search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 5.7.7
[linux/fpc-iii.git] / security / apparmor / mount.c
blobe0828ee7a34573edb6519836363d5ab4e462197e
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * AppArmor security module
4 *
5 * This file contains AppArmor mediation of files
6 *
7 * Copyright (C) 1998-2008 Novell/SUSE
8 * Copyright 2009-2017 Canonical Ltd.
9 */
10
11 #include <linux/fs.h>
12 #include <linux/mount.h>
13 #include <linux/namei.h>
14 #include <uapi/linux/mount.h>
15
16 #include "include/apparmor.h"
17 #include "include/audit.h"
18 #include "include/cred.h"
19 #include "include/domain.h"
20 #include "include/file.h"
21 #include "include/match.h"
22 #include "include/mount.h"
23 #include "include/path.h"
24 #include "include/policy.h"
25
26
27 static void audit_mnt_flags(struct audit_buffer *ab, unsigned long flags)
28 {
29 if (flags & MS_RDONLY)
30 audit_log_format(ab, "ro");
31 else
32 audit_log_format(ab, "rw");
33 if (flags & MS_NOSUID)
34 audit_log_format(ab, ", nosuid");
35 if (flags & MS_NODEV)
36 audit_log_format(ab, ", nodev");
37 if (flags & MS_NOEXEC)
38 audit_log_format(ab, ", noexec");
39 if (flags & MS_SYNCHRONOUS)
40 audit_log_format(ab, ", sync");
41 if (flags & MS_REMOUNT)
42 audit_log_format(ab, ", remount");
43 if (flags & MS_MANDLOCK)
44 audit_log_format(ab, ", mand");
45 if (flags & MS_DIRSYNC)
46 audit_log_format(ab, ", dirsync");
47 if (flags & MS_NOATIME)
48 audit_log_format(ab, ", noatime");
49 if (flags & MS_NODIRATIME)
50 audit_log_format(ab, ", nodiratime");
51 if (flags & MS_BIND)
52 audit_log_format(ab, flags & MS_REC ? ", rbind" : ", bind");
53 if (flags & MS_MOVE)
54 audit_log_format(ab, ", move");
55 if (flags & MS_SILENT)
56 audit_log_format(ab, ", silent");
57 if (flags & MS_POSIXACL)
58 audit_log_format(ab, ", acl");
59 if (flags & MS_UNBINDABLE)
60 audit_log_format(ab, flags & MS_REC ? ", runbindable" :
61 ", unbindable");
62 if (flags & MS_PRIVATE)
63 audit_log_format(ab, flags & MS_REC ? ", rprivate" :
64 ", private");
65 if (flags & MS_SLAVE)
66 audit_log_format(ab, flags & MS_REC ? ", rslave" :
67 ", slave");
68 if (flags & MS_SHARED)
69 audit_log_format(ab, flags & MS_REC ? ", rshared" :
70 ", shared");
71 if (flags & MS_RELATIME)
72 audit_log_format(ab, ", relatime");
73 if (flags & MS_I_VERSION)
74 audit_log_format(ab, ", iversion");
75 if (flags & MS_STRICTATIME)
76 audit_log_format(ab, ", strictatime");
77 if (flags & MS_NOUSER)
78 audit_log_format(ab, ", nouser");
79 }
80
81 /**
82 * audit_cb - call back for mount specific audit fields
83 * @ab: audit_buffer (NOT NULL)
84 * @va: audit struct to audit values of (NOT NULL)
85 */
86 static void audit_cb(struct audit_buffer *ab, void *va)
87 {
88 struct common_audit_data *sa = va;
89
90 if (aad(sa)->mnt.type) {
91 audit_log_format(ab, " fstype=");
92 audit_log_untrustedstring(ab, aad(sa)->mnt.type);
93 }
94 if (aad(sa)->mnt.src_name) {
95 audit_log_format(ab, " srcname=");
96 audit_log_untrustedstring(ab, aad(sa)->mnt.src_name);
