sys_inotify_add_watch  [fs/inotify.c]


Adds a watch to or modifies an existing watch of an initialized inotify instance.

If file specified by the path pointed by ecx was not previously being watched by this inotify instance, then the watch descriptor is newly allocated. If the file was already being watched, then the descriptor for the existing watch is returned.

Arguments

eax 292
ebx File descriptor referring to the inotify instance whose watch list is to be modified.
ecx A pointer to a null-terminated string that specifies the file's path for whom the watch to be modified.
edx Bit-mask specifying the events to be monitored for the given file. I
IN_ACCESS File was accessed (read).
IN_ATTRIB Metadata changed (permissions, timestamps, extended attributes, etc.
IN_CLOSE_WRITE File opened for writing was closed.
IN_CLOSE_NOWRITE File not opened for writing was closed.
IN_CREATE File/directory created in watched directory.
IN_DELETE File/directory deleted from watched directory.
IN_DELETE_SELF Watched file/directory was itself deleted.
IN_MODIFY File was modified.
IN_MOVE_SELF Watched file/directory was itself moved.
IN_MOVED_FROM File moved out of watched directory.
IN_MOVED_TO File moved into watched directory.
IN_OPEN File was opened.
IN_MOVE Equates to "IN_MOVED_FROM or IN_MOVED_TO"
IN_CLOSE Equates to "IN_CLOSE_WRITE or IN_CLOSE_NOWRITE"
IN_DONT_FOLLOW Don't dereferencethe file specified by a path pointed by ecx if it is a symbolic link
IN_MASK_ADD Add (OR) events to watch mask for this pathname if it already exists (instead of replacing mask)
IN_ONESHOT Monitor the file specified by a path pointed by ecx for one event, then remove from watch list.
IN_ONLYDIR Only watch the instance specified by a path pointed by ecx if it is a directory

Return values

If the system call succeeds the return value is a non-negative watch descriptor.
If the system call fails the return value is one of the following errno values:

-EACCESS Read access to the given file is not permitted.
-EBADF The given file descriptor is not valid.
-EFAULT ecx points outside of the process's accessible address space.
-EINVAL The given event mask contains no legal events; or ebx is not an inotify file descriptor.
-ENOMEM Insufficient kernel memory was available.
-ENOSPC The user limit on the total number of inotify watches was reached or the kernel failed to allocate a needed resource.

Remarks

n/a

Compatibility

Available since 2.6.13