diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2005-09-09 16:01:45 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-09-09 16:57:28 -0400 |
| commit | e31e14ec356f36b131576be5bc31d8fef7e95483 (patch) | |
| tree | 5597419cf186904d77c4b4ecf117287bcc1db986 | |
| parent | a74574aafea3a63add3251047601611111f44562 (diff) | |
[PATCH] remove the inode_post_link and inode_post_rename LSM hooks
This patch removes the inode_post_link and inode_post_rename LSM hooks as
they are unused (and likely useless).
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
| -rw-r--r-- | fs/namei.c | 10 | ||||
| -rw-r--r-- | include/linux/security.h | 49 | ||||
| -rw-r--r-- | security/dummy.c | 17 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 13 |
4 files changed, 2 insertions, 87 deletions
diff --git a/fs/namei.c b/fs/namei.c index 993a65a7d570..21d85f1ac839 100644 --- a/fs/namei.c +++ b/fs/namei.c | |||
| @@ -2012,10 +2012,8 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de | |||
| 2012 | DQUOT_INIT(dir); | 2012 | DQUOT_INIT(dir); |
| 2013 | error = dir->i_op->link(old_dentry, dir, new_dentry); | 2013 | error = dir->i_op->link(old_dentry, dir, new_dentry); |
| 2014 | up(&old_dentry->d_inode->i_sem); | 2014 | up(&old_dentry->d_inode->i_sem); |
| 2015 | if (!error) { | 2015 | if (!error) |
| 2016 | fsnotify_create(dir, new_dentry->d_name.name); | 2016 | fsnotify_create(dir, new_dentry->d_name.name); |
| 2017 | security_inode_post_link(old_dentry, dir, new_dentry); | ||
| 2018 | } | ||
| 2019 | return error; | 2017 | return error; |
| 2020 | } | 2018 | } |
| 2021 | 2019 | ||
| @@ -2134,11 +2132,8 @@ static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry, | |||
| 2134 | d_rehash(new_dentry); | 2132 | d_rehash(new_dentry); |
| 2135 | dput(new_dentry); | 2133 | dput(new_dentry); |
| 2136 | } | 2134 | } |
| 2137 | if (!error) { | 2135 | if (!error) |
| 2138 | d_move(old_dentry,new_dentry); | 2136 | d_move(old_dentry,new_dentry); |
| 2139 | security_inode_post_rename(old_dir, old_dentry, | ||
| 2140 | new_dir, new_dentry); | ||
| 2141 | } | ||
| 2142 | return error; | 2137 | return error; |
| 2143 | } | 2138 | } |
| 2144 | 2139 | ||
| @@ -2164,7 +2159,6 @@ static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry, | |||
| 2164 | /* The following d_move() should become unconditional */ | 2159 | /* The following d_move() should become unconditional */ |
| 2165 | if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME)) | 2160 | if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME)) |
| 2166 | d_move(old_dentry, new_dentry); | 2161 | d_move(old_dentry, new_dentry); |
| 2167 | security_inode_post_rename(old_dir, old_dentry, new_dir, new_dentry); | ||
| 2168 | } | 2162 | } |
| 2169 | if (target) | 2163 | if (target) |
| 2170 | up(&target->i_sem); | 2164 | up(&target->i_sem); |
diff --git a/include/linux/security.h b/include/linux/security.h index 875225bf8986..55b02e1c73f4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -281,11 +281,6 @@ struct swap_info_struct; | |||
| 281 | * @dir contains the inode structure of the parent directory of the new link. | 281 | * @dir contains the inode structure of the parent directory of the new link. |
| 282 | * @new_dentry contains the dentry structure for the new link. | 282 | * @new_dentry contains the dentry structure for the new link. |
| 283 | * Return 0 if permission is granted. | 283 | * Return 0 if permission is granted. |
| 284 | * @inode_post_link: | ||
| 285 | * Set security attributes for a new hard link to a file. | ||
| 286 | * @old_dentry contains the dentry structure for the existing link. | ||
| 287 | * @dir contains the inode structure of the parent directory of the new file. | ||
| 288 | * @new_dentry contains the dentry structure for the new file link. | ||
| 289 | * @inode_unlink: | 284 | * @inode_unlink: |
| 290 | * Check the permission to remove a hard link to a file. | 285 | * Check the permission to remove a hard link to a file. |
