162306a36Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 262306a36Sopenharmony_ci#ifndef _UAPI_LINUX_FANOTIFY_H 362306a36Sopenharmony_ci#define _UAPI_LINUX_FANOTIFY_H 462306a36Sopenharmony_ci 562306a36Sopenharmony_ci#include <linux/types.h> 662306a36Sopenharmony_ci 762306a36Sopenharmony_ci/* the following events that user-space can register for */ 862306a36Sopenharmony_ci#define FAN_ACCESS 0x00000001 /* File was accessed */ 962306a36Sopenharmony_ci#define FAN_MODIFY 0x00000002 /* File was modified */ 1062306a36Sopenharmony_ci#define FAN_ATTRIB 0x00000004 /* Metadata changed */ 1162306a36Sopenharmony_ci#define FAN_CLOSE_WRITE 0x00000008 /* Writtable file closed */ 1262306a36Sopenharmony_ci#define FAN_CLOSE_NOWRITE 0x00000010 /* Unwrittable file closed */ 1362306a36Sopenharmony_ci#define FAN_OPEN 0x00000020 /* File was opened */ 1462306a36Sopenharmony_ci#define FAN_MOVED_FROM 0x00000040 /* File was moved from X */ 1562306a36Sopenharmony_ci#define FAN_MOVED_TO 0x00000080 /* File was moved to Y */ 1662306a36Sopenharmony_ci#define FAN_CREATE 0x00000100 /* Subfile was created */ 1762306a36Sopenharmony_ci#define FAN_DELETE 0x00000200 /* Subfile was deleted */ 1862306a36Sopenharmony_ci#define FAN_DELETE_SELF 0x00000400 /* Self was deleted */ 1962306a36Sopenharmony_ci#define FAN_MOVE_SELF 0x00000800 /* Self was moved */ 2062306a36Sopenharmony_ci#define FAN_OPEN_EXEC 0x00001000 /* File was opened for exec */ 2162306a36Sopenharmony_ci 2262306a36Sopenharmony_ci#define FAN_Q_OVERFLOW 0x00004000 /* Event queued overflowed */ 2362306a36Sopenharmony_ci#define FAN_FS_ERROR 0x00008000 /* Filesystem error */ 2462306a36Sopenharmony_ci 2562306a36Sopenharmony_ci#define FAN_OPEN_PERM 0x00010000 /* File open in perm check */ 2662306a36Sopenharmony_ci#define FAN_ACCESS_PERM 0x00020000 /* File accessed in perm check */ 2762306a36Sopenharmony_ci#define FAN_OPEN_EXEC_PERM 0x00040000 /* File open/exec in perm check */ 2862306a36Sopenharmony_ci 2962306a36Sopenharmony_ci#define FAN_EVENT_ON_CHILD 0x08000000 /* Interested in child events */ 3062306a36Sopenharmony_ci 3162306a36Sopenharmony_ci#define FAN_RENAME 0x10000000 /* File was renamed */ 3262306a36Sopenharmony_ci 3362306a36Sopenharmony_ci#define FAN_ONDIR 0x40000000 /* Event occurred against dir */ 3462306a36Sopenharmony_ci 3562306a36Sopenharmony_ci/* helper events */ 3662306a36Sopenharmony_ci#define FAN_CLOSE (FAN_CLOSE_WRITE | FAN_CLOSE_NOWRITE) /* close */ 3762306a36Sopenharmony_ci#define FAN_MOVE (FAN_MOVED_FROM | FAN_MOVED_TO) /* moves */ 3862306a36Sopenharmony_ci 3962306a36Sopenharmony_ci/* flags used for fanotify_init() */ 4062306a36Sopenharmony_ci#define FAN_CLOEXEC 0x00000001 4162306a36Sopenharmony_ci#define FAN_NONBLOCK 0x00000002 4262306a36Sopenharmony_ci 4362306a36Sopenharmony_ci/* These are NOT bitwise flags. Both bits are used together. */ 4462306a36Sopenharmony_ci#define FAN_CLASS_NOTIF 0x00000000 