diff options
| -rw-r--r-- | security/smack/smack_lsm.c | 38 |
1 files changed, 8 insertions, 30 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 2d6e9bdea398..2775d658b767 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -1545,12 +1545,8 @@ static void smack_inode_getsecid(struct inode *inode, u32 *secid) | |||
| 1545 | * File Hooks | 1545 | * File Hooks |
| 1546 | */ | 1546 | */ |
| 1547 | 1547 | ||
| 1548 | /** | 1548 | /* |
| 1549 | * smack_file_permission - Smack check on file operations | 1549 | * There is no smack_file_permission hook |
| 1550 | * @file: unused | ||
| 1551 | * @mask: unused | ||
| 1552 | * | ||
| 1553 | * Returns 0 | ||
| 1554 | * | 1550 | * |
| 1555 | * Should access checks be done on each read or write? | 1551 | * Should access checks be done on each read or write? |
| 1556 | * UNICOS and SELinux say yes. | 1552 | * UNICOS and SELinux say yes. |
| @@ -1559,10 +1555,6 @@ static void smack_inode_getsecid(struct inode *inode, u32 *secid) | |||
| 1559 | * I'll say no for now. Smack does not do the frequent | 1555 | * I'll say no for now. Smack does not do the frequent |
| 1560 | * label changing that SELinux does. | 1556 | * label changing that SELinux does. |
| 1561 | */ | 1557 | */ |
| 1562 | static int smack_file_permission(struct file *file, int mask) | ||
| 1563 | { | ||
| 1564 | return 0; | ||
| 1565 | } | ||
| 1566 | 1558 | ||
| 1567 | /** | 1559 | /** |
| 1568 | * smack_file_alloc_security - assign a file security blob | 1560 | * smack_file_alloc_security - assign a file security blob |
| @@ -4503,16 +4495,10 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule, | |||
| 4503 | return 0; | 4495 | return 0; |
| 4504 | } | 4496 | } |
| 4505 | 4497 | ||
| 4506 | /** | 4498 | /* |
| 4507 | * smack_audit_rule_free - free smack rule representation | 4499 | * There is no need for a smack_audit_rule_free hook. |
| 4508 | * @vrule: rule to be freed. | ||
| 4509 | * | ||
| 4510 | * No memory was allocated. | 4500 | * No memory was allocated. |
| 4511 | */ | 4501 | */ |
| 4512 | static void smack_audit_rule_free(void *vrule) | ||
| 4513 | { | ||
| 4514 | /* No-op */ | ||
| 4515 | } | ||
| 4516 | 4502 | ||
| 4517 | #endif /* CONFIG_AUDIT */ | 4503 | #endif /* CONFIG_AUDIT */ |
| 4518 | 4504 | ||
| @@ -4563,16 +4549,11 @@ static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) | |||
| 4563 | return 0; | 4549 | return 0; |
| 4564 | } | 4550 | } |
| 4565 | 4551 | ||
| 4566 | /** | 4552 | /* |
| 4567 | * smack_release_secctx - don't do anything. | 4553 | * There used to be a smack_release_secctx hook |
| 4568 | * @secdata: unused | 4554 | * that did nothing back when hooks were in a vector. |
| 4569 | * @seclen: unused | 4555 | * Now that there's a list such a hook adds cost. |
| 4570 | * | ||
| 4571 | * Exists to make sure nothing gets done, and properly | ||
| 4572 | */ | 4556 | */ |
| 4573 | static void smack_release_secctx(char *secdata, u32 seclen) | ||
| 4574 | { | ||
| 4575 | } | ||
| 4576 | 4557 | ||
| 4577 | static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) | 4558 | static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) |
| 4578 | { | 4559 | { |
| @@ -4631,7 +4612,6 @@ static struct security_hook_list smack_hooks[] = { | |||
| 4631 | LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity), | 4612 | LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity), |
| 4632 | LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid), | 4613 | LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid), |
| 4633 | 4614 | ||
| 4634 | LSM_HOOK_INIT(file_permission, smack_file_permission), | ||
| 4635 | LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security), | 4615 | LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security), |
| 4636 | LSM_HOOK_INIT(file_free_security, smack_file_free_security), | 4616 | LSM_HOOK_INIT(file_free_security, smack_file_free_security), |
| 4637 | LSM_HOOK_INIT(file_ioctl, smack_file_ioctl), | 4617 | LSM_HOOK_INIT(file_ioctl, smack_file_ioctl), |
| @@ -4726,13 +4706,11 @@ static struct security_hook_list smack_hooks[] = { | |||
| 4726 | LSM_HOOK_INIT(audit_rule_init, smack_audit_rule_init), | 4706 | LSM_HOOK_INIT(audit_rule_init, smack_audit_rule_init), |
| 4727 | LSM_HOOK_INIT(audit_rule_known, smack_audit_rule_known), | 4707 | LSM_HOOK_INIT(audit_rule_known, smack_audit_rule_known), |
| 4728 | LSM_HOOK_INIT(audit_rule_match, smack_audit_rule_match), | 4708 | LSM_HOOK_INIT(audit_rule_match, smack_audit_rule_match), |
| 4729 | LSM_HOOK_INIT(audit_rule_free, smack_audit_rule_free), | ||
| 4730 | #endif /* CONFIG_AUDIT */ | 4709 | #endif /* CONFIG_AUDIT */ |
| 4731 | 4710 | ||
| 4732 | LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), | 4711 | LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), |
| 4733 | LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), | 4712 | LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), |
| 4734 | LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), | 4713 | LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), |
| 4735 | LSM_HOOK_INIT(release_secctx, smack_release_secctx), | ||
| 4736 | LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), | 4714 | LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), |
| 4737 | LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), | 4715 | LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), |
| 4738 | LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx), | 4716 | LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx), |