| 291 | * @dir contains the inode structure of parent directory of the file. | 286 | * @dir contains the inode structure of parent directory of the file. |
| @@ -326,12 +321,6 @@ struct swap_info_struct; | |||
| 326 | * @new_dir contains the inode structure for parent of the new link. | 321 | * @new_dir contains the inode structure for parent of the new link. |
| 327 | * @new_dentry contains the dentry structure of the new link. | 322 | * @new_dentry contains the dentry structure of the new link. |
| 328 | * Return 0 if permission is granted. | 323 | * Return 0 if permission is granted. |
| 329 | * @inode_post_rename: | ||
| 330 | * Set security attributes on a renamed file or directory. | ||
| 331 | * @old_dir contains the inode structure for parent of the old link. | ||
| 332 | * @old_dentry contains the dentry structure of the old link. | ||
| 333 | * @new_dir contains the inode structure for parent of the new link. | ||
| 334 | * @new_dentry contains the dentry structure of the new link. | ||
| 335 | * @inode_readlink: | 324 | * @inode_readlink: |
| 336 | * Check the permission to read the symbolic link. | 325 | * Check the permission to read the symbolic link. |
| 337 | * @dentry contains the dentry structure for the file link. | 326 | * @dentry contains the dentry structure for the file link. |
| @@ -1080,8 +1069,6 @@ struct security_operations { | |||
| 1080 | struct dentry *dentry, int mode); | 1069 | struct dentry *dentry, int mode); |
| 1081 | int (*inode_link) (struct dentry *old_dentry, | 1070 | int (*inode_link) (struct dentry *old_dentry, |
| 1082 | struct inode *dir, struct dentry *new_dentry); | 1071 | struct inode *dir, struct dentry *new_dentry); |
| 1083 | void (*inode_post_link) (struct dentry *old_dentry, | ||
| 1084 | struct inode *dir, struct dentry *new_dentry); | ||
| 1085 | int (*inode_unlink) (struct inode *dir, struct dentry *dentry); | 1072 | int (*inode_unlink) (struct inode *dir, struct dentry *dentry); |
| 1086 | int (*inode_symlink) (struct inode *dir, | 1073 | int (*inode_symlink) (struct inode *dir, |
| 1087 | struct dentry *dentry, const char *old_name); | 1074 | struct dentry *dentry, const char *old_name); |
| @@ -1091,10 +1078,6 @@ struct security_operations { | |||
| 1091 | int mode, dev_t dev); | 1078 | int mode, dev_t dev); |
| 1092 | int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, | 1079 | int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, |
| 1093 | struct inode *new_dir, struct dentry *new_dentry); | 1080 | struct inode *new_dir, struct dentry *new_dentry); |
| 1094 | void (*inode_post_rename) (struct inode *old_dir, | ||
| 1095 | struct dentry *old_dentry, | ||
| 1096 | struct inode *new_dir, | ||
| 1097 | struct dentry *new_dentry); | ||
| 1098 | int (*inode_readlink) (struct dentry *dentry); | 1081 | int (*inode_readlink) (struct dentry *dentry); |
| 1099 | int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); | 1082 | int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); |
| 1100 | int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd); | 1083 | int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd); |
| @@ -1459,15 +1442,6 @@ static inline int security_inode_link (struct dentry *old_dentry, | |||
| 1459 | return security_ops->inode_link (old_dentry, dir, new_dentry); | 1442 | return security_ops->inode_link (old_dentry, dir, new_dentry); |
| 1460 | } | 1443 | } |
| 1461 | 1444 | ||
| 1462 | static inline void security_inode_post_link (struct dentry *old_dentry, | ||
| 1463 | struct inode *dir, | ||
| 1464 | struct dentry *new_dentry) | ||
| 1465 | { | ||
| 1466 | if (new_dentry->d_inode && unlikely (IS_PRIVATE (new_dentry->d_inode))) | ||
| 1467 | return; | ||
| 1468 | security_ops->inode_post_link (old_dentry, dir, new_dentry); | ||
| 1469 | } | ||
| 1470 | |||
| 1471 | static inline int security_inode_unlink (struct inode *dir, | 1445 | static inline int security_inode_unlink (struct inode *dir, |
| 1472 | struct dentry *dentry) | 1446 | struct dentry *dentry) |
| 1473 | { | 1447 | { |
