uapi/linux/fanotify.h

0001 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
0002 #ifndef _UAPI_LINUX_FANOTIFY_H
0003 #define _UAPI_LINUX_FANOTIFY_H
0004
0005 #include <linux/types.h>
0006
0007 /* the following events that user-space can register for */
0008 #define FAN_ACCESS      0x00000001  /* File was accessed */
0009 #define FAN_MODIFY      0x00000002  /* File was modified */
0010 #define FAN_ATTRIB      0x00000004  /* Metadata changed */
0011 #define FAN_CLOSE_WRITE     0x00000008  /* Writtable file closed */
0012 #define FAN_CLOSE_NOWRITE   0x00000010  /* Unwrittable file closed */
0013 #define FAN_OPEN        0x00000020  /* File was opened */
0014 #define FAN_MOVED_FROM      0x00000040  /* File was moved from X */
0015 #define FAN_MOVED_TO        0x00000080  /* File was moved to Y */
0016 #define FAN_CREATE      0x00000100  /* Subfile was created */
0017 #define FAN_DELETE      0x00000200  /* Subfile was deleted */
0018 #define FAN_DELETE_SELF     0x00000400  /* Self was deleted */
0019 #define FAN_MOVE_SELF       0x00000800  /* Self was moved */
0020 #define FAN_OPEN_EXEC       0x00001000  /* File was opened for exec */
0021
0022 #define FAN_Q_OVERFLOW      0x00004000  /* Event queued overflowed */
0023 #define FAN_FS_ERROR        0x00008000  /* Filesystem error */
0024
0025 #define FAN_OPEN_PERM       0x00010000  /* File open in perm check */
0026 #define FAN_ACCESS_PERM     0x00020000  /* File accessed in perm check */
0027 #define FAN_OPEN_EXEC_PERM  0x00040000  /* File open/exec in perm check */
0028
0029 #define FAN_EVENT_ON_CHILD  0x08000000  /* Interested in child events */
0030
0031 #define FAN_RENAME      0x10000000  /* File was renamed */
0032
0033 #define FAN_ONDIR       0x40000000  /* Event occurred against dir */
0034
0035 /* helper events */
0036 #define FAN_CLOSE       (FAN_CLOSE_WRITE | FAN_CLOSE_NOWRITE) /* close */
0037 #define FAN_MOVE        (FAN_MOVED_FROM | FAN_MOVED_TO) /* moves */
0038
0039 /* flags used for fanotify_init() */
0040 #define FAN_CLOEXEC     0x00000001
0041 #define FAN_NONBLOCK        0x00000002
0042
0043 /* These are NOT bitwise flags.  Both bits are used together.  */
0044 #define FAN_CLASS_NOTIF     0x00000000
0045 #define FAN_CLASS_CONTENT   0x00000004
0046 #define FAN_CLASS_PRE_CONTENT   0x00000008
0047
0048 /* Deprecated - do not use this in programs and do not add new flags here! */
0049 #define FAN_ALL_CLASS_BITS  (FAN_CLASS_NOTIF | FAN_CLASS_CONTENT | \
0050                  FAN_CLASS_PRE_CONTENT)
0051
0052 #define FAN_UNLIMITED_QUEUE 0x00000010
0053 #define FAN_UNLIMITED_MARKS 0x00000020
0054 #define FAN_ENABLE_AUDIT    0x00000040
0055
0056 /* Flags to determine fanotify event format */
0057 #define FAN_REPORT_PIDFD    0x00000080  /* Report pidfd for event->pid */
0058 #define FAN_REPORT_TID      0x00000100  /* event->pid is thread id */
0059 #define FAN_REPORT_FID      0x00000200  /* Report unique file id */
0060 #define FAN_REPORT_DIR_FID  0x00000400  /* Report unique directory id */