4562306a36Sopenharmony_ci#define FAN_CLASS_CONTENT 0x00000004 4662306a36Sopenharmony_ci#define FAN_CLASS_PRE_CONTENT 0x00000008 4762306a36Sopenharmony_ci 4862306a36Sopenharmony_ci/* Deprecated - do not use this in programs and do not add new flags here! */ 4962306a36Sopenharmony_ci#define FAN_ALL_CLASS_BITS (FAN_CLASS_NOTIF | FAN_CLASS_CONTENT | \ 5062306a36Sopenharmony_ci FAN_CLASS_PRE_CONTENT) 5162306a36Sopenharmony_ci 5262306a36Sopenharmony_ci#define FAN_UNLIMITED_QUEUE 0x00000010 5362306a36Sopenharmony_ci#define FAN_UNLIMITED_MARKS 0x00000020 5462306a36Sopenharmony_ci#define FAN_ENABLE_AUDIT 0x00000040 5562306a36Sopenharmony_ci 5662306a36Sopenharmony_ci/* Flags to determine fanotify event format */ 5762306a36Sopenharmony_ci#define FAN_REPORT_PIDFD 0x00000080 /* Report pidfd for event->pid */ 5862306a36Sopenharmony_ci#define FAN_REPORT_TID 0x00000100 /* event->pid is thread id */ 5962306a36Sopenharmony_ci#define FAN_REPORT_FID 0x00000200 /* Report unique file id */ 6062306a36Sopenharmony_ci#define FAN_REPORT_DIR_FID 0x00000400 /* Report unique directory id */ 6162306a36Sopenharmony_ci#define FAN_REPORT_NAME 0x00000800 /* Report events with name */ 6262306a36Sopenharmony_ci#define FAN_REPORT_TARGET_FID 0x00001000 /* Report dirent target id */ 6362306a36Sopenharmony_ci 6462306a36Sopenharmony_ci/* Convenience macro - FAN_REPORT_NAME requires FAN_REPORT_DIR_FID */ 6562306a36Sopenharmony_ci#define FAN_REPORT_DFID_NAME (FAN_REPORT_DIR_FID | FAN_REPORT_NAME) 6662306a36Sopenharmony_ci/* Convenience macro - FAN_REPORT_TARGET_FID requires all other FID flags */ 6762306a36Sopenharmony_ci#define FAN_REPORT_DFID_NAME_TARGET (FAN_REPORT_DFID_NAME | \ 6862306a36Sopenharmony_ci FAN_REPORT_FID | FAN_REPORT_TARGET_FID) 6962306a36Sopenharmony_ci 7062306a36Sopenharmony_ci/* Deprecated - do not use this in programs and do not add new flags here! */ 7162306a36Sopenharmony_ci#define FAN_ALL_INIT_FLAGS (FAN_CLOEXEC | FAN_NONBLOCK | \ 7262306a36Sopenharmony_ci FAN_ALL_CLASS_BITS | FAN_UNLIMITED_QUEUE |\ 7362306a36Sopenharmony_ci FAN_UNLIMITED_MARKS) 7462306a36Sopenharmony_ci 7562306a36Sopenharmony_ci/* flags used for fanotify_modify_mark() */ 7662306a36Sopenharmony_ci#define FAN_MARK_ADD 0x00000001 7762306a36Sopenharmony_ci#define FAN_MARK_REMOVE 0x00000002 7862306a36Sopenharmony_ci#define FAN_MARK_DONT_FOLLOW 0x00000004 7962306a36Sopenharmony_ci#define FAN_MARK_ONLYDIR 0x00000008 8062306a36Sopenharmony_ci/* FAN_MARK_MOUNT is 0x00000010 */ 8162306a36Sopenharmony_ci#define FAN_MARK_IGNORED_MASK 0x00000020 8262306a36Sopenharmony_ci#define FAN_MARK_IGNORED_SURV_MODIFY 0x00000040 8362306a36Sopenharmony_ci#define FAN_MARK_FLUSH 0x00000080 8462306a36Sopenharmony_ci/* FAN_MARK_FILESYSTEM is 0x00000100 */ 8562306a36Sopenharmony_ci#define FAN_MARK_EVICTABLE 0x00000200 8662306a36Sopenharmony_ci/* This bit is mutually exclusive with FAN_MARK_IGNORED_MASK bit */ 