Skyld AV  0.6
On access virus scanning for Linux
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
Classes | Public Types | Public Member Functions | Static Public Member Functions | Private Types | Private Member Functions | Static Private Member Functions | Private Attributes | List of all members
FanotifyPolling Class Reference

Polls fanotify events. More...

#include <FanotifyPolling.h>

Collaboration diagram for FanotifyPolling:
Collaboration graph

Classes

struct  ScanTask
 Scan task. More...
 

Public Types

enum  Status {
  INITIAL = 0, RUNNING = 1, STOPPING = 2, FAILURE = 3,
  SUCCESS = 4
}
 

Public Member Functions

 FanotifyPolling (Environment *)
 Starts polling fanotify events. More...
 
 ~FanotifyPolling ()
 Stops polling fanotify events. More...
 

Static Public Member Functions

static int markMount (int fd, const char *mount)
 Marks a mount for polling fanotify events. More...
 
static int unmarkMount (int fd, const char *mount)
 Removes a mount from polling fanotify events. More...
 

Private Types

typedef void(* skyld_pollfanotifycallbackptr )(const int fd, const void *buf, int len)
 

Private Member Functions

int exclude (const int fd)
 Check if file is in exclude path. More...
 
void handleFanotifyEvents (const void *buf, int len)
 Handle fanotify events. More...
 
void handleFanotifyEvent (const struct fanotify_event_metadata *)
 Handle fanotify events. More...
 
int writeResponse (const struct fanotify_response, int)
 Writes fanotify response. More...
 
int fanotifyOpen ()
 
int fanotifyClose ()
 Closes fanotify file descriptor. More...
 
 FanotifyPolling (const FanotifyPolling &)
 

Static Private Member Functions

static void * run (void *)
 Thread listening to fanotify events. More...
 
static void * scanFile (void *workitem)
 Scans a file. More...
 

Private Attributes

Environmente
 Environment. More...
 
int fd
 Fanotify file descriptor. More...
 
pthread_t thread
 Worker thread. More...
 
MountPollingmp
 Mount polling object. More...
 
ThreadPooltp
 Thread pool for scanning tasks. More...
 
pthread_mutex_t mutex_response
 Mutex for fanotify response. More...
 
enum Status status
 Status of fanotify polling object. More...
 
VirusScanvirusScan
 

Detailed Description

Polls fanotify events.

Definition at line 43 of file FanotifyPolling.h.

Member Typedef Documentation

typedef void(* FanotifyPolling::skyld_pollfanotifycallbackptr)(const int fd, const void *buf, int len)
private

Definition at line 106 of file FanotifyPolling.h.

Member Enumeration Documentation

enum FanotifyPolling::Status
Enumerator
INITIAL 
RUNNING 
STOPPING 
FAILURE 
SUCCESS 

Definition at line 46 of file FanotifyPolling.h.

Constructor & Destructor Documentation

FanotifyPolling::FanotifyPolling ( Environment env)

Starts polling fanotify events.

Parameters
envenvironment
Returns
success

Definition at line 333 of file FanotifyPolling.cc.

Here is the call graph for this function:

FanotifyPolling::~FanotifyPolling ( )

Stops polling fanotify events.

Definition at line 393 of file FanotifyPolling.cc.

Here is the call graph for this function:

FanotifyPolling::FanotifyPolling ( const FanotifyPolling )
private

Member Function Documentation

int FanotifyPolling::exclude ( const int  fd)
private

Check if file is in exclude path.

Parameters
fdfile descriptor
Returns
1 if in exclude path.

Definition at line 138 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

int FanotifyPolling::fanotifyClose ( )
private

Closes fanotify file descriptor.

Returns
success = 0

Definition at line 531 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

int FanotifyPolling::fanotifyOpen ( )
private

Opens fanotify file descriptor.

Returns
success = 0;

Properties of event file descriptors.

Behavior of the fanotify file descriptor.

Definition at line 501 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

void FanotifyPolling::handleFanotifyEvent ( const struct fanotify_event_metadata *  metadata)
private

Handle fanotify events.

Parameters
bufbuffer with events
lenlength of the buffer

Definition at line 222 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

void FanotifyPolling::handleFanotifyEvents ( const void *  buf,
int  len 
)
private

Handle fanotify events.

Parameters
bufbuffer with events
lenlength of the buffer

Definition at line 312 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

int FanotifyPolling::markMount ( int  fd,
const char *  mount 
)
static

Marks a mount for polling fanotify events.

Parameters
mount
Returns
success

Definition at line 551 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

void * FanotifyPolling::run ( void *  obj)
staticprivate

Thread listening to fanotify events.

Parameters
ccbptrpointer to callback routine
Returns
NULL

Fanotify polling object.

File descriptor.

number of file descriptors

Buffer.

Definition at line 50 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

void * FanotifyPolling::scanFile ( void *  workitem)
staticprivate

Scans a file.

Definition at line 170 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

int FanotifyPolling::unmarkMount ( int  fd,
const char *  mount 
)
static

Removes a mount from polling fanotify events.

Parameters
mount
Returns
success

Definition at line 578 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

int FanotifyPolling::writeResponse ( const struct fanotify_response  response,
int  doBuffer 
)
private

Writes fanotify response.

Parameters
responseresponse
doBufferif != 0 write to buffer
Returns
success = 0

Definition at line 450 of file FanotifyPolling.cc.

Here is the call graph for this function:

Here is the caller graph for this function:

Member Data Documentation

Environment* FanotifyPolling::e
private

Environment.

Definition at line 62 of file FanotifyPolling.h.

int FanotifyPolling::fd
private

Fanotify file descriptor.

Definition at line 66 of file FanotifyPolling.h.

MountPolling* FanotifyPolling::mp
private

Mount polling object.

Definition at line 74 of file FanotifyPolling.h.

pthread_mutex_t FanotifyPolling::mutex_response
private

Mutex for fanotify response.

Definition at line 82 of file FanotifyPolling.h.

enum Status FanotifyPolling::status
private

Status of fanotify polling object.

Definition at line 86 of file FanotifyPolling.h.

pthread_t FanotifyPolling::thread
private

Worker thread.

Definition at line 70 of file FanotifyPolling.h.

ThreadPool* FanotifyPolling::tp
private

Thread pool for scanning tasks.

Definition at line 78 of file FanotifyPolling.h.

VirusScan* FanotifyPolling::virusScan
private

Virus scanner.

Definition at line 90 of file FanotifyPolling.h.

The documentation for this class was generated from the following files:
Generated on Thu Apr 21 2016 01:31:01 for Skyld AV by   doxygen 1.8.8