diff options
author | Adrian Bunk <bunk@kernel.org> | 2007-10-17 02:31:38 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-17 11:43:07 -0400 |
commit | cbfee34520666862f8ff539e580c48958fbb7706 (patch) | |
tree | ded5cafce333e908a0fbeda1f7c55eaf7c1fbaaa | |
parent | b53767719b6cd8789392ea3e7e2eb7b8906898f0 (diff) |
security/ cleanups
This patch contains the following cleanups that are now possible:
- remove the unused security_operations->inode_xattr_getsuffix
- remove the no longer used security_operations->unregister_security
- remove some no longer required exit code
- remove a bunch of no longer used exports
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Acked-by: James Morris <jmorris@namei.org>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r-- | drivers/usb/core/usb.c | 1 | ||||
-rw-r--r-- | fs/exec.c | 2 | ||||
-rw-r--r-- | include/linux/security.h | 15 | ||||
-rw-r--r-- | kernel/capability.c | 4 | ||||
-rw-r--r-- | mm/mmap.c | 2 | ||||
-rw-r--r-- | mm/nommu.c | 1 | ||||
-rw-r--r-- | security/commoncap.c | 21 | ||||
-rw-r--r-- | security/dummy.c | 12 | ||||
-rw-r--r-- | security/inode.c | 8 | ||||
-rw-r--r-- | security/security.c | 58 | ||||
-rw-r--r-- | security/selinux/hooks.c | 20 |
11 files changed, 1 insertions, 143 deletions
diff --git a/drivers/usb/core/usb.c b/drivers/usb/core/usb.c index c99938d5f78e..69aa68287d3f 100644 --- a/drivers/usb/core/usb.c +++ b/drivers/usb/core/usb.c | |||
@@ -982,7 +982,6 @@ EXPORT_SYMBOL(usb_altnum_to_altsetting); | |||
982 | 982 | ||
983 | EXPORT_SYMBOL(__usb_get_extra_descriptor); | 983 | EXPORT_SYMBOL(__usb_get_extra_descriptor); |
984 | 984 | ||
985 | EXPORT_SYMBOL(usb_find_device); | ||
986 | EXPORT_SYMBOL(usb_get_current_frame_number); | 985 | EXPORT_SYMBOL(usb_get_current_frame_number); |
987 | 986 | ||
988 | EXPORT_SYMBOL(usb_buffer_alloc); | 987 | EXPORT_SYMBOL(usb_buffer_alloc); |
@@ -64,7 +64,6 @@ int core_uses_pid; | |||
64 | char core_pattern[CORENAME_MAX_SIZE] = "core"; | 64 | char core_pattern[CORENAME_MAX_SIZE] = "core"; |
65 | int suid_dumpable = 0; | 65 | int suid_dumpable = 0; |
66 | 66 | ||
67 | EXPORT_SYMBOL(suid_dumpable); | ||
68 | /* The maximal length of core_pattern is also specified in sysctl.c */ | 67 | /* The maximal length of core_pattern is also specified in sysctl.c */ |
69 | 68 | ||
70 | static LIST_HEAD(formats); | 69 | static LIST_HEAD(formats); |
@@ -1662,7 +1661,6 @@ void set_dumpable(struct mm_struct *mm, int value) | |||
1662 | break; | 1661 | break; |
1663 | } | 1662 | } |
1664 | } | 1663 | } |
1665 | EXPORT_SYMBOL_GPL(set_dumpable); | ||
1666 | 1664 | ||
1667 | int get_dumpable(struct mm_struct *mm) | 1665 | int get_dumpable(struct mm_struct *mm) |
1668 | { | 1666 | { |
diff --git a/include/linux/security.h b/include/linux/security.h index df591d289ec9..9b0b63c50f44 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -1158,10 +1158,6 @@ struct request_sock; | |||
1158 | * allow module stacking. | 1158 | * allow module stacking. |
1159 | * @name contains the name of the security module being stacked. | 1159 | * @name contains the name of the security module being stacked. |
1160 | * @ops contains a pointer to the struct security_operations of the module to stack. | 1160 | * @ops contains a pointer to the struct security_operations of the module to stack. |
1161 | * @unregister_security: | ||
1162 | * remove a stacked module. | ||
1163 | * @name contains the name of the security module being unstacked. | ||
1164 | * @ops contains a pointer to the struct security_operations of the module to unstack. | ||
1165 | * | 1161 | * |
1166 | * @secid_to_secctx: | 1162 | * @secid_to_secctx: |
1167 | * Convert secid to security context. | 1163 | * Convert secid to security context. |
@@ -1259,7 +1255,6 @@ struct security_operations { | |||
1259 | int (*inode_removexattr) (struct dentry *dentry, char *name); | 1255 | int (*inode_removexattr) (struct dentry *dentry, char *name); |
