From: Amir Goldstein <amir73il@gmail.com>
Date: Mon, 31 Mar 2025 08:27:58 +0000 (+0200)
Subject: man/man7/fanotify.7: Document FAN_RESPONSE_INFO_AUDIT_RULE
X-Git-Tag: man-pages-6.14~23
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0c31ac91d7c439807b5da7f07d91a283a18cc8bb;p=thirdparty%2Fman-pages.git

man/man7/fanotify.7: Document FAN_RESPONSE_INFO_AUDIT_RULE

Document FAN_RESPONSE_INFO_AUDIT_RULE extended response info record
that was added in v6.3.

Cc: Jan Kara <jack@suse.cz>
Cc: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Message-ID: <20250331082759.1424401-2-amir73il@gmail.com>
[alx: ffix]
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---

diff --git a/man/man7/fanotify.7 b/man/man7/fanotify.7
index 0e754c699..a3ba0911c 100644
--- a/man/man7/fanotify.7
+++ b/man/man7/fanotify.7
@@ -862,6 +862,47 @@ flag can be set in the
 field.
 In that case, the audit subsystem will log information about the access
 decision to the audit logs.
+.P
+Since Linux 6.3,
+.\" commit 70529a199574c15a40f46b14256633b02ba10ca2
+the
+.B FAN_INFO
+flag can be set in the
+.I .response
+field.
+It indicates that an extra variable-length response record follows the
+.I fanotify_response
+structure.
+Extra response records start with a common header:
+.P
+.in +4n
+.EX
+struct fanotify_response_info_header {
+    __u8 type;
+    __u8 pad;
+    __u16 len;
+};
+.EE
+.in
+.P
+The value of
+.I .type
+determines the format of the extra response record.
+.TP
+.B FAN_RESPONSE_INFO_AUDIT_RULE
+The following response record is expected
+with extra details for the audit log:
+.IP
+.in +4n
+.EX
+struct fanotify_response_info_audit_rule {
+    struct fanotify_response_info_header hdr;
+    __u32 rule_number;
+    __u32 subj_trust;
+    __u32 obj_trust;
+};
+.EE
+.in
 .\"
 .SS Monitoring filesystems for errors
 A single