implement fanotify event info
This commit is contained in:
parent
4ea80a819b
commit
bab60681b3
@ -161,6 +161,8 @@ fn main() -> Result<(), Error> {
|
||||
continue;
|
||||
}
|
||||
for event in events.iter_mut() {
|
||||
if event.mask().is_permission_event() {
|
||||
// permission event
|
||||
let Some(fd) = event.fd() else {
|
||||
if init_flags & (InitFlags::FAN_REPORT_FID | InitFlags::FAN_REPORT_DIR_FID)
|
||||
!= InitFlags::empty()
|
||||
@ -206,10 +208,10 @@ fn main() -> Result<(), Error> {
|
||||
};
|
||||
|
||||
trace!(
|
||||
"++++++++= {:?} {} {:?} {:?}",
|
||||
fd,
|
||||
"++++++++ permission event:{} {:?} {:?} {:?}",
|
||||
event.pid(),
|
||||
event.mask(),
|
||||
fd,
|
||||
path
|
||||
);
|
||||
let arg0 = if let Some(cmdline) = cmdline.as_ref() {
|
||||
@ -238,7 +240,8 @@ fn main() -> Result<(), Error> {
|
||||
}
|
||||
Err(error) => error.kind() == std::io::ErrorKind::NotFound,
|
||||
};
|
||||
if allowed || whitelist.contains(&arg0) || storage_provider.contains(&arg0) {
|
||||
if allowed || whitelist.contains(&arg0) || storage_provider.contains(&arg0)
|
||||
{
|
||||
info!("<<<<< {} allowed", fd.as_raw_fd());
|
||||
if let Err(err) =
|
||||
fan.write_response(FanotifyResponse::new(fd, Response::FAN_ALLOW))
|
||||
@ -264,7 +267,11 @@ fn main() -> Result<(), Error> {
|
||||
fd.as_fd(),
|
||||
Response::FAN_ALLOW,
|
||||
)) {
|
||||
warn!("write response for {} failed: {}", fd.as_raw_fd(), err);
|
||||
warn!(
|
||||
"write response for {} failed: {}",
|
||||
fd.as_raw_fd(),
|
||||
err
|
||||
);
|
||||
}
|
||||
info!(">>>>> {} allowed(defer)", fd.as_raw_fd());
|
||||
}
|
||||
@ -273,6 +280,14 @@ fn main() -> Result<(), Error> {
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
} else {
|
||||
trace!(
|
||||
"++++++++ notification event: {} {:?} {:?}",
|
||||
event.pid(),
|
||||
event.mask(),
|
||||
event.event_info,
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -114,3 +114,12 @@ fa_bitflags! {
|
||||
FAN_EVENT_ON_CHILD; // enable events on direct
|
||||
}
|
||||
}
|
||||
|
||||
impl MaskFlags {
|
||||
pub fn is_permission_event(&self) -> bool {
|
||||
match self.bits() {
|
||||
FAN_OPEN_PERM | FAN_ACCESS | FAN_OPEN_EXEC_PERM => true,
|
||||
_ => false,
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -105,6 +105,53 @@ impl Fanotify {
|
||||
);
|
||||
let event = uninited.assume_init();
|
||||
|
||||
#[repr(C)]
|
||||
union fanotify_event_info {
|
||||
header: libc::fanotify_event_info_header,
|
||||
fid: libc::fanotify_event_info_fid,
|
||||
pidfd: libc::fanotify_event_info_pidfd,
|
||||
error: libc::fanotify_event_info_error,
|
||||
}
|
||||
|
||||
let mut event_info = Vec::new();
|
||||
|
||||
const HEADER_SIZE: usize = std::mem::size_of::<libc::fanotify_event_info_header>();
|
||||
|
||||
let mut header_offset = EVENT_SIZE;
|
||||
while header_offset + HEADER_SIZE < event.event_len as usize {
|
||||
// pre-check
|
||||
let mut uninited: MaybeUninit<fanotify_event_info> = MaybeUninit::uninit();
|
||||
|
||||
std::ptr::copy(
|
||||
buffer.as_ptr().add(offset+EVENT_SIZE),
|
||||
uninited.as_mut_ptr().cast(),
|
||||
EVENT_SIZE,
|
||||
);
|
||||
std::ptr::copy(
|
||||
buffer.as_ptr().add(offset + header_offset),
|
||||
uninited.as_mut_ptr().add(header_offset).cast(),
|
||||
(*uninited.as_ptr()).header.len as usize - HEADER_SIZE,
|
||||
);
|
||||
let event_info_len = (*uninited.as_ptr()).header.len as usize;
|
||||
let event_info_type = (*uninited.as_ptr()).header.info_type;
|
||||
|
||||
match event_info_type {
|
||||
libc::FAN_EVENT_INFO_TYPE_FID | libc::FAN_EVENT_INFO_TYPE_DFID_NAME | libc::FAN_EVENT_INFO_TYPE_DFID=> {
|
||||
event_info.push(EventInfo::Fid(uninited.assume_init().fid));
|
||||
}
|
||||
libc::FAN_EVENT_INFO_TYPE_PIDFD => {
|
||||
event_info.push(EventInfo::PidFd(uninited.assume_init().pidfd));
|
||||
}
|
||||
libc::FAN_EVENT_INFO_TYPE_ERROR => {
|
||||
event_info.push(EventInfo::PidFd(uninited.assume_init().pidfd));
|
||||
}
|
||||
_ => {
|
||||
panic!("unknown fan_event_info_header.type={event_info_type}")
|
||||
}
|
||||
}
|
||||
header_offset += event_info_len;
|
||||
}
|
||||
|
||||
// #define FAN_EVENT_NEXT(meta, len) ((len) -= (meta)->event_len, (struct fanotify_event_metadata*)(((char*)(meta)) + (meta) -> event_len)
|
||||
// meta = FAN_EVENT_NEXT(meta, len) translate to:
|
||||
// len -= meta->event_len; // shrink rest length
|
||||
@ -115,7 +162,7 @@ impl Fanotify {
|
||||
// + (meta) -> event_len // add event_len to move to next
|
||||
// );
|
||||
offset += event.event_len as usize;
|
||||
result.push(Event::new(event));
|
||||
result.push(Event::new(event, event_info));
|
||||
}
|
||||
}
|
||||
|
||||
@ -139,12 +186,17 @@ impl Fanotify {
|
||||
|
||||
pub struct Event {
|
||||
pub fanotify_event_metadata: libc::fanotify_event_metadata,
|
||||
pub event_info: Vec<EventInfo>,
|
||||
}
|
||||
|
||||
impl Event {
|
||||
fn new(fanotify_event_metadata: libc::fanotify_event_metadata) -> Self {
|
||||
fn new(
|
||||
fanotify_event_metadata: libc::fanotify_event_metadata,
|
||||
event_info: Vec<EventInfo>,
|
||||
) -> Self {
|
||||
Self {
|
||||
fanotify_event_metadata,
|
||||
event_info,
|
||||
}
|
||||
}
|
||||
// compatible to nix::sys::fanotify::FanotifyEvent
|
||||
@ -191,6 +243,13 @@ impl Drop for Event {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
pub enum EventInfo {
|
||||
Fid(libc::fanotify_event_info_fid),
|
||||
PidFd(libc::fanotify_event_info_pidfd),
|
||||
Error(libc::fanotify_event_info_error),
|
||||
}
|
||||
|
||||
pub struct Response {
|
||||
inner: libc::fanotify_response,
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user