1260 | int (*inode_need_killpriv) (struct dentry *dentry); | 1256 | int (*inode_need_killpriv) (struct dentry *dentry); |
1261 | int (*inode_killpriv) (struct dentry *dentry); | 1257 | int (*inode_killpriv) (struct dentry *dentry); |
1262 | const char *(*inode_xattr_getsuffix) (void); | ||
1263 | int (*inode_getsecurity)(const struct inode *inode, const char *name, void *buffer, size_t size, int err); | 1258 | int (*inode_getsecurity)(const struct inode *inode, const char *name, void *buffer, size_t size, int err); |
1264 | int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); | 1259 | int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); |
1265 | int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); | 1260 | int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); |
@@ -1350,8 +1345,6 @@ struct security_operations { | |||
1350 | /* allow module stacking */ | 1345 | /* allow module stacking */ |
1351 | int (*register_security) (const char *name, | 1346 | int (*register_security) (const char *name, |
1352 | struct security_operations *ops); | 1347 | struct security_operations *ops); |
1353 | int (*unregister_security) (const char *name, | ||
1354 | struct security_operations *ops); | ||
1355 | 1348 | ||
1356 | void (*d_instantiate) (struct dentry *dentry, struct inode *inode); | 1349 | void (*d_instantiate) (struct dentry *dentry, struct inode *inode); |
1357 | 1350 | ||
@@ -1432,9 +1425,7 @@ struct security_operations { | |||
1432 | /* prototypes */ | 1425 | /* prototypes */ |
1433 | extern int security_init (void); | 1426 | extern int security_init (void); |
1434 | extern int register_security (struct security_operations *ops); | 1427 | extern int register_security (struct security_operations *ops); |
1435 | extern int unregister_security (struct security_operations *ops); | ||
1436 | extern int mod_reg_security (const char *name, struct security_operations *ops); | 1428 | extern int mod_reg_security (const char *name, struct security_operations *ops); |
1437 | extern int mod_unreg_security (const char *name, struct security_operations *ops); | ||
1438 | extern struct dentry *securityfs_create_file(const char *name, mode_t mode, | 1429 | extern struct dentry *securityfs_create_file(const char *name, mode_t mode, |
1439 | struct dentry *parent, void *data, | 1430 | struct dentry *parent, void *data, |
1440 | const struct file_operations *fops); | 1431 | const struct file_operations *fops); |
@@ -1518,7 +1509,6 @@ int security_inode_listxattr(struct dentry *dentry); | |||
1518 | int security_inode_removexattr(struct dentry *dentry, char *name); | 1509 | int security_inode_removexattr(struct dentry *dentry, char *name); |
1519 | int security_inode_need_killpriv(struct dentry *dentry); | 1510 | int security_inode_need_killpriv(struct dentry *dentry); |
1520 | int security_inode_killpriv(struct dentry *dentry); | 1511 | int security_inode_killpriv(struct dentry *dentry); |
1521 | const char *security_inode_xattr_getsuffix(void); | ||
1522 | int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err); | 1512 | int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err); |
1523 | int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); | 1513 | int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); |
1524 | int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); | 1514 | int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); |
@@ -1923,11 +1913,6 @@ static inline int security_inode_killpriv(struct dentry *dentry) | |||
1923 | return cap_inode_killpriv(dentry); | 1913 | return cap_inode_killpriv(dentry); |
1924 | } | 1914 | } |
1925 | 1915 | ||
1926 | static inline const char *security_inode_xattr_getsuffix (void) | ||
1927 | { | ||
1928 | return NULL ; | ||
1929 | } | ||
1930 | |||
1931 | static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) | 1916 | static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) |
