fanotify: userspace interface for permission responses

fanotify groups need to respond to events which include permissions types. To do so groups will send a response using write() on the fanotify_fd they have open. Signed-off-by: Eric Paris <eparis@redhat.com>
2025-07-23 12:43:29 +02:00 · 2009-12-17 21:24:34 -05:00
parent 9e66e4233d
commit b2d879096a
3 changed files with 184 additions and 6 deletions
--- a/include/linux/fanotify.h
+++ b/include/linux/fanotify.h
@@ -75,6 +75,11 @@ struct fanotify_event_metadata {
 	__s64 pid;
 } __attribute__ ((packed));

+struct fanotify_response {
+	__s32 fd;
+	__u32 response;
+} __attribute__ ((packed));
+
 /* Legit userspace responses to a _PERM event */
 #define FAN_ALLOW	0x01
 #define FAN_DENY	0x02