97 }
98 if (aad(sa)->mnt.trans) {
99 audit_log_format(ab, " trans=");
100 audit_log_untrustedstring(ab, aad(sa)->mnt.trans);
101 }
102 if (aad(sa)->mnt.flags) {
103 audit_log_format(ab, " flags=\"");
104 audit_mnt_flags(ab, aad(sa)->mnt.flags);
105 audit_log_format(ab, "\"");
106 }
107 if (aad(sa)->mnt.data) {
108 audit_log_format(ab, " options=");
109 audit_log_untrustedstring(ab, aad(sa)->mnt.data);
110 }
111 }
112
113 /**
114 * audit_mount - handle the auditing of mount operations
115 * @profile: the profile being enforced (NOT NULL)
116 * @op: operation being mediated (NOT NULL)
117 * @name: name of object being mediated (MAYBE NULL)
118 * @src_name: src_name of object being mediated (MAYBE_NULL)
119 * @type: type of filesystem (MAYBE_NULL)
120 * @trans: name of trans (MAYBE NULL)
121 * @flags: filesystem independent mount flags
122 * @data: filesystem mount flags
123 * @request: permissions requested
124 * @perms: the permissions computed for the request (NOT NULL)
125 * @info: extra information message (MAYBE NULL)
126 * @error: 0 if operation allowed else failure error code
127 *
128 * Returns: %0 or error on failure
129 */
130 static int audit_mount(struct aa_profile *profile, const char *op,
131 const char *name, const char *src_name,
132 const char *type, const char *trans,
133 unsigned long flags, const void *data, u32 request,
134 struct aa_perms *perms, const char *info, int error)
135 {
136 int audit_type = AUDIT_APPARMOR_AUTO;
137 DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_NONE, op);
138
139 if (likely(!error)) {
140 u32 mask = perms->audit;
141
142 if (unlikely(AUDIT_MODE(profile) == AUDIT_ALL))
143 mask = 0xffff;
144
145 /* mask off perms that are not being force audited */
146 request &= mask;
147
148 if (likely(!request))
149 return 0;
150 audit_type = AUDIT_APPARMOR_AUDIT;
151 } else {
152 /* only report permissions that were denied */
153 request = request & ~perms->allow;
154
155 if (request & perms->kill)
156 audit_type = AUDIT_APPARMOR_KILL;
157
158 /* quiet known rejects, assumes quiet and kill do not overlap */
159 if ((request & perms->quiet) &&
160 AUDIT_MODE(profile) != AUDIT_NOQUIET &&
161 AUDIT_MODE(profile) != AUDIT_ALL)
162 request &= ~perms->quiet;
163
164 if (!request)
165 return error;
166 }
167
168 aad(&sa)->name = name;
169 aad(&sa)->mnt.src_name = src_name;
170 aad(&sa)->mnt.type = type;
171 aad(&sa)->mnt.trans = trans;
172 aad(&sa)->mnt.flags = flags;
173 if (data && (perms->audit & AA_AUDIT_DATA))
174 aad(&sa)->mnt.data = data;
175 aad(&sa)->info = info;
176 aad(&sa)->error = error;
177
178 return aa_audit(audit_type, profile, &sa, audit_cb);
179 }
180
181 /**
182 * match_mnt_flags - Do an ordered match on mount flags
183 * @dfa: dfa to match against
184 * @state: state to start in
185 * @flags: mount flags to match against
186 *
187 * Mount flags are encoded as an ordered match. This is done instead of
188 * checking against a simple bitmask, to allow for logical operations
189 * on the flags.