8762306a36Sopenharmony_ci#define FAN_MARK_IGNORE 0x00000400 8862306a36Sopenharmony_ci 8962306a36Sopenharmony_ci/* These are NOT bitwise flags. Both bits can be used togther. */ 9062306a36Sopenharmony_ci#define FAN_MARK_INODE 0x00000000 9162306a36Sopenharmony_ci#define FAN_MARK_MOUNT 0x00000010 9262306a36Sopenharmony_ci#define FAN_MARK_FILESYSTEM 0x00000100 9362306a36Sopenharmony_ci 9462306a36Sopenharmony_ci/* 9562306a36Sopenharmony_ci * Convenience macro - FAN_MARK_IGNORE requires FAN_MARK_IGNORED_SURV_MODIFY 9662306a36Sopenharmony_ci * for non-inode mark types. 9762306a36Sopenharmony_ci */ 9862306a36Sopenharmony_ci#define FAN_MARK_IGNORE_SURV (FAN_MARK_IGNORE | FAN_MARK_IGNORED_SURV_MODIFY) 9962306a36Sopenharmony_ci 10062306a36Sopenharmony_ci/* Deprecated - do not use this in programs and do not add new flags here! */ 10162306a36Sopenharmony_ci#define FAN_ALL_MARK_FLAGS (FAN_MARK_ADD |\ 10262306a36Sopenharmony_ci FAN_MARK_REMOVE |\ 10362306a36Sopenharmony_ci FAN_MARK_DONT_FOLLOW |\ 10462306a36Sopenharmony_ci FAN_MARK_ONLYDIR |\ 10562306a36Sopenharmony_ci FAN_MARK_MOUNT |\ 10662306a36Sopenharmony_ci FAN_MARK_IGNORED_MASK |\ 10762306a36Sopenharmony_ci FAN_MARK_IGNORED_SURV_MODIFY |\ 10862306a36Sopenharmony_ci FAN_MARK_FLUSH) 10962306a36Sopenharmony_ci 11062306a36Sopenharmony_ci/* Deprecated - do not use this in programs and do not add new flags here! */ 11162306a36Sopenharmony_ci#define FAN_ALL_EVENTS (FAN_ACCESS |\ 11262306a36Sopenharmony_ci FAN_MODIFY |\ 11362306a36Sopenharmony_ci FAN_CLOSE |\ 11462306a36Sopenharmony_ci FAN_OPEN) 11562306a36Sopenharmony_ci 11662306a36Sopenharmony_ci/* 11762306a36Sopenharmony_ci * All events which require a permission response from userspace 11862306a36Sopenharmony_ci */ 11962306a36Sopenharmony_ci/* Deprecated - do not use this in programs and do not add new flags here! */ 12062306a36Sopenharmony_ci#define FAN_ALL_PERM_EVENTS (FAN_OPEN_PERM |\ 12162306a36Sopenharmony_ci FAN_ACCESS_PERM) 12262306a36Sopenharmony_ci 12362306a36Sopenharmony_ci/* Deprecated - do not use this in programs and do not add new flags here! */ 12462306a36Sopenharmony_ci#define FAN_ALL_OUTGOING_EVENTS (FAN_ALL_EVENTS |\ 12562306a36Sopenharmony_ci FAN_ALL_PERM_EVENTS |\ 12662306a36Sopenharmony_ci FAN_Q_OVERFLOW) 12762306a36Sopenharmony_ci 12862306a36Sopenharmony_ci#define FANOTIFY_METADATA_VERSION 3 12962306a36Sopenharmony_ci 13062306a36Sopenharmony_cistruct fanotify_event_metadata { 13162306a36Sopenharmony_ci __u32 event_len; 13262306a36Sopenharmony_ci __u8 vers; 13362306a36Sopenharmony_ci __u8 reserved; 13462306a36Sopenharmony_ci __u16 metadata_len; 13562306a36Sopenharmony_ci __aligned_u64 mask; 13662306a36Sopenharmony_ci __s32 fd; 13762306a36Sopenharmony_ci __s32 pid; 13862306a36Sopenharmony_ci}; 13962306a36Sopenharmony_ci 14062306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_FID 1 14162306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_DFID_NAME 