in /etc this code will create 100 fsnotify watches on /etc. The audit_watch code will instead create 1 fsnotify watch on /etc (the audit_parent) and then 100 individual watches chained from that fsnotify mark. We should be able to convert the audit_watch code to do one fsnotify mark per watch and simplify things/remove a whole lot of code. After that conversion we should be able to convert the audit_fsnotify code to support that hierarchy if the optimization is necessary. Move the access to the entry for audit_match_signal() to the beginning of the audit_del_rule() function in case the entry found is the same one passed in. This will enable it to be used by audit_autoremove_mark_rule(), kill_rules() and audit_remove_parent_watches(). This is a heavily modified and merged version of two patches originally submitted by Eric Paris. Cc: Peter Moody <peter@hda3.com> Cc: Eric Paris <eparis@redhat.com> Signed-off-by: Richard Guy Briggs <rgb@redhat.com> [PM: added a space after a declaration to keep ./scripts/checkpatch happy] Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'kernel/Makefile')
-rw-r--r--kernel/Makefile2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/Makefile b/kernel/Makefile
index 1408b3353a3c..d7657f5535c9 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -62,7 +62,7 @@ obj-$(CONFIG_SMP) += stop_machine.o
obj-$(CONFIG_KPROBES_SANITY_TEST) += test_kprobes.o
obj-$(CONFIG_AUDIT) += audit.o auditfilter.o
obj-$(CONFIG_AUDITSYSCALL) += auditsc.o
-obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o
+obj-$(CONFIG_AUDIT_WATCH) += audit_watch.o audit_fsnotify.o
obj-$(CONFIG_AUDIT_TREE) += audit_tree.o
obj-$(CONFIG_GCOV_KERNEL) += gcov/
obj-$(CONFIG_KPROBES) += kprobes.o