/* CacheFiles security management * * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public Licence * as published by the Free Software Foundation; either version * 2 of the Licence, or (at your option) any later version. */ #include #include #include "internal.h" /* * determine the security context within which we access the cache from within * the kernel */ int cachefiles_get_security_ID(struct cachefiles_cache *cache) { struct cred *new; int ret; _enter("{%s}", cache->secctx); new = prepare_kernel_cred(current); if (!new) { ret = -ENOMEM; goto error; } if (cache->secctx) { ret = set_security_override_from_ctx(new, cache->secctx); if (ret < 0) { put_cred(new); pr_err("Security denies permission to nominate security context: error %d\n", ret); goto error; } } cache->cache_cred = new; ret = 0; error: _leave(" = %d", ret); return ret; } /* * see if mkdir and create can be performed in the root directory */ static int cachefiles_check_cache_dir(struct cachefiles_cache *cache, struct dentry *root) { int ret; ret = security_inode_mkdir(d_backing_inode(root), root, 0); if (ret < 0) { pr_err("Security denies permission to make dirs: error %d", ret); return ret; } ret = security_inode_create(d_backing_inode(root), root, 0); if (ret < 0) pr_err("Security denies permission to create files: error %d", ret); return ret; } /* * check the security details of the on-disk cache * - must be called with security override in force * - must return with a security override in force - even in the case of an * error */ int cachefiles_determine_cache_security(struct cachefiles_cache *cache, struct dentry *root, const struct cred **_saved_cred) { struct cred *new; int ret; _enter(""); /* duplicate the cache creds for COW (the override is currently in * force, so we can use prepare_creds() to do this) */ new = prepare_creds(); if (!new) return -ENOMEM; cachefiles_end_secure(cache, *_saved_cred); /* use the cache root dir's security context as the basis with * which create files */ ret = set_create_files_as(new, d_backing_inode(root)); if (ret < 0) { abort_creds(new); cachefiles_begin_secure(cache, _saved_cred); _leave(" = %d [cfa]", ret); return ret; } put_cred(cache->cache_cred); cache->cache_cred = new; cachefiles_begin_secure(cache, _saved_cred); ret = cachefiles_check_cache_dir(cache, root); if (ret == -EOPNOTSUPP) ret = 0; _leave(" = %d", ret); return ret; } ut type='submit' value='search'/>
path: root/include/dt-bindings/reset/qcom,gcc-apq8084.h
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2017-01-30 15:47:19 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2017-01-30 15:47:19 -0800
commitf9a42e0d58cf0fe3d902e63d4582f2ea4cd2bb8b (patch)
tree4078d3ae27d4ebb85bdcd4d84e9b9a4d059f22bb /include/dt-bindings/reset/qcom,gcc-apq8084.h
parent751321b3dd5040dc5be19bd23f985e80c914621a (diff)
parent54791b276b4000b307339f269d3bf7db877d536f (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc
Pull sparc fixes from David Miller: "Several small bug fixes and tidies, along with a fix for non-resumable memory errors triggered by userspace" * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sparc64: Handle PIO & MEM non-resumable errors. sparc64: Zero pages on allocation for mondo and error queues. sparc: Fixed typo in sstate.c. Replaced panicing with panicking sparc: use symbolic names for tsb indexing
Diffstat (limited to 'include/dt-bindings/reset/qcom,gcc-apq8084.h')