2 14262306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_DFID 3 14362306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_PIDFD 4 14462306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_ERROR 5 14562306a36Sopenharmony_ci 14662306a36Sopenharmony_ci/* Special info types for FAN_RENAME */ 14762306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_OLD_DFID_NAME 10 14862306a36Sopenharmony_ci/* Reserved for FAN_EVENT_INFO_TYPE_OLD_DFID 11 */ 14962306a36Sopenharmony_ci#define FAN_EVENT_INFO_TYPE_NEW_DFID_NAME 12 15062306a36Sopenharmony_ci/* Reserved for FAN_EVENT_INFO_TYPE_NEW_DFID 13 */ 15162306a36Sopenharmony_ci 15262306a36Sopenharmony_ci/* Variable length info record following event metadata */ 15362306a36Sopenharmony_cistruct fanotify_event_info_header { 15462306a36Sopenharmony_ci __u8 info_type; 15562306a36Sopenharmony_ci __u8 pad; 15662306a36Sopenharmony_ci __u16 len; 15762306a36Sopenharmony_ci}; 15862306a36Sopenharmony_ci 15962306a36Sopenharmony_ci/* 16062306a36Sopenharmony_ci * Unique file identifier info record. 16162306a36Sopenharmony_ci * This structure is used for records of types FAN_EVENT_INFO_TYPE_FID, 16262306a36Sopenharmony_ci * FAN_EVENT_INFO_TYPE_DFID and FAN_EVENT_INFO_TYPE_DFID_NAME. 16362306a36Sopenharmony_ci * For FAN_EVENT_INFO_TYPE_DFID_NAME there is additionally a null terminated 16462306a36Sopenharmony_ci * name immediately after the file handle. 16562306a36Sopenharmony_ci */ 16662306a36Sopenharmony_cistruct fanotify_event_info_fid { 16762306a36Sopenharmony_ci struct fanotify_event_info_header hdr; 16862306a36Sopenharmony_ci __kernel_fsid_t fsid; 16962306a36Sopenharmony_ci /* 17062306a36Sopenharmony_ci * Following is an opaque struct file_handle that can be passed as 17162306a36Sopenharmony_ci * an argument to open_by_handle_at(2). 17262306a36Sopenharmony_ci */ 17362306a36Sopenharmony_ci unsigned char handle[]; 17462306a36Sopenharmony_ci}; 17562306a36Sopenharmony_ci 17662306a36Sopenharmony_ci/* 17762306a36Sopenharmony_ci * This structure is used for info records of type FAN_EVENT_INFO_TYPE_PIDFD. 17862306a36Sopenharmony_ci * It holds a pidfd for the pid that was responsible for generating an event. 17962306a36Sopenharmony_ci */ 18062306a36Sopenharmony_cistruct fanotify_event_info_pidfd { 18162306a36Sopenharmony_ci struct fanotify_event_info_header hdr; 18262306a36Sopenharmony_ci __s32 pidfd; 18362306a36Sopenharmony_ci}; 18462306a36Sopenharmony_ci 18562306a36Sopenharmony_cistruct fanotify_event_info_error { 18662306a36Sopenharmony_ci struct fanotify_event_info_header hdr; 18762306a36Sopenharmony_ci __s32 error; 18862306a36Sopenharmony_ci __u32 error_count; 18962306a36Sopenharmony_ci}; 19062306a36Sopenharmony_ci 19162306a36Sopenharmony_ci/* 19262306a36Sopenharmony_ci * User space may need to record additional information about its decision. 19362306a36Sopenharmony_ci * The extra information type records what kind of information is included. 