190 *
191 * Returns: next state after flags match
192 */
193 static unsigned int match_mnt_flags(struct aa_dfa *dfa, unsigned int state,
194 unsigned long flags)
195 {
196 unsigned int i;
197
198 for (i = 0; i <= 31 ; ++i) {
199 if ((1 << i) & flags)
200 state = aa_dfa_next(dfa, state, i + 1);
201 }
202
203 return state;
204 }
205
206 /**
207 * compute_mnt_perms - compute mount permission associated with @state
208 * @dfa: dfa to match against (NOT NULL)
209 * @state: state match finished in
210 *
211 * Returns: mount permissions
212 */
213 static struct aa_perms compute_mnt_perms(struct aa_dfa *dfa,
214 unsigned int state)
215 {
216 struct aa_perms perms = {
217 .allow = dfa_user_allow(dfa, state),
218 .audit = dfa_user_audit(dfa, state),
219 .quiet = dfa_user_quiet(dfa, state),
220 .xindex = dfa_user_xindex(dfa, state),
221 };
222
223 return perms;
224 }
225
226 static const char * const mnt_info_table[] = {
227 "match succeeded",
228 "failed mntpnt match",
229 "failed srcname match",
230 "failed type match",
231 "failed flags match",
232 "failed data match"
233 };
234
235 /*
236 * Returns 0 on success else element that match failed in, this is the
237 * index into the mnt_info_table above
238 */
239 static int do_match_mnt(struct aa_dfa *dfa, unsigned int start,
240 const char *mntpnt, const char *devname,
241 const char *type, unsigned long flags,
242 void *data, bool binary, struct aa_perms *perms)
243 {
244 unsigned int state;
245
246 AA_BUG(!dfa);
247 AA_BUG(!perms);
248
249 state = aa_dfa_match(dfa, start, mntpnt);
250 state = aa_dfa_null_transition(dfa, state);
251 if (!state)
252 return 1;
253
254 if (devname)
255 state = aa_dfa_match(dfa, state, devname);
256 state = aa_dfa_null_transition(dfa, state);
257 if (!state)
258 return 2;
259
260 if (type)
261 state = aa_dfa_match(dfa, state, type);
262 state = aa_dfa_null_transition(dfa, state);
263 if (!state)
264 return 3;
265
266 state = match_mnt_flags(dfa, state, flags);
267 if (!state)
268 return 4;
269 *perms = compute_mnt_perms(dfa, state);
270 if (perms->allow & AA_MAY_MOUNT)
271 return 0;
272
273 /* only match data if not binary and the DFA flags data is expected */
274 if (data && !binary && (perms->allow & AA_MNT_CONT_MATCH)) {
275 state = aa_dfa_null_transition(dfa, state);
276 if (!state)
277 return 4;
278
279 state = aa_dfa_match(dfa, state, data);
280 if (!state)
281 return 5;
282 *perms = compute_mnt_perms(dfa, state);
283 if (perms->allow & AA_MAY_MOUNT)
284 return 0;
285 }
286
287 /* failed at end of flags match */
288 return 4;
289 }
290
291
292 static int path_flags(struct aa_profile *profile, const struct path *path)
293 {
294 AA_BUG(!profile);
295 AA_BUG(!path);
296
297 return profile->path_flags |
298 (S_ISDIR(path->dentry->d_inode->i_mode) ? PATH_IS_DIR : 0);
299 }
300
301 /**
302 * match_mnt_path_str - handle path matching for mount
303 * @profile: the confining profile
304 * @mntpath: for the mntpnt (NOT NULL)
305 * @buffer: buffer to be used to lookup mntpath
306 * @devnme: string for the devname/src_name (MAY BE NULL OR ERRPTR)
307 * @type: string for the dev type (MAYBE NULL)
308 * @flags: mount flags to match
309 * @data: fs mount data (MAYBE NULL)
310 * @binary: whether @data is binary
311 * @devinfo: error str if (IS_ERR(@devname))
312 *
313 * Returns: 0 on success else error
314 */
315 static int match_mnt_path_str(struct aa_profile *profile,
316 const struct path *mntpath, char *buffer,
317 const char *devname, const char *type,
318 unsigned long flags, void *data, bool binary,
319 const char *devinfo)
320 {
321 struct aa_perms perms = { };
322 const char *mntpnt = NULL, *info = NULL;