| @@ -1523,18 +1497,6 @@ static inline int security_inode_rename (struct inode *old_dir, | |||
| 1523 | new_dir, new_dentry); | 1497 | new_dir, new_dentry); |
| 1524 | } | 1498 | } |
| 1525 | 1499 | ||
| 1526 | static inline void security_inode_post_rename (struct inode *old_dir, | ||
| 1527 | struct dentry *old_dentry, | ||
| 1528 | struct inode *new_dir, | ||
| 1529 | struct dentry *new_dentry) | ||
| 1530 | { | ||
| 1531 | if (unlikely (IS_PRIVATE (old_dentry->d_inode) || | ||
| 1532 | (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode)))) | ||
| 1533 | return; | ||
| 1534 | security_ops->inode_post_rename (old_dir, old_dentry, | ||
| 1535 | new_dir, new_dentry); | ||
| 1536 | } | ||
| 1537 | |||
| 1538 | static inline int security_inode_readlink (struct dentry *dentry) | 1500 | static inline int security_inode_readlink (struct dentry *dentry) |
| 1539 | { | 1501 | { |
| 1540 | if (unlikely (IS_PRIVATE (dentry->d_inode))) | 1502 | if (unlikely (IS_PRIVATE (dentry->d_inode))) |
| @@ -2157,11 +2119,6 @@ static inline int security_inode_link (struct dentry *old_dentry, | |||
| 2157 | return 0; | 2119 | return 0; |
| 2158 | } | 2120 | } |
| 2159 | 2121 | ||
| 2160 | static inline void security_inode_post_link (struct dentry *old_dentry, | ||
| 2161 | struct inode *dir, | ||
| 2162 | struct dentry *new_dentry) | ||
| 2163 | { } | ||
| 2164 | |||
| 2165 | static inline int security_inode_unlink (struct inode *dir, | 2122 | static inline int security_inode_unlink (struct inode *dir, |
| 2166 | struct dentry *dentry) | 2123 | struct dentry *dentry) |
| 2167 | { | 2124 | { |
| @@ -2203,12 +2160,6 @@ static inline int security_inode_rename (struct inode *old_dir, | |||
| 2203 | return 0; | 2160 | return 0; |
| 2204 | } | 2161 | } |
| 2205 | 2162 | ||
| 2206 | static inline void security_inode_post_rename (struct inode *old_dir, | ||
| 2207 | struct dentry *old_dentry, | ||
| 2208 | struct inode *new_dir, | ||
| 2209 | struct dentry *new_dentry) | ||
| 2210 | { } | ||
| 2211 | |||
| 2212 | static inline int security_inode_readlink (struct dentry *dentry) | 2163 | static inline int security_inode_readlink (struct dentry *dentry) |
| 2213 | { | 2164 | { |
| 2214 | return 0; | 2165 | return 0; |
diff --git a/security/dummy.c b/security/dummy.c index 5083314e14b1..9623a61dfc76 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
| @@ -276,13 +276,6 @@ static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode, | |||
| 276 | return 0; | 276 | return 0; |
| 277 | } | 277 | } |
| 278 | 278 | ||
| 279 | static void dummy_inode_post_link (struct dentry *old_dentry, | ||
| 280 | struct inode *inode, | ||
| 281 | struct dentry *new_dentry) | ||
| 282 | { | ||
| 283 | return; | ||
| 284 | } | ||
| 285 | |||
| 286 | static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry) | 279 | static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry) |
| 287 | { | 280 | { |
| 288 | return 0; | 281 | return 0; |
| @@ -319,14 +312,6 @@ static int dummy_inode_rename (struct inode *old_inode, | |||
| 319 | return 0; | 312 | return 0; |
| 320 | } | 313 | } |
| 321 | 314 | ||
| 322 | static void dummy_inode_post_rename (struct inode *old_inode, | ||
| 323 | struct dentry *old_dentry, | ||
| 324 | struct inode *new_inode, | ||
| 325 | struct dentry *new_dentry) | ||
| 326 | { | ||
| 327 | return; | ||
| 328 | } | ||
| 329 | |||
| 330 | static int dummy_inode_readlink (struct dentry *dentry) | 315 | static int dummy_inode_readlink (struct dentry *dentry) |
| 331 | { | 316 | { |
| 332 | return 0; | 317 | return 0; |
| @@ -871,14 +856,12 @@ void security_fixup_ops (struct security_operations *ops) | |||
| 871 | set_to_dummy_if_null(ops, inode_init_security); | 856 | set_to_dummy_if_null(ops, inode_init_security); |
| 872 | set_to_dummy_if_null(ops, inode_create); | 857 | set_to_dummy_if_null(ops, inode_create); |
| 873 | set_to_dummy_if_null(ops, inode_link); | 858 | set_to_dummy_if_null(ops, inode_link); |
| 874 | set_to_dummy_if_null(ops, inode_post_link); | ||
