diff options
| -rw-r--r-- | include/linux/lsm_hooks.h | 7 | ||||
| -rw-r--r-- | include/linux/security.h | 6 | ||||
| -rw-r--r-- | kernel/fork.c | 4 | ||||
| -rw-r--r-- | security/security.c | 5 |
4 files changed, 0 insertions, 22 deletions
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 3cc9d77c7527..575703cb17b8 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h | |||
| @@ -529,11 +529,6 @@ | |||
| 529 | * | 529 | * |
| 530 | * Security hooks for task operations. | 530 | * Security hooks for task operations. |
| 531 | * | 531 | * |
| 532 | * @task_create: | ||
| 533 | * Check permission before creating a child process. See the clone(2) | ||
| 534 | * manual page for definitions of the @clone_flags. | ||
| 535 | * @clone_flags contains the flags indicating what should be shared. | ||
| 536 | * Return 0 if permission is granted. | ||
| 537 | * @task_alloc: | 532 | * @task_alloc: |
| 538 | * @task task being allocated. | 533 | * @task task being allocated. |
| 539 | * @clone_flags contains the flags indicating what should be shared. | 534 | * @clone_flags contains the flags indicating what should be shared. |
| @@ -1509,7 +1504,6 @@ union security_list_options { | |||
| 1509 | int (*file_receive)(struct file *file); | 1504 | int (*file_receive)(struct file *file); |
| 1510 | int (*file_open)(struct file *file, const struct cred *cred); | 1505 | int (*file_open)(struct file *file, const struct cred *cred); |
| 1511 | 1506 | ||
| 1512 | int (*task_create)(unsigned long clone_flags); | ||
| 1513 | int (*task_alloc)(struct task_struct *task, unsigned long clone_flags); | 1507 | int (*task_alloc)(struct task_struct *task, unsigned long clone_flags); |
| 1514 | void (*task_free)(struct task_struct *task); | 1508 | void (*task_free)(struct task_struct *task); |
| 1515 | int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp); | 1509 | int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp); |
| @@ -1784,7 +1778,6 @@ struct security_hook_heads { | |||
| 1784 | struct list_head file_send_sigiotask; | 1778 | struct list_head file_send_sigiotask; |
| 1785 | struct list_head file_receive; | 1779 | struct list_head file_receive; |
| 1786 | struct list_head file_open; | 1780 | struct list_head file_open; |
| 1787 | struct list_head task_create; | ||
| 1788 | struct list_head task_alloc; | 1781 | struct list_head task_alloc; |
| 1789 | struct list_head task_free; | 1782 | struct list_head task_free; |
| 1790 | struct list_head cred_alloc_blank; | 1783 | struct list_head cred_alloc_blank; |
diff --git a/include/linux/security.h b/include/linux/security.h index b6ea1dc9cc9d..458e24bea2d4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -318,7 +318,6 @@ int security_file_send_sigiotask(struct task_struct *tsk, | |||
| 318 | struct fown_struct *fown, int sig); | 318 | struct fown_struct *fown, int sig); |
| 319 | int security_file_receive(struct file *file); | 319 | int security_file_receive(struct file *file); |
| 320 | int security_file_open(struct file *file, const struct cred *cred); | 320 | int security_file_open(struct file *file, const struct cred *cred); |
| 321 | int security_task_create(unsigned long clone_flags); | ||
| 322 | int security_task_alloc(struct task_struct *task, unsigned long clone_flags); | 321 | int security_task_alloc(struct task_struct *task, unsigned long clone_flags); |
| 323 | void security_task_free(struct task_struct *task); | 322 | void security_task_free(struct task_struct *task); |
| 324 | int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); | 323 | int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); |
| @@ -885,11 +884,6 @@ static inline int security_file_open(struct file *file, | |||
| 885 | return 0; | 884 | return 0; |
| 886 | } | 885 | } |
| 887 | 886 | ||
| 888 | static inline int security_task_create(unsigned long clone_flags) | ||
| 889 | { | ||
| 890 | return 0; | ||
| 891 | } | ||
| 892 | |||
| 893 | static inline int security_task_alloc(struct task_struct *task, | 887 | static inline int security_task_alloc(struct task_struct *task, |
| 894 | unsigned long clone_flags) | 888 | unsigned long clone_flags) |
| 895 | { | 889 | { |
diff --git a/kernel/fork.c b/kernel/fork.c index aa1076c5e4a9..3a13a940a6ea 100644 --- a/kernel/fork.c +++ b/kernel/fork.c | |||
| @@ -1568,10 +1568,6 @@ static __latent_entropy struct task_struct *copy_process( | |||
| 1568 | return ERR_PTR(-EINVAL); | 1568 | return ERR_PTR(-EINVAL); |
| 1569 | } | 1569 | } |
| 1570 | 1570 | ||
| 1571 | retval = security_task_create(clone_flags); | ||
| 1572 | if (retval) | ||
| 1573 | goto fork_out; | ||
| 1574 | |||
| 1575 | retval = -ENOMEM; | 1571 | retval = -ENOMEM; |
| 1576 | p = dup_task_struct(current, node); | 1572 | p = dup_task_struct(current, node); |
| 1577 | if (!p) | 1573 | if (!p) |
diff --git a/security/security.c b/security/security.c index 30132378d103..55b5997e4b72 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -979,11 +979,6 @@ int security_file_open(struct file *file, const struct cred *cred) | |||
| 979 | return fsnotify_perm(file, MAY_OPEN); | 979 | return fsnotify_perm(file, MAY_OPEN); |
| 980 | } | 980 | } |
| 981 | 981 | ||
| 982 | int security_task_create(unsigned long clone_flags) | ||
| 983 | { | ||
| 984 | return call_int_hook(task_create, 0, clone_flags); | ||
| 985 | } | ||
| 986 | |||
| 987 | int security_task_alloc(struct task_struct *task, unsigned long clone_flags) | 982 | int security_task_alloc(struct task_struct *task, unsigned long clone_flags) |
| 988 | { | 983 | { |
| 989 | return call_int_hook(task_alloc, 0, task, clone_flags); | 984 | return call_int_hook(task_alloc, 0, task, clone_flags); |