323 int pos, error;
324
325 AA_BUG(!profile);
326 AA_BUG(!mntpath);
327 AA_BUG(!buffer);
328
329 if (!PROFILE_MEDIATES(profile, AA_CLASS_MOUNT))
330 return 0;
331
332 error = aa_path_name(mntpath, path_flags(profile, mntpath), buffer,
333 &mntpnt, &info, profile->disconnected);
334 if (error)
335 goto audit;
336 if (IS_ERR(devname)) {
337 error = PTR_ERR(devname);
338 devname = NULL;
339 info = devinfo;
340 goto audit;
341 }
342
343 error = -EACCES;
344 pos = do_match_mnt(profile->policy.dfa,
345 profile->policy.start[AA_CLASS_MOUNT],
346 mntpnt, devname, type, flags, data, binary, &perms);
347 if (pos) {
348 info = mnt_info_table[pos];
349 goto audit;
350 }
351 error = 0;
352
353 audit:
354 return audit_mount(profile, OP_MOUNT, mntpnt, devname, type, NULL,
355 flags, data, AA_MAY_MOUNT, &perms, info, error);
356 }
357
358 /**
359 * match_mnt - handle path matching for mount
360 * @profile: the confining profile
361 * @mntpath: for the mntpnt (NOT NULL)
362 * @buffer: buffer to be used to lookup mntpath
363 * @devpath: path devname/src_name (MAYBE NULL)
364 * @devbuffer: buffer to be used to lookup devname/src_name
365 * @type: string for the dev type (MAYBE NULL)
366 * @flags: mount flags to match
367 * @data: fs mount data (MAYBE NULL)
368 * @binary: whether @data is binary
369 *
370 * Returns: 0 on success else error
371 */
372 static int match_mnt(struct aa_profile *profile, const struct path *path,
373 char *buffer, struct path *devpath, char *devbuffer,
374 const char *type, unsigned long flags, void *data,
375 bool binary)
376 {
377 const char *devname = NULL, *info = NULL;
378 int error = -EACCES;
379
380 AA_BUG(!profile);
381 AA_BUG(devpath && !devbuffer);
382
383 if (!PROFILE_MEDIATES(profile, AA_CLASS_MOUNT))
384 return 0;
385
386 if (devpath) {
387 error = aa_path_name(devpath, path_flags(profile, devpath),
388 devbuffer, &devname, &info,
389 profile->disconnected);
390 if (error)
391 devname = ERR_PTR(error);
392 }
393
394 return match_mnt_path_str(profile, path, buffer, devname, type, flags,
395 data, binary, info);
396 }
397
398 int aa_remount(struct aa_label *label, const struct path *path,
399 unsigned long flags, void *data)
400 {
401 struct aa_profile *profile;
402 char *buffer = NULL;
403 bool binary;
404 int error;
405
406 AA_BUG(!label);
407 AA_BUG(!path);
408
409 binary = path->dentry->d_sb->s_type->fs_flags & FS_BINARY_MOUNTDATA;
410
411 buffer = aa_get_buffer(false);
412 if (!buffer)
413 return -ENOMEM;
414 error = fn_for_each_confined(label, profile,
415 match_mnt(profile, path, buffer, NULL, NULL, NULL,
416 flags, data, binary));
417 aa_put_buffer(buffer);
418
419 return error;
420 }
421
422 int aa_bind_mount(struct aa_label *label, const struct path *path,
423 const char *dev_name, unsigned long flags)
424 {
425 struct aa_profile *profile;
426 char *buffer = NULL, *old_buffer = NULL;
427 struct path old_path;
428 int error;
429
430 AA_BUG(!label);
431 AA_BUG(!path);
432
433 if (!dev_name || !*dev_name)
434 return -EINVAL;
435
436 flags &= MS_REC | MS_BIND;
437
438 error = kern_path(dev_name, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &old_path);
439 if (error)
440 return error;
441
442 buffer = aa_get_buffer(false);
443 old_buffer = aa_get_buffer(false);
444 error = -ENOMEM;
445 if (!buffer || !old_buffer)
446 goto out;
447
448 error = fn_for_each_confined(label, profile,
449 match_mnt(profile, path, buffer, &old_path, old_buffer,
450 NULL, flags, NULL, false));
451 out:
452 aa_put_buffer(buffer);
453 aa_put_buffer(old_buffer);
454 path_put(&old_path);
455
456 return error;
457 }
458
459 int aa_mount_change_type(struct aa_label *label, const struct path *path,