| 875 | set_to_dummy_if_null(ops, inode_unlink); | 859 | set_to_dummy_if_null(ops, inode_unlink); |
| 876 | set_to_dummy_if_null(ops, inode_symlink); | 860 | set_to_dummy_if_null(ops, inode_symlink); |
| 877 | set_to_dummy_if_null(ops, inode_mkdir); | 861 | set_to_dummy_if_null(ops, inode_mkdir); |
| 878 | set_to_dummy_if_null(ops, inode_rmdir); | 862 | set_to_dummy_if_null(ops, inode_rmdir); |
| 879 | set_to_dummy_if_null(ops, inode_mknod); | 863 | set_to_dummy_if_null(ops, inode_mknod); |
| 880 | set_to_dummy_if_null(ops, inode_rename); | 864 | set_to_dummy_if_null(ops, inode_rename); |
| 881 | set_to_dummy_if_null(ops, inode_post_rename); | ||
| 882 | set_to_dummy_if_null(ops, inode_readlink); | 865 | set_to_dummy_if_null(ops, inode_readlink); |
| 883 | set_to_dummy_if_null(ops, inode_follow_link); | 866 | set_to_dummy_if_null(ops, inode_follow_link); |
| 884 | set_to_dummy_if_null(ops, inode_permission); | 867 | set_to_dummy_if_null(ops, inode_permission); |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c9c20828be79..3f0b533be92c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2009,11 +2009,6 @@ static int selinux_inode_link(struct dentry *old_dentry, struct inode *dir, stru | |||
| 2009 | return may_link(dir, old_dentry, MAY_LINK); | 2009 | return may_link(dir, old_dentry, MAY_LINK); |
| 2010 | } | 2010 | } |
| 2011 | 2011 | ||
| 2012 | static void selinux_inode_post_link(struct dentry *old_dentry, struct inode *inode, struct dentry *new_dentry) | ||
| 2013 | { | ||
| 2014 | return; | ||
| 2015 | } | ||
| 2016 | |||
| 2017 | static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry) | 2012 | static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry) |
| 2018 | { | 2013 | { |
| 2019 | int rc; | 2014 | int rc; |
| @@ -2056,12 +2051,6 @@ static int selinux_inode_rename(struct inode *old_inode, struct dentry *old_dent | |||
| 2056 | return may_rename(old_inode, old_dentry, new_inode, new_dentry); | 2051 | return may_rename(old_inode, old_dentry, new_inode, new_dentry); |
| 2057 | } | 2052 | } |
| 2058 | 2053 | ||
| 2059 | static void selinux_inode_post_rename(struct inode *old_inode, struct dentry *old_dentry, | ||
| 2060 | struct inode *new_inode, struct dentry *new_dentry) | ||
| 2061 | { | ||
| 2062 | return; | ||
| 2063 | } | ||
| 2064 | |||
| 2065 | static int selinux_inode_readlink(struct dentry *dentry) | 2054 | static int selinux_inode_readlink(struct dentry *dentry) |
| 2066 | { | 2055 | { |
| 2067 | return dentry_has_perm(current, NULL, dentry, FILE__READ); | 2056 | return dentry_has_perm(current, NULL, dentry, FILE__READ); |
| @@ -4257,14 +4246,12 @@ static struct security_operations selinux_ops = { | |||
| 4257 | .inode_init_security = selinux_inode_init_security, | 4246 | .inode_init_security = selinux_inode_init_security, |
| 4258 | .inode_create = selinux_inode_create, | 4247 | .inode_create = selinux_inode_create, |
| 4259 | .inode_link = selinux_inode_link, | 4248 | .inode_link = selinux_inode_link, |
| 4260 | .inode_post_link = selinux_inode_post_link, | ||
| 4261 | .inode_unlink = selinux_inode_unlink, | 4249 | .inode_unlink = selinux_inode_unlink, |
| 4262 | .inode_symlink = selinux_inode_symlink, | 4250 | .inode_symlink = selinux_inode_symlink, |
| 4263 | .inode_mkdir = selinux_inode_mkdir, | 4251 | .inode_mkdir = selinux_inode_mkdir, |
| 4264 | .inode_rmdir = selinux_inode_rmdir, | 4252 | .inode_rmdir = selinux_inode_rmdir, |
| 4265 | .inode_mknod = selinux_inode_mknod, | 4253 | .inode_mknod = selinux_inode_mknod, |
| 4266 | .inode_rename = selinux_inode_rename, | 4254 | .inode_rename = selinux_inode_rename, |
| 4267 | .inode_post_rename = selinux_inode_post_rename, | ||
| 4268 | .inode_readlink = selinux_inode_readlink, | 4255 | .inode_readlink = selinux_inode_readlink, |
| 4269 | .inode_follow_link = selinux_inode_follow_link, | 4256 | .inode_follow_link = selinux_inode_follow_link, |
| 4270 | .inode_permission = selinux_inode_permission, | 4257 | .inode_permission = selinux_inode_permission, |