Re: [RFC][PATCH] Inotify kernel API
On Tuesday 23 August 2005 15:50, Chris Wright wrote:
* Amy Griffis (amy.griffis(a)hp.com) wrote:
> diff -r 8ecff93e704a -r 58e1301e9661 fs/inotify.c
> --- a/fs/inotify.c Thu Aug 18 19:53:59 2005
> +++ b/fs/inotify.c Thu Aug 18 23:19:52 2005
> @@ -83,14 +83,18 @@
> wait_queue_head_t wq; /* wait queue for i/o */
> struct idr idr; /* idr mapping wd -> watch */
> struct semaphore sem; /* protects this bad boy */
> - struct list_head events; /* list of queued events */
> struct list_head watches; /* list of watches */
> atomic_t count; /* reference count */
> + u32 last_wd; /* the last wd allocated */
> + /* userland consumer API */
> + struct list_head events; /* list of queued events */
> struct user_struct *user; /* user who opened this dev */
> unsigned int queue_size; /* size of the queue (bytes) */
> unsigned int event_count; /* number of pending events */
> unsigned int max_events; /* maximum number of events */
> - u32 last_wd; /* the last wd allocated */
> + /* kernel consumer API */
> + void (*callback)(struct inotify_event *, const char *,
> + void *); /* event callback */
Is there a compelling reason for the arg to be typeless? Are you trying
to multiplex each event through a single callback?
Seems like she's just trying to be as generic as possible. Each Inotify
kernel client has its own inotify device with its own callback. It passes to
it among the obvious, a generic bit of per-watch information (in our case it
would be audit related information, perhaps a filter key of sorts). Is this
correct?
-tim
--
Linux-audit mailing list
Linux-audit(a)redhat.com
http://www.redhat.com/mailman/listinfo/linux-audit