I want to make use of fanotify(7) and the problem I run into is that on some kernels CONFIG_FANOTIFY_ACCESS_PERMISSIONS does not work, although CONFIG_FANOTIFY is configured.
我想使用fanotify(7),我遇到的问题是,在一些内核CONFIG_FANOTIFY_ACCESS_PERMISSIONS不能工作,尽管配置了CONFIG_FANOTIFY,但仍然存在这个问题。
At the very least I'd like to report this condition.
至少我想报告一下这个情况。
Now on Debian and Ubuntu I could use the equivalent of grep CONFIG_FANOTIFY_ACCESS_PERMISSIONS /boot/config-$(uname -r) to verify that the feature is available. On some other systems I could use the equivalent of zgrep CONFIG_FANOTIFY_ACCESS_PERMISSIONS /proc/config.gz, but there are probably some more systems that are not covered by these two methods.
现在,在Debian和Ubuntu上,我可以使用grep CONFIG_FANOTIFY_ACCESS_PERMISSIONS /boot/config-$(uname -r)来验证该特性是否可用。在其他一些系统上,我可以使用等效的zgrep CONFIG_FANOTIFY_ACCESS_PERMISSIONS / proc/config/ config。gz,但是可能还有更多的系统没有被这两种方法覆盖。
Is there a way to figure out in any of the fanotify(7) functions whether or not fanotify permission handling is available on the kernel currently running?
是否有一种方法可以在任何一个fanotify(7)函数中找到,在当前运行的内核中是否可以使用fanotify权限处理?
I was thinking of a method similar to the returned ENOSYS when fanotify_mark() is not implemented (fanotify_mark(2)), but could not find anything like that in the documentation.
当fanotify_mark()没有实现(fanotify_mark(2))时,我想到了一个类似于返回的ENOSYS的方法,但是在文档中找不到类似的东西。
1 个解决方案
#1
3
It seems that fanotify_mark() returns EINVAL when FAN_ALL_PERM_EVENTS is passed but CONFIG_FANOTIFY_ACCESS_PERMISSIONS is disabled.
似乎在传递FAN_ALL_PERM_EVENTS时,fanotify_mark()返回EINVAL,但禁用了CONFIG_FANOTIFY_ACCESS_PERMISSIONS。
See fs/notify/fanotify/fanotify_user.c in kernel sources:
看到fs /通知/ fanotify / fanotify_user。c在内核来源:
SYSCALL_DEFINE5(fanotify_mark, int, fanotify_fd, unsigned int, flags,
__u64, mask, int, dfd,
const char __user *, pathname)
{
...
#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
if (mask & ~(FAN_ALL_EVENTS | FAN_ALL_PERM_EVENTS | FAN_EVENT_ON_CHILD))
#else
if (mask & ~(FAN_ALL_EVENTS | FAN_EVENT_ON_CHILD))
#endif
return -EINVAL;
#1
3
It seems that fanotify_mark() returns EINVAL when FAN_ALL_PERM_EVENTS is passed but CONFIG_FANOTIFY_ACCESS_PERMISSIONS is disabled.
似乎在传递FAN_ALL_PERM_EVENTS时,fanotify_mark()返回EINVAL,但禁用了CONFIG_FANOTIFY_ACCESS_PERMISSIONS。
See fs/notify/fanotify/fanotify_user.c in kernel sources:
看到fs /通知/ fanotify / fanotify_user。c在内核来源:
SYSCALL_DEFINE5(fanotify_mark, int, fanotify_fd, unsigned int, flags,
__u64, mask, int, dfd,
const char __user *, pathname)
{
...
#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
if (mask & ~(FAN_ALL_EVENTS | FAN_ALL_PERM_EVENTS | FAN_EVENT_ON_CHILD))
#else
if (mask & ~(FAN_ALL_EVENTS | FAN_EVENT_ON_CHILD))
#endif
return -EINVAL;