19462306a36Sopenharmony_ci * The default is none. We also define an extra information buffer whose 19562306a36Sopenharmony_ci * size is determined by the extra information type. 19662306a36Sopenharmony_ci * 19762306a36Sopenharmony_ci * If the information type is Audit Rule, then the information following 19862306a36Sopenharmony_ci * is the rule number that triggered the user space decision that 19962306a36Sopenharmony_ci * requires auditing. 20062306a36Sopenharmony_ci */ 20162306a36Sopenharmony_ci 20262306a36Sopenharmony_ci#define FAN_RESPONSE_INFO_NONE 0 20362306a36Sopenharmony_ci#define FAN_RESPONSE_INFO_AUDIT_RULE 1 20462306a36Sopenharmony_ci 20562306a36Sopenharmony_cistruct fanotify_response { 20662306a36Sopenharmony_ci __s32 fd; 20762306a36Sopenharmony_ci __u32 response; 20862306a36Sopenharmony_ci}; 20962306a36Sopenharmony_ci 21062306a36Sopenharmony_cistruct fanotify_response_info_header { 21162306a36Sopenharmony_ci __u8 type; 21262306a36Sopenharmony_ci __u8 pad; 21362306a36Sopenharmony_ci __u16 len; 21462306a36Sopenharmony_ci}; 21562306a36Sopenharmony_ci 21662306a36Sopenharmony_cistruct fanotify_response_info_audit_rule { 21762306a36Sopenharmony_ci struct fanotify_response_info_header hdr; 21862306a36Sopenharmony_ci __u32 rule_number; 21962306a36Sopenharmony_ci __u32 subj_trust; 22062306a36Sopenharmony_ci __u32 obj_trust; 22162306a36Sopenharmony_ci}; 22262306a36Sopenharmony_ci 22362306a36Sopenharmony_ci/* Legit userspace responses to a _PERM event */ 22462306a36Sopenharmony_ci#define FAN_ALLOW 0x01 22562306a36Sopenharmony_ci#define FAN_DENY 0x02 22662306a36Sopenharmony_ci#define FAN_AUDIT 0x10 /* Bitmask to create audit record for result */ 22762306a36Sopenharmony_ci#define FAN_INFO 0x20 /* Bitmask to indicate additional information */ 22862306a36Sopenharmony_ci 22962306a36Sopenharmony_ci/* No fd set in event */ 23062306a36Sopenharmony_ci#define FAN_NOFD -1 23162306a36Sopenharmony_ci#define FAN_NOPIDFD FAN_NOFD 23262306a36Sopenharmony_ci#define FAN_EPIDFD -2 23362306a36Sopenharmony_ci 23462306a36Sopenharmony_ci/* Helper functions to deal with fanotify_event_metadata buffers */ 23562306a36Sopenharmony_ci#define FAN_EVENT_METADATA_LEN (sizeof(struct fanotify_event_metadata)) 23662306a36Sopenharmony_ci 23762306a36Sopenharmony_ci#define FAN_EVENT_NEXT(meta, len) ((len) -= (meta)->event_len, \ 23862306a36Sopenharmony_ci (struct fanotify_event_metadata*)(((char *)(meta)) + \ 23962306a36Sopenharmony_ci (meta)->event_len)) 24062306a36Sopenharmony_ci 24162306a36Sopenharmony_ci#define FAN_EVENT_OK(meta, len) ((long)(len) >= (long)FAN_EVENT_METADATA_LEN && \ 24262306a36Sopenharmony_ci (long)(meta)->event_len >= (long)FAN_EVENT_METADATA_LEN && \ 24362306a36Sopenharmony_ci (long)(meta)->event_len <= (long)(len)) 24462306a36Sopenharmony_ci 24562306a36Sopenharmony_ci#endif /* _UAPI_LINUX_FANOTIFY_H */ 246