/* * security/tomoyo/load_policy.c * * Copyright (C) 2005-2011 NTT DATA CORPORATION */ #include "common.h" #ifndef CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER /* * Path to the policy loader. (default = CONFIG_SECURITY_TOMOYO_POLICY_LOADER) */ static const char *tomoyo_loader; /** * tomoyo_loader_setup - Set policy loader. * * @str: Program to use as a policy loader (e.g. /sbin/tomoyo-init ). * * Returns 0. */ static int __init tomoyo_loader_setup(char *str) { tomoyo_loader = str; return 0; } __setup("TOMOYO_loader=", tomoyo_loader_setup); /** * tomoyo_policy_loader_exists - Check whether /sbin/tomoyo-init exists. * * Returns true if /sbin/tomoyo-init exists, false otherwise. */ static bool tomoyo_policy_loader_exists(void) { struct path path; if (!tomoyo_loader) tomoyo_loader = CONFIG_SECURITY_TOMOYO_POLICY_LOADER; if (kern_path(tomoyo_loader, LOOKUP_FOLLOW, &path)) { printk(KERN_INFO "Not activating Mandatory Access Control " "as %s does not exist.\n", tomoyo_loader); return false; } path_put(&path); return true; } /* * Path to the trigger. (default = CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER) */ static const char *tomoyo_trigger; /** * tomoyo_trigger_setup - Set trigger for activation. * * @str: Program to use as an activation trigger (e.g. /sbin/init ). * * Returns 0. */ static int __init tomoyo_trigger_setup(char *str) { tomoyo_trigger = str; return 0; } __setup("TOMOYO_trigger=", tomoyo_trigger_setup); /** * tomoyo_load_policy - Run external policy loader to load policy. * * @filename: The program about to start. * * This function checks whether @filename is /sbin/init , and if so * invoke /sbin/tomoyo-init and wait for the termination of /sbin/tomoyo-init * and then continues invocation of /sbin/init. * /sbin/tomoyo-init reads policy files in /etc/tomoyo/ directory and * writes to /sys/kernel/security/tomoyo/ interfaces. * * Returns nothing. */ void tomoyo_load_policy(const char *filename) { static bool done; char *argv[2]; char *envp[3]; if (tomoyo_policy_loaded || done) return; if (!tomoyo_trigger) tomoyo_trigger = CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER; if (strcmp(filename, tomoyo_trigger)) return; if (!tomoyo_policy_loader_exists()) return; done = true; printk(KERN_INFO "Calling %s to load policy. Please wait.\n", tomoyo_loader); argv[0] = (char *) tomoyo_loader; argv[1] = NULL; envp[0] = "HOME=/"; envp[1] = "PATH=/sbin:/bin:/usr/sbin:/usr/bin"; envp[2] = NULL; call_usermodehelper(argv[0], argv, envp, UMH_WAIT_PROC); tomoyo_check_profile(); } #endif 80ac37fc9d27'/>
path: root/drivers/usb/serial/aircable.c
diff options
context:
space:
mode:
authorzhong jiang <zhongjiang@huawei.com>2017-01-24 15:18:52 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2017-01-24 16:26:14 -0800
commit3277953de2f31dd03c6375e9a9f680ac37fc9d27 (patch)
tree6ba22924faa1b82ef2f0277db10a3f5abdc44157 /drivers/usb/serial/aircable.c
parent3705ccfdd1e8b539225ce20e3925a945cc788d67 (diff)
mm: do not export ioremap_page_range symbol for external module
Recently, I've found cases in which ioremap_page_range was used incorrectly, in external modules, leading to crashes. This can be partly attributed to the fact that ioremap_page_range is lower-level, with fewer protections, as compared to the other functions that an external module would typically call. Those include: ioremap_cache ioremap_nocache ioremap_prot ioremap_uc ioremap_wc ioremap_wt ...each of which wraps __ioremap_caller, which in turn provides a safer way to achieve the mapping. Therefore, stop EXPORT-ing ioremap_page_range. Link: http://lkml.kernel.org/r/1485173220-29010-1-git-send-email-zhongjiang@huawei.com Signed-off-by: zhong jiang <zhongjiang@huawei.com> Reviewed-by: John Hubbard <jhubbard@nvidia.com> Suggested-by: John Hubbard <jhubbard@nvidia.com> Acked-by: Michal Hocko <mhocko@suse.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'drivers/usb/serial/aircable.c')