1932 | { | 1917 | { |
1933 | return -EOPNOTSUPP; | 1918 | return -EOPNOTSUPP; |
diff --git a/kernel/capability.c b/kernel/capability.c index c8d3c7762034..4e350a36ed6a 100644 --- a/kernel/capability.c +++ b/kernel/capability.c | |||
@@ -17,9 +17,6 @@ | |||
17 | unsigned securebits = SECUREBITS_DEFAULT; /* systemwide security settings */ | 17 | unsigned securebits = SECUREBITS_DEFAULT; /* systemwide security settings */ |
18 | kernel_cap_t cap_bset = CAP_INIT_EFF_SET; | 18 | kernel_cap_t cap_bset = CAP_INIT_EFF_SET; |
19 | 19 | ||
20 | EXPORT_SYMBOL(securebits); | ||
21 | EXPORT_SYMBOL(cap_bset); | ||
22 | |||
23 | /* | 20 | /* |
24 | * This lock protects task->cap_* for all tasks including current. | 21 | * This lock protects task->cap_* for all tasks including current. |
25 | * Locking rule: acquire this prior to tasklist_lock. | 22 | * Locking rule: acquire this prior to tasklist_lock. |
@@ -244,7 +241,6 @@ int __capable(struct task_struct *t, int cap) | |||
244 | } | 241 | } |
245 | return 0; | 242 | return 0; |
246 | } | 243 | } |
247 | EXPORT_SYMBOL(__capable); | ||
248 | 244 | ||
249 | int capable(int cap) | 245 | int capable(int cap) |
250 | { | 246 | { |
@@ -181,8 +181,6 @@ error: | |||
181 | return -ENOMEM; | 181 | return -ENOMEM; |
182 | } | 182 | } |
183 | 183 | ||
184 | EXPORT_SYMBOL(__vm_enough_memory); | ||
185 | |||
186 | /* | 184 | /* |
187 | * Requires inode->i_mapping->i_mmap_lock | 185 | * Requires inode->i_mapping->i_mmap_lock |
188 | */ | 186 | */ |
diff --git a/mm/nommu.c b/mm/nommu.c index 8ed0cb43118a..42fb84e9e815 100644 --- a/mm/nommu.c +++ b/mm/nommu.c | |||
@@ -44,7 +44,6 @@ int sysctl_max_map_count = DEFAULT_MAX_MAP_COUNT; | |||
44 | int heap_stack_gap = 0; | 44 | int heap_stack_gap = 0; |
45 | 45 | ||
46 | EXPORT_SYMBOL(mem_map); | 46 | EXPORT_SYMBOL(mem_map); |
47 | EXPORT_SYMBOL(__vm_enough_memory); | ||
48 | EXPORT_SYMBOL(num_physpages); | 47 | EXPORT_SYMBOL(num_physpages); |
49 | 48 | ||
50 | /* list of shareable VMAs */ | 49 | /* list of shareable VMAs */ |
diff --git a/security/commoncap.c b/security/commoncap.c index afca6dd4ae69..778cb0cfc5d8 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
@@ -30,8 +30,6 @@ int cap_netlink_send(struct sock *sk, struct sk_buff *skb) | |||
30 | return 0; | 30 | return 0; |
31 | } | 31 | } |
32 | 32 | ||
33 | EXPORT_SYMBOL(cap_netlink_send); | ||
34 | |||
35 | int cap_netlink_recv(struct sk_buff *skb, int cap) | 33 | int cap_netlink_recv(struct sk_buff *skb, int cap) |
36 | { | 34 | { |
37 | if (!cap_raised(NETLINK_CB(skb).eff_cap, cap)) | 35 | if (!cap_raised(NETLINK_CB(skb).eff_cap, cap)) |
@@ -532,22 +530,3 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages) | |||
532 | return __vm_enough_memory(mm, pages, cap_sys_admin); | 530 | return __vm_enough_memory(mm, pages, cap_sys_admin); |
533 | } | 531 | } |
534 | 532 | ||
535 | EXPORT_SYMBOL(cap_capable); | ||
536 | EXPORT_SYMBOL(cap_settime); | ||
537 | EXPORT_SYMBOL(cap_ptrace); | ||
538 | EXPORT_SYMBOL(cap_capget); | ||
539 | EXPORT_SYMBOL(cap_capset_check); | ||
540 | EXPORT_SYMBOL(cap_capset_set); | ||
541 | EXPORT_SYMBOL(cap_bprm_set_security); | ||
542 | EXPORT_SYMBOL(cap_bprm_apply_creds); | ||
543 | EXPORT_SYMBOL(cap_bprm_secureexec); | ||
544 | EXPORT_SYMBOL(cap_inode_setxattr); | ||
545 | EXPORT_SYMBOL(cap_inode_removexattr); | ||
546 | EXPORT_SYMBOL(cap_task_post_setuid); | ||
547 | EXPORT_SYMBOL(cap_task_kill); | ||
548 | EXPORT_SYMBOL(cap_task_setscheduler); | ||
549 | EXPORT_SYMBOL(cap_task_setioprio); | ||
550 | EXPORT_SYMBOL(cap_task_setnice); | ||
551 | EXPORT_SYMBOL(cap_task_reparent_to_init); | ||
552 | EXPORT_SYMBOL(cap_syslog); | ||
553 | EXPORT_SYMBOL(cap_vm_enough_memory); | ||
diff --git a/security/dummy.c b/security/dummy.c index c77dec822385..bc43d4c7383e 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