0061 #define FAN_REPORT_NAME     0x00000800  /* Report events with name */
0062 #define FAN_REPORT_TARGET_FID   0x00001000  /* Report dirent target id  */
0063
0064 /* Convenience macro - FAN_REPORT_NAME requires FAN_REPORT_DIR_FID */
0065 #define FAN_REPORT_DFID_NAME    (FAN_REPORT_DIR_FID | FAN_REPORT_NAME)
0066 /* Convenience macro - FAN_REPORT_TARGET_FID requires all other FID flags */
0067 #define FAN_REPORT_DFID_NAME_TARGET (FAN_REPORT_DFID_NAME | \
0068                      FAN_REPORT_FID | FAN_REPORT_TARGET_FID)
0069
0070 /* Deprecated - do not use this in programs and do not add new flags here! */
0071 #define FAN_ALL_INIT_FLAGS  (FAN_CLOEXEC | FAN_NONBLOCK | \
0072                  FAN_ALL_CLASS_BITS | FAN_UNLIMITED_QUEUE |\
0073                  FAN_UNLIMITED_MARKS)
0074
0075 /* flags used for fanotify_modify_mark() */
0076 #define FAN_MARK_ADD        0x00000001
0077 #define FAN_MARK_REMOVE     0x00000002
0078 #define FAN_MARK_DONT_FOLLOW    0x00000004
0079 #define FAN_MARK_ONLYDIR    0x00000008
0080 /* FAN_MARK_MOUNT is        0x00000010 */
0081 #define FAN_MARK_IGNORED_MASK   0x00000020
0082 #define FAN_MARK_IGNORED_SURV_MODIFY    0x00000040
0083 #define FAN_MARK_FLUSH      0x00000080
0084 /* FAN_MARK_FILESYSTEM is   0x00000100 */
0085 #define FAN_MARK_EVICTABLE  0x00000200
0086 /* This bit is mutually exclusive with FAN_MARK_IGNORED_MASK bit */
0087 #define FAN_MARK_IGNORE     0x00000400
0088
0089 /* These are NOT bitwise flags.  Both bits can be used togther.  */
0090 #define FAN_MARK_INODE      0x00000000
0091 #define FAN_MARK_MOUNT      0x00000010
0092 #define FAN_MARK_FILESYSTEM 0x00000100
0093
0094 /*
0095  * Convenience macro - FAN_MARK_IGNORE requires FAN_MARK_IGNORED_SURV_MODIFY
0096  * for non-inode mark types.
0097  */
0098 #define FAN_MARK_IGNORE_SURV    (FAN_MARK_IGNORE | FAN_MARK_IGNORED_SURV_MODIFY)
0099
0100 /* Deprecated - do not use this in programs and do not add new flags here! */
0101 #define FAN_ALL_MARK_FLAGS  (FAN_MARK_ADD |\
0102                  FAN_MARK_REMOVE |\
0103                  FAN_MARK_DONT_FOLLOW |\
0104                  FAN_MARK_ONLYDIR |\
0105                  FAN_MARK_MOUNT |\
0106                  FAN_MARK_IGNORED_MASK |\
0107                  FAN_MARK_IGNORED_SURV_MODIFY |\
0108                  FAN_MARK_FLUSH)
0109
0110 /* Deprecated - do not use this in programs and do not add new flags here! */
0111 #define FAN_ALL_EVENTS (FAN_ACCESS |\
0112             FAN_MODIFY |\
0113             FAN_CLOSE |\
0114             FAN_OPEN)
0115
0116 /*
0117  * All events which require a permission response from userspace
0118  */
0119 /* Deprecated - do not use this in programs and do not add new flags here! */
0120 #define FAN_ALL_PERM_EVENTS (FAN_OPEN_PERM |\
0121                  FAN_ACCESS_PERM)
0122
0123 /* Deprecated - do not use this in programs and do not add new flags here! */
0124 #define FAN_ALL_OUTGOING_EVENTS (FAN_ALL_EVENTS |\
0125                  FAN_ALL_PERM_EVENTS |\
0126                  FAN_Q_OVERFLOW)
0127
0128 #define FANOTIFY_METADATA_VERSION   3
0129