460 unsigned long flags)
461 {
462 struct aa_profile *profile;
463 char *buffer = NULL;
464 int error;
465
466 AA_BUG(!label);
467 AA_BUG(!path);
468
469 /* These are the flags allowed by do_change_type() */
470 flags &= (MS_REC | MS_SILENT | MS_SHARED | MS_PRIVATE | MS_SLAVE |
471 MS_UNBINDABLE);
472
473 buffer = aa_get_buffer(false);
474 if (!buffer)
475 return -ENOMEM;
476 error = fn_for_each_confined(label, profile,
477 match_mnt(profile, path, buffer, NULL, NULL, NULL,
478 flags, NULL, false));
479 aa_put_buffer(buffer);
480
481 return error;
482 }
483
484 int aa_move_mount(struct aa_label *label, const struct path *path,
485 const char *orig_name)
486 {
487 struct aa_profile *profile;
488 char *buffer = NULL, *old_buffer = NULL;
489 struct path old_path;
490 int error;
491
492 AA_BUG(!label);
493 AA_BUG(!path);
494
495 if (!orig_name || !*orig_name)
496 return -EINVAL;
497
498 error = kern_path(orig_name, LOOKUP_FOLLOW, &old_path);
499 if (error)
500 return error;
501
502 buffer = aa_get_buffer(false);
503 old_buffer = aa_get_buffer(false);
504 error = -ENOMEM;
505 if (!buffer || !old_buffer)
506 goto out;
507 error = fn_for_each_confined(label, profile,
508 match_mnt(profile, path, buffer, &old_path, old_buffer,
509 NULL, MS_MOVE, NULL, false));
510 out:
511 aa_put_buffer(buffer);
512 aa_put_buffer(old_buffer);
513 path_put(&old_path);
514
515 return error;
516 }
517
518 int aa_new_mount(struct aa_label *label, const char *dev_name,
519 const struct path *path, const char *type, unsigned long flags,
520 void *data)
521 {
522 struct aa_profile *profile;
523 char *buffer = NULL, *dev_buffer = NULL;
524 bool binary = true;
525 int error;
526 int requires_dev = 0;
527 struct path tmp_path, *dev_path = NULL;
528
529 AA_BUG(!label);
530 AA_BUG(!path);
531
532 if (type) {
533 struct file_system_type *fstype;
534
535 fstype = get_fs_type(type);
536 if (!fstype)
537 return -ENODEV;
538 binary = fstype->fs_flags & FS_BINARY_MOUNTDATA;
539 requires_dev = fstype->fs_flags & FS_REQUIRES_DEV;
540 put_filesystem(fstype);
541
542 if (requires_dev) {
543 if (!dev_name || !*dev_name)
544 return -ENOENT;
545
546 error = kern_path(dev_name, LOOKUP_FOLLOW, &tmp_path);
547 if (error)
548 return error;
549 dev_path = &tmp_path;
550 }
551 }
552
553 buffer = aa_get_buffer(false);
554 if (!buffer) {
555 error = -ENOMEM;
556 goto out;
557 }
558 if (dev_path) {
559 dev_buffer = aa_get_buffer(false);
560 if (!dev_buffer) {
561 error = -ENOMEM;
562 goto out;
563 }
564 error = fn_for_each_confined(label, profile,
565 match_mnt(profile, path, buffer, dev_path, dev_buffer,
566 type, flags, data, binary));
567 } else {
568 error = fn_for_each_confined(label, profile,
569 match_mnt_path_str(profile, path, buffer, dev_name,
570 type, flags, data, binary, NULL));
571 }
572
573 out:
574 aa_put_buffer(buffer);
575 aa_put_buffer(dev_buffer);
576 if (dev_path)
577 path_put(dev_path);
578
579 return error;
580 }
581
582 static int profile_umount(struct aa_profile *profile, struct path *path,
583 char *buffer)
584 {
585 struct aa_perms perms = { };
586 const char *name = NULL, *info = NULL;
587 unsigned int state;
588 int error;
589
590 AA_BUG(!profile);
591 AA_BUG(!path);
592
593 if (!PROFILE_MEDIATES(profile, AA_CLASS_MOUNT))
594 return 0;
595
596 error = aa_path_name(path, path_flags(profile, path), buffer, &name,
597 &info, profile->disconnected);
598 if (error)
599 goto audit;
600
601 state = aa_dfa_match(profile->policy.dfa,
602 profile->policy.start[AA_CLASS_MOUNT],
603 name);
604 perms = compute_mnt_perms(profile->policy.dfa, state);
605 if (AA_MAY_UMOUNT & ~perms.allow)
606 error = -EACCES;
607