@@ -401,11 +401,6 @@ static int dummy_inode_listsecurity(struct inode *inode, char *buffer, size_t bu | |||
401 | return 0; | 401 | return 0; |
402 | } | 402 | } |
403 | 403 | ||
404 | static const char *dummy_inode_xattr_getsuffix(void) | ||
405 | { | ||
406 | return NULL; | ||
407 | } | ||
408 | |||
409 | static int dummy_file_permission (struct file *file, int mask) | 404 | static int dummy_file_permission (struct file *file, int mask) |
410 | { | 405 | { |
411 | return 0; | 406 | return 0; |
@@ -915,11 +910,6 @@ static int dummy_register_security (const char *name, struct security_operations | |||
915 | return -EINVAL; | 910 | return -EINVAL; |
916 | } | 911 | } |
917 | 912 | ||
918 | static int dummy_unregister_security (const char *name, struct security_operations *ops) | ||
919 | { | ||
920 | return -EINVAL; | ||
921 | } | ||
922 | |||
923 | static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode) | 913 | static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode) |
924 | { | 914 | { |
925 | return; | 915 | return; |
@@ -1034,7 +1024,6 @@ void security_fixup_ops (struct security_operations *ops) | |||
1034 | set_to_dummy_if_null(ops, inode_removexattr); | 1024 | set_to_dummy_if_null(ops, inode_removexattr); |
1035 | set_to_dummy_if_null(ops, inode_need_killpriv); | 1025 | set_to_dummy_if_null(ops, inode_need_killpriv); |
1036 | set_to_dummy_if_null(ops, inode_killpriv); | 1026 | set_to_dummy_if_null(ops, inode_killpriv); |
1037 | set_to_dummy_if_null(ops, inode_xattr_getsuffix); | ||
1038 | set_to_dummy_if_null(ops, inode_getsecurity); | 1027 | set_to_dummy_if_null(ops, inode_getsecurity); |
1039 | set_to_dummy_if_null(ops, inode_setsecurity); | 1028 | set_to_dummy_if_null(ops, inode_setsecurity); |
1040 | set_to_dummy_if_null(ops, inode_listsecurity); | 1029 | set_to_dummy_if_null(ops, inode_listsecurity); |
@@ -1095,7 +1084,6 @@ void security_fixup_ops (struct security_operations *ops) | |||
1095 | set_to_dummy_if_null(ops, netlink_send); | 1084 | set_to_dummy_if_null(ops, netlink_send); |
1096 | set_to_dummy_if_null(ops, netlink_recv); | 1085 | set_to_dummy_if_null(ops, netlink_recv); |
1097 | set_to_dummy_if_null(ops, register_security); | 1086 | set_to_dummy_if_null(ops, register_security); |
1098 | set_to_dummy_if_null(ops, unregister_security); | ||
1099 | set_to_dummy_if_null(ops, d_instantiate); | 1087 | set_to_dummy_if_null(ops, d_instantiate); |
1100 | set_to_dummy_if_null(ops, getprocattr); | 1088 | set_to_dummy_if_null(ops, getprocattr); |
1101 | set_to_dummy_if_null(ops, setprocattr); | 1089 | set_to_dummy_if_null(ops, setprocattr); |
diff --git a/security/inode.c b/security/inode.c index 307211ac7346..b28a8acae34d 100644 --- a/security/inode.c +++ b/security/inode.c | |||
@@ -332,14 +332,6 @@ static int __init securityfs_init(void) | |||
332 | return retval; | 332 | return retval; |
333 | } | 333 | } |
334 | 334 | ||
335 | static void __exit securityfs_exit(void) | ||
336 | { | ||
337 | simple_release_fs(&mount, &mount_count); | ||
338 | unregister_filesystem(&fs_type); | ||
339 | subsystem_unregister(&security_subsys); | ||
340 | } | ||
341 | |||
342 | core_initcall(securityfs_init); | 335 | core_initcall(securityfs_init); |
343 | module_exit(securityfs_exit); | ||
344 | MODULE_LICENSE("GPL"); | 336 | MODULE_LICENSE("GPL"); |
345 | 337 | ||
diff --git a/security/security.c b/security/security.c index 2e1b35dd2550..0e1f1f124368 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -71,8 +71,7 @@ int __init security_init(void) | |||
71 | * | 71 | * |
72 | * This function is to allow a security module to register itself with the | 72 | * This function is to allow a security module to register itself with the |
73 | * kernel security subsystem. Some rudimentary checking is done on the @ops | 73 | * kernel security subsystem. Some rudimentary checking is done on the @ops |