0130 struct fanotify_event_metadata {
0131     __u32 event_len;
0132     __u8 vers;
0133     __u8 reserved;
0134     __u16 metadata_len;
0135     __aligned_u64 mask;
0136     __s32 fd;
0137     __s32 pid;
0138 };
0139
0140 #define FAN_EVENT_INFO_TYPE_FID     1
0141 #define FAN_EVENT_INFO_TYPE_DFID_NAME   2
0142 #define FAN_EVENT_INFO_TYPE_DFID    3
0143 #define FAN_EVENT_INFO_TYPE_PIDFD   4
0144 #define FAN_EVENT_INFO_TYPE_ERROR   5
0145
0146 /* Special info types for FAN_RENAME */
0147 #define FAN_EVENT_INFO_TYPE_OLD_DFID_NAME   10
0148 /* Reserved for FAN_EVENT_INFO_TYPE_OLD_DFID    11 */
0149 #define FAN_EVENT_INFO_TYPE_NEW_DFID_NAME   12
0150 /* Reserved for FAN_EVENT_INFO_TYPE_NEW_DFID    13 */
0151
0152 /* Variable length info record following event metadata */
0153 struct fanotify_event_info_header {
0154     __u8 info_type;
0155     __u8 pad;
0156     __u16 len;
0157 };
0158
0159 /*
0160  * Unique file identifier info record.
0161  * This structure is used for records of types FAN_EVENT_INFO_TYPE_FID,
0162  * FAN_EVENT_INFO_TYPE_DFID and FAN_EVENT_INFO_TYPE_DFID_NAME.
0163  * For FAN_EVENT_INFO_TYPE_DFID_NAME there is additionally a null terminated
0164  * name immediately after the file handle.
0165  */
0166 struct fanotify_event_info_fid {
0167     struct fanotify_event_info_header hdr;
0168     __kernel_fsid_t fsid;
0169     /*
0170      * Following is an opaque struct file_handle that can be passed as
0171      * an argument to open_by_handle_at(2).
0172      */
0173     unsigned char handle[];
0174 };
0175
0176 /*
0177  * This structure is used for info records of type FAN_EVENT_INFO_TYPE_PIDFD.
0178  * It holds a pidfd for the pid that was responsible for generating an event.
0179  */
0180 struct fanotify_event_info_pidfd {
0181     struct fanotify_event_info_header hdr;
0182     __s32 pidfd;
0183 };
0184
0185 struct fanotify_event_info_error {
0186     struct fanotify_event_info_header hdr;
0187     __s32 error;
0188     __u32 error_count;
0189 };
0190
0191 struct fanotify_response {
0192     __s32 fd;
0193     __u32 response;
0194 };
0195
0196 /* Legit userspace responses to a _PERM event */
0197 #define FAN_ALLOW   0x01
0198 #define FAN_DENY    0x02
0199 #define FAN_AUDIT   0x10    /* Bit mask to create audit record for result */
0200
0201 /* No fd set in event */
0202 #define FAN_NOFD    -1
0203 #define FAN_NOPIDFD FAN_NOFD
0204 #define FAN_EPIDFD  -2
0205
0206 /* Helper functions to deal with fanotify_event_metadata buffers */
0207 #define FAN_EVENT_METADATA_LEN (sizeof(struct fanotify_event_metadata))
0208
0209 #define FAN_EVENT_NEXT(meta, len) ((len) -= (meta)->event_len, \
0210                    (struct fanotify_event_metadata*)(((char *)(meta)) + \
0211                    (meta)->event_len))
0212
0213 #define FAN_EVENT_OK(meta, len) ((long)(len) >= (long)FAN_EVENT_METADATA_LEN && \
0214                 (long)(meta)->event_len >= (long)FAN_EVENT_METADATA_LEN && \
0215                 (long)(meta)->event_len <= (long)(len))
0216
0217 #endif /* _UAPI_LINUX_FANOTIFY_H */