1 files changed, 2 insertions, 22 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 5de18a6d5c3f..9b63d8ee1687 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -867,9 +867,8 @@ static int avc_update_node(struct selinux_avc *avc,
         * permissive mode that only appear when in enforcing mode.
         *
         * See the corresponding handling in slow_avc_audit(), and the
-         * logic in selinux_inode_follow_link and selinux_inode_permission
+         * logic in selinux_inode_permission for the MAY_NOT_BLOCK flag,
-         * for the VFS MAY_NOT_BLOCK flag, which is transliterated into
+         * which is transliterated into AVC_NONBLOCKING.
-         * AVC_NONBLOCKING for avc_has_perm_noaudit().
         */
        if (flags & AVC_NONBLOCKING)
                return 0;
@@ -1209,25 +1208,6 @@ int avc_has_perm(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass,
        return rc;
 }
-int avc_has_perm_flags(struct selinux_state *state,
-                       u32 ssid, u32 tsid, u16 tclass, u32 requested,
-                       struct common_audit_data *auditdata,
-                       int flags)
-{
-        struct av_decision avd;
-        int rc, rc2;
-        rc = avc_has_perm_noaudit(state, ssid, tsid, tclass, requested,
-                                  (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0,
-                                  &avd);
-        rc2 = avc_audit(state, ssid, tsid, tclass, requested, &avd, rc,
-                        auditdata, flags);
-        if (rc2)
-                return rc2;
-        return rc;
-}
 u32 avc_policy_seqno(struct selinux_state *state)
 {
        return state->avc->avc_cache.latest_notif;

diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 5de18a6d5c3f..9b63d8ee1687 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c
@@ -867,9 +867,8 @@ static int avc_update_node(struct selinux_avc *avc,
867	* permissive mode that only appear when in enforcing mode.	867	* permissive mode that only appear when in enforcing mode.
868	*	868	*
869	* See the corresponding handling in slow_avc_audit(), and the	869	* See the corresponding handling in slow_avc_audit(), and the
870	* logic in selinux_inode_follow_link and selinux_inode_permission	870	* logic in selinux_inode_permission for the MAY_NOT_BLOCK flag,
871	* for the VFS MAY_NOT_BLOCK flag, which is transliterated into	871	* which is transliterated into AVC_NONBLOCKING.
872	* AVC_NONBLOCKING for avc_has_perm_noaudit().
873	*/	872	*/
874	if (flags & AVC_NONBLOCKING)	873	if (flags & AVC_NONBLOCKING)
875	return 0;	874	return 0;
@@ -1209,25 +1208,6 @@ int avc_has_perm(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass,
1209	return rc;	1208	return rc;
1210	}	1209	}
1211		1210
1212	int avc_has_perm_flags(struct selinux_state *state,
1213	u32 ssid, u32 tsid, u16 tclass, u32 requested,
1214	struct common_audit_data *auditdata,
1215	int flags)
1216	{
1217	struct av_decision avd;
1218	int rc, rc2;
1219
1220	rc = avc_has_perm_noaudit(state, ssid, tsid, tclass, requested,
1221	(flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0,
1222	&avd);
1223
1224	rc2 = avc_audit(state, ssid, tsid, tclass, requested, &avd, rc,
1225	auditdata, flags);
1226	if (rc2)
1227	return rc2;
1228	return rc;
1229	}
1230
1231	u32 avc_policy_seqno(struct selinux_state *state)	1211	u32 avc_policy_seqno(struct selinux_state *state)
1232	{	1212	{
1233	return state->avc->avc_cache.latest_notif;	1213	return state->avc->avc_cache.latest_notif;