74 | * value passed to this function. A call to unregister_security() should be | 74 | * value passed to this function. |
75 | * done to remove this security_options structure from the kernel. | ||
76 | * | 75 | * |
77 | * If there is already a security module registered with the kernel, | 76 | * If there is already a security module registered with the kernel, |
78 | * an error will be returned. Otherwise 0 is returned on success. | 77 | * an error will be returned. Otherwise 0 is returned on success. |
@@ -94,31 +93,6 @@ int register_security(struct security_operations *ops) | |||
94 | } | 93 | } |
95 | 94 | ||
96 | /** | 95 | /** |
97 | * unregister_security - unregisters a security framework with the kernel | ||
98 | * @ops: a pointer to the struct security_options that is to be registered | ||
99 | * | ||
100 | * This function removes a struct security_operations variable that had | ||
101 | * previously been registered with a successful call to register_security(). | ||
102 | * | ||
103 | * If @ops does not match the valued previously passed to register_security() | ||
104 | * an error is returned. Otherwise the default security options is set to the | ||
105 | * the dummy_security_ops structure, and 0 is returned. | ||
106 | */ | ||
107 | int unregister_security(struct security_operations *ops) | ||
108 | { | ||
109 | if (ops != security_ops) { | ||
110 | printk(KERN_INFO "%s: trying to unregister " | ||
111 | "a security_opts structure that is not " | ||
112 | "registered, failing.\n", __FUNCTION__); | ||
113 | return -EINVAL; | ||
114 | } | ||
115 | |||
116 | security_ops = &dummy_security_ops; | ||
117 | |||
118 | return 0; | ||
119 | } | ||
120 | |||
121 | /** | ||
122 | * mod_reg_security - allows security modules to be "stacked" | 96 | * mod_reg_security - allows security modules to be "stacked" |
123 | * @name: a pointer to a string with the name of the security_options to be registered | 97 | * @name: a pointer to a string with the name of the security_options to be registered |
124 | * @ops: a pointer to the struct security_options that is to be registered | 98 | * @ops: a pointer to the struct security_options that is to be registered |
@@ -147,30 +121,6 @@ int mod_reg_security(const char *name, struct security_operations *ops) | |||
147 | return security_ops->register_security(name, ops); | 121 | return security_ops->register_security(name, ops); |
148 | } | 122 | } |
149 | 123 | ||
150 | /** | ||
151 | * mod_unreg_security - allows a security module registered with mod_reg_security() to be unloaded | ||
152 | * @name: a pointer to a string with the name of the security_options to be removed | ||
153 | * @ops: a pointer to the struct security_options that is to be removed | ||
154 | * | ||
155 | * This function allows security modules that have been successfully registered | ||
156 | * with a call to mod_reg_security() to be unloaded from the system. | ||
157 | * This calls the currently loaded security module's unregister_security() call | ||
158 | * with the @name and @ops variables. | ||
159 | * | ||
160 | * The return value depends on the currently loaded security module, with 0 as | ||
161 | * success. | ||
162 | */ | ||
163 | int mod_unreg_security(const char *name, struct security_operations *ops) | ||
164 | { | ||
165 | if (ops == security_ops) { | ||
166 | printk(KERN_INFO "%s invalid attempt to unregister " | ||
167 | " primary security ops.\n", __FUNCTION__); | ||
168 | return -EINVAL; | ||
169 | } | ||
170 | |||
171 | return security_ops->unregister_security(name, ops); | ||
172 | } | ||
173 | |||
174 | /* Security operations */ | 124 | /* Security operations */ |
175 | 125 | ||
176 | int security_ptrace(struct task_struct *parent, struct task_struct *child) | 126 | int security_ptrace(struct task_struct *parent, struct task_struct *child) |
@@ -528,11 +478,6 @@ int security_inode_killpriv(struct dentry *dentry) | |||