608 audit:
609 return audit_mount(profile, OP_UMOUNT, name, NULL, NULL, NULL, 0, NULL,
610 AA_MAY_UMOUNT, &perms, info, error);
611 }
612
613 int aa_umount(struct aa_label *label, struct vfsmount *mnt, int flags)
614 {
615 struct aa_profile *profile;
616 char *buffer = NULL;
617 int error;
618 struct path path = { .mnt = mnt, .dentry = mnt->mnt_root };
619
620 AA_BUG(!label);
621 AA_BUG(!mnt);
622
623 buffer = aa_get_buffer(false);
624 if (!buffer)
625 return -ENOMEM;
626
627 error = fn_for_each_confined(label, profile,
628 profile_umount(profile, &path, buffer));
629 aa_put_buffer(buffer);
630
631 return error;
632 }
633
634 /* helper fn for transition on pivotroot
635 *
636 * Returns: label for transition or ERR_PTR. Does not return NULL
637 */
638 static struct aa_label *build_pivotroot(struct aa_profile *profile,
639 const struct path *new_path,
640 char *new_buffer,
641 const struct path *old_path,
642 char *old_buffer)
643 {
644 const char *old_name, *new_name = NULL, *info = NULL;
645 const char *trans_name = NULL;
646 struct aa_perms perms = { };
647 unsigned int state;
648 int error;
649
650 AA_BUG(!profile);
651 AA_BUG(!new_path);
652 AA_BUG(!old_path);
653
654 if (profile_unconfined(profile) ||
655 !PROFILE_MEDIATES(profile, AA_CLASS_MOUNT))
656 return aa_get_newest_label(&profile->label);
657
658 error = aa_path_name(old_path, path_flags(profile, old_path),
659 old_buffer, &old_name, &info,
660 profile->disconnected);
661 if (error)
662 goto audit;
663 error = aa_path_name(new_path, path_flags(profile, new_path),
664 new_buffer, &new_name, &info,
665 profile->disconnected);
666 if (error)
667 goto audit;
668
669 error = -EACCES;
670 state = aa_dfa_match(profile->policy.dfa,
671 profile->policy.start[AA_CLASS_MOUNT],
672 new_name);
673 state = aa_dfa_null_transition(profile->policy.dfa, state);
674 state = aa_dfa_match(profile->policy.dfa, state, old_name);
675 perms = compute_mnt_perms(profile->policy.dfa, state);
676
677 if (AA_MAY_PIVOTROOT & perms.allow)
678 error = 0;
679
680 audit:
681 error = audit_mount(profile, OP_PIVOTROOT, new_name, old_name,
682 NULL, trans_name, 0, NULL, AA_MAY_PIVOTROOT,
683 &perms, info, error);
684 if (error)
685 return ERR_PTR(error);
686
687 return aa_get_newest_label(&profile->label);
688 }
689
690 int aa_pivotroot(struct aa_label *label, const struct path *old_path,
691 const struct path *new_path)
692 {
693 struct aa_profile *profile;
694 struct aa_label *target = NULL;
695 char *old_buffer = NULL, *new_buffer = NULL, *info = NULL;
696 int error;
697
698 AA_BUG(!label);
699 AA_BUG(!old_path);
700 AA_BUG(!new_path);
701
702 old_buffer = aa_get_buffer(false);
703 new_buffer = aa_get_buffer(false);
704 error = -ENOMEM;
705 if (!old_buffer || !new_buffer)
706 goto out;
707 target = fn_label_build(label, profile, GFP_KERNEL,
708 build_pivotroot(profile, new_path, new_buffer,
709 old_path, old_buffer));
710 if (!target) {
711 info = "label build failed";
712 error = -ENOMEM;
713 goto fail;
714 } else if (!IS_ERR(target)) {
715 error = aa_replace_current_label(target);
716 if (error) {
717 /* TODO: audit target */
718 aa_put_label(target);
719 goto out;
720 }
721 } else
722 /* already audited error */
723 error = PTR_ERR(target);
724 out:
725 aa_put_buffer(old_buffer);
726 aa_put_buffer(new_buffer);
727
728 return error;
729
730 fail:
731 /* TODO: add back in auditing of new_name and old_name */
732 error = fn_for_each(label, profile,
733 audit_mount(profile, OP_PIVOTROOT, NULL /*new_name */,
734 NULL /* old_name */,
735 NULL, NULL,
736 0, NULL, AA_MAY_PIVOTROOT, &nullperms, info,
737 error));
738 goto out;
739 }
Linux with added FPC-III support