From daa418b418b849395ae6b5855c1a3fc5f027c563 Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Mon, 7 Sep 2020 02:51:53 +0100 Subject: [PATCH 1/2] Export symbols needed by Android drivers Bug-Debian: https://bugs.debian.org/901492 We want to enable use of the Android ashmem and binder drivers to support Anbox, but they should not be built-in as that would waste resources and increase security attack surface on systems that don't need them. Export the currently un-exported symbols they depend on. --- fs/file.c | 1 + kernel/fork.c | 1 + kernel/sched/core.c | 1 + kernel/sched/wait.c | 1 + kernel/task_work.c | 1 + mm/memory.c | 1 + mm/shmem.c | 1 + security/security.c | 4 ++++ 8 files changed, 11 insertions(+) diff --git a/fs/file.c b/fs/file.c index 3bcc1ecc314a..6ff78a4c27a9 100644 --- a/fs/file.c +++ b/fs/file.c @@ -813,6 +813,7 @@ struct file *close_fd_get_file(unsigned int fd) return file; } +EXPORT_SYMBOL_GPL(close_fd_get_file); void do_close_on_exec(struct files_struct *files) { diff --git a/kernel/fork.c b/kernel/fork.c index 9d44f2d46c69..d587c85f35b1 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1225,6 +1225,7 @@ void mmput_async(struct mm_struct *mm) schedule_work(&mm->async_put_work); } } +EXPORT_SYMBOL_GPL(mmput_async); #endif /** diff --git a/kernel/sched/core.c b/kernel/sched/core.c index d4af56927a4d..ebff11e343fd 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -7036,6 +7036,7 @@ int can_nice(const struct task_struct *p, const int nice) { return is_nice_reduction(p, nice) || capable(CAP_SYS_NICE); } +EXPORT_SYMBOL_GPL(can_nice); #ifdef __ARCH_WANT_SYS_NICE diff --git a/kernel/sched/wait.c b/kernel/sched/wait.c index 9860bb9a847c..ad76d49bf4e1 100644 --- a/kernel/sched/wait.c +++ b/kernel/sched/wait.c @@ -243,6 +243,7 @@ void __wake_up_pollfree(struct wait_queue_head *wq_head) /* POLLFREE must have cleared the queue. */ WARN_ON_ONCE(waitqueue_active(wq_head)); } +EXPORT_SYMBOL_GPL(__wake_up_pollfree); /* * Note: we use "set_current_state()" _after_ the wait-queue add, diff --git a/kernel/task_work.c b/kernel/task_work.c index dff75bcde151..5f9a42a388f1 100644 --- a/kernel/task_work.c +++ b/kernel/task_work.c @@ -73,6 +73,7 @@ int task_work_add(struct task_struct *task, struct callback_head *work, return 0; } +EXPORT_SYMBOL_GPL(task_work_add); /** * task_work_cancel_match - cancel a pending work added by task_work_add() diff --git a/mm/memory.c b/mm/memory.c index 1c6027adc542..75372d105b0e 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -1749,6 +1749,7 @@ void zap_page_range(struct vm_area_struct *vma, unsigned long start, mmu_notifier_invalidate_range_end(&range); tlb_finish_mmu(&tlb); } +EXPORT_SYMBOL_GPL(zap_page_range); /** * zap_page_range_single - remove user pages in a given range diff --git a/mm/shmem.c b/mm/shmem.c index b7f2d4a56867..3bf380f68406 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -4172,6 +4172,7 @@ int shmem_zero_setup(struct vm_area_struct *vma) return 0; } +EXPORT_SYMBOL_GPL(shmem_zero_setup); /** * shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags. diff --git a/security/security.c b/security/security.c index 188b8f782220..e5538a412f3c 100644 --- a/security/security.c +++ b/security/security.c @@ -752,24 +752,28 @@ int security_binder_set_context_mgr(const struct cred *mgr) { return call_int_hook(binder_set_context_mgr, 0, mgr); } +EXPORT_SYMBOL_GPL(security_binder_set_context_mgr); int security_binder_transaction(const struct cred *from, const struct cred *to) { return call_int_hook(binder_transaction, 0, from, to); } +EXPORT_SYMBOL_GPL(security_binder_transaction); int security_binder_transfer_binder(const struct cred *from, const struct cred *to) { return call_int_hook(binder_transfer_binder, 0, from, to); } +EXPORT_SYMBOL_GPL(security_binder_transfer_binder); int security_binder_transfer_file(const struct cred *from, const struct cred *to, struct file *file) { return call_int_hook(binder_transfer_file, 0, from, to, file); } +EXPORT_SYMBOL_GPL(security_binder_transfer_file); int security_ptrace_access_check(struct task_struct *child, unsigned int mode) { -- 2.37.2