528 | return security_ops->inode_killpriv(dentry); | 478 | return security_ops->inode_killpriv(dentry); |
529 | } | 479 | } |
530 | 480 | ||
531 | const char *security_inode_xattr_getsuffix(void) | ||
532 | { | ||
533 | return security_ops->inode_xattr_getsuffix(); | ||
534 | } | ||
535 | |||
536 | int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) | 481 | int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) |
537 | { | 482 | { |
538 | if (unlikely(IS_PRIVATE(inode))) | 483 | if (unlikely(IS_PRIVATE(inode))) |
@@ -858,7 +803,6 @@ int security_netlink_send(struct sock *sk, struct sk_buff *skb) | |||
858 | { | 803 | { |
859 | return security_ops->netlink_send(sk, skb); | 804 | return security_ops->netlink_send(sk, skb); |
860 | } | 805 | } |
861 | EXPORT_SYMBOL(security_netlink_send); | ||
862 | 806 | ||
863 | int security_netlink_recv(struct sk_buff *skb, int cap) | 807 | int security_netlink_recv(struct sk_buff *skb, int cap) |
864 | { | 808 | { |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 221def6a0b1d..24e1b1885de7 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -2409,11 +2409,6 @@ static int selinux_inode_removexattr (struct dentry *dentry, char *name) | |||
2409 | return -EACCES; | 2409 | return -EACCES; |
2410 | } | 2410 | } |
2411 | 2411 | ||
2412 | static const char *selinux_inode_xattr_getsuffix(void) | ||
2413 | { | ||
2414 | return XATTR_SELINUX_SUFFIX; | ||
2415 | } | ||
2416 | |||
2417 | /* | 2412 | /* |
2418 | * Copy the in-core inode security context value to the user. If the | 2413 | * Copy the in-core inode security context value to the user. If the |
2419 | * getxattr() prior to this succeeded, check to see if we need to | 2414 | * getxattr() prior to this succeeded, check to see if we need to |
@@ -4554,19 +4549,6 @@ static int selinux_register_security (const char *name, struct security_operatio | |||
4554 | return 0; | 4549 | return 0; |
4555 | } | 4550 | } |
4556 | 4551 | ||
4557 | static int selinux_unregister_security (const char *name, struct security_operations *ops) | ||
4558 | { | ||
4559 | if (ops != secondary_ops) { | ||
4560 | printk(KERN_ERR "%s: trying to unregister a security module " | ||
4561 | "that is not registered.\n", __FUNCTION__); | ||
4562 | return -EINVAL; | ||
4563 | } | ||
4564 | |||
4565 | secondary_ops = original_ops; | ||
4566 | |||
4567 | return 0; | ||
4568 | } | ||
4569 | |||
4570 | static void selinux_d_instantiate (struct dentry *dentry, struct inode *inode) | 4552 | static void selinux_d_instantiate (struct dentry *dentry, struct inode *inode) |
4571 | { | 4553 | { |
4572 | if (inode) | 4554 | if (inode) |
@@ -4844,7 +4826,6 @@ static struct security_operations selinux_ops = { | |||
4844 | .inode_getxattr = selinux_inode_getxattr, | 4826 | .inode_getxattr = selinux_inode_getxattr, |
4845 | .inode_listxattr = selinux_inode_listxattr, | 4827 | .inode_listxattr = selinux_inode_listxattr, |
4846 | .inode_removexattr = selinux_inode_removexattr, | 4828 | .inode_removexattr = selinux_inode_removexattr, |
4847 | .inode_xattr_getsuffix = selinux_inode_xattr_getsuffix, | ||
4848 | .inode_getsecurity = selinux_inode_getsecurity, | 4829 | .inode_getsecurity = selinux_inode_getsecurity, |
4849 | .inode_setsecurity = selinux_inode_setsecurity, | 4830 | .inode_setsecurity = selinux_inode_setsecurity, |
4850 | .inode_listsecurity = selinux_inode_listsecurity, | 4831 | .inode_listsecurity = selinux_inode_listsecurity, |
@@ -4914,7 +4895,6 @@ static struct security_operations selinux_ops = { | |||
4914 | .sem_semop = selinux_sem_semop, | 4895 | .sem_semop = selinux_sem_semop, |
4915 | 4896 | ||
4916 | .register_security = selinux_register_security, | 4897 | .register_security = selinux_register_security, |
4917 | .unregister_security = selinux_unregister_security, | ||
4918 | 4898 | ||
4919 | .d_instantiate = selinux_d_instantiate, | 4899 | .d_instantiate = selinux_d_instantiate, |
4920 | 4900 | ||