Skyld AV  0.6
On access virus scanning for Linux
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
FanotifyPolling.h
Go to the documentation of this file.
1 /*
2  * File: FanotifyPolling.h
3  *
4  * Copyright 2012 Heinrich Schuchardt <xypron.glpk@gmx.de>
5  *
6  * Licensed under the Apache License, Version 2.0 (the "License");
7  * you may not use this file except in compliance with the License.
8  * You may obtain a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  *
18  */
19 
25 #ifndef POLLFANOTIFY_H
26 #define POLLFANOTIFY_H
27 
28 #include <sys/fanotify.h>
29 #include <pthread.h>
30 #include "Environment.h"
31 #include "MountPolling.h"
32 #include "StringSet.h"
33 #include "ThreadPool.h"
34 #include "VirusScan.h"
35 
36 #ifdef __cplusplus
37 extern "C" {
38 #endif
39 
43 class FanotifyPolling {
44 public:
45 
46  enum Status {
47  INITIAL = 0,
48  RUNNING = 1,
49  STOPPING = 2,
50  FAILURE = 3,
51  SUCCESS = 4
52  };
53 
54  FanotifyPolling(Environment *);
55  ~FanotifyPolling();
56  static int markMount(int fd, const char *mount);
57  static int unmarkMount(int fd, const char *mount);
58 private:
62  Environment *e;
66  int fd;
70  pthread_t thread;
74  MountPolling *mp;
78  ThreadPool *tp;
82  pthread_mutex_t mutex_response;
86  enum Status status;
90  VirusScan *virusScan;
91 
95  struct ScanTask {
99  FanotifyPolling *fp;
103  struct fanotify_event_metadata metadata;
104  };
105 
106  typedef void (*skyld_pollfanotifycallbackptr)(const int fd,
107  const void *buf, int len);
108 
109  static void *run(void *);
110  int exclude(const int fd);
111  static void *scanFile(void *workitem);
112  void handleFanotifyEvents(const void *buf, int len);
113  void handleFanotifyEvent(const struct fanotify_event_metadata *);
114  int writeResponse(const struct fanotify_response, int);
115  int fanotifyOpen();
116  int fanotifyClose();
117  // Do not allow copying.
118  FanotifyPolling(const FanotifyPolling&);
119 };
120 
121 #ifdef __cplusplus
122 }
123 #endif
124 
125 #endif /* POLLFANOTIFY_H */
ThreadPool.h
Implements the thread pool pattern.
FanotifyPolling::markMount
static int markMount(int fd, const char *mount)
Marks a mount for polling fanotify events.
Definition: FanotifyPolling.cc:551
FanotifyPolling::scanFile
static void * scanFile(void *workitem)
Scans a file.
Definition: FanotifyPolling.cc:170
StringSet.h
Set of strings.
VirusScan.h
Scans files for viruses.
FanotifyPolling::skyld_pollfanotifycallbackptr
void(* skyld_pollfanotifycallbackptr)(const int fd, const void *buf, int len)
Definition: FanotifyPolling.h:106
FanotifyPolling::thread
pthread_t thread
Worker thread.
Definition: FanotifyPolling.h:70
FanotifyPolling::tp
ThreadPool * tp
Thread pool for scanning tasks.
Definition: FanotifyPolling.h:78
FanotifyPolling::virusScan
VirusScan * virusScan
Definition: FanotifyPolling.h:90
FanotifyPolling::unmarkMount
static int unmarkMount(int fd, const char *mount)
Removes a mount from polling fanotify events.
Definition: FanotifyPolling.cc:578
FanotifyPolling::ScanTask::metadata
struct fanotify_event_metadata metadata
fanotify metadata
Definition: FanotifyPolling.h:103
ThreadPool
Implements the thread pool pattern.
Definition: ThreadPool.h:35
FanotifyPolling::~FanotifyPolling
~FanotifyPolling()
Stops polling fanotify events.
Definition: FanotifyPolling.cc:393
FanotifyPolling::fanotifyClose
int fanotifyClose()
Closes fanotify file descriptor.
Definition: FanotifyPolling.cc:531
MountPolling
Polls mount and unmout events.
Definition: MountPolling.h:36
FanotifyPolling::FanotifyPolling
FanotifyPolling(Environment *)
Starts polling fanotify events.
Definition: FanotifyPolling.cc:333
Environment.h
Envronment.
FanotifyPolling::e
Environment * e
Environment.
Definition: FanotifyPolling.h:62
MountPolling.h
Poll /proc/mounts to detect mount events.
FanotifyPolling::handleFanotifyEvent
void handleFanotifyEvent(const struct fanotify_event_metadata *)
Handle fanotify events.
Definition: FanotifyPolling.cc:222
FanotifyPolling
Polls fanotify events.
Definition: FanotifyPolling.h:43
Environment
The environment holds variables that are shared by instances of multiple classes. ...
Definition: Environment.h:38
FanotifyPolling::exclude
int exclude(const int fd)
Check if file is in exclude path.
Definition: FanotifyPolling.cc:138
VirusScan
Scans files for viruses.
Definition: VirusScan.h:38
FanotifyPolling::handleFanotifyEvents
void handleFanotifyEvents(const void *buf, int len)
Handle fanotify events.
Definition: FanotifyPolling.cc:312
FanotifyPolling::mp
MountPolling * mp
Mount polling object.
Definition: FanotifyPolling.h:74
FanotifyPolling::writeResponse
int writeResponse(const struct fanotify_response, int)
Writes fanotify response.
Definition: FanotifyPolling.cc:450
FanotifyPolling::run
static void * run(void *)
Thread listening to fanotify events.
Definition: FanotifyPolling.cc:50
FanotifyPolling::mutex_response
pthread_mutex_t mutex_response
Mutex for fanotify response.
Definition: FanotifyPolling.h:82
FanotifyPolling::fd
int fd
Fanotify file descriptor.
Definition: FanotifyPolling.h:66
FanotifyPolling::ScanTask::fp
FanotifyPolling * fp
fanotify polling object
Definition: FanotifyPolling.h:99
FanotifyPolling::status
enum Status status
Status of fanotify polling object.
Definition: FanotifyPolling.h:86
Generated on Thu Apr 21 2016 01:31:01 for Skyld AV by   doxygen 1.8.8