aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAhmed S. Darwish <darwish.07@gmail.com>2008-03-01 14:58:32 -0500
committerJames Morris <jmorris@namei.org>2008-04-18 19:52:36 -0400
commit6b89a74be0fbbc6cc639d5cf7dcf8e6ee0f120a7 (patch)
treec56574f86d518feb898e934e428dbae999236b5a
parent0ce784ca729dce8c9076a6339a15530ca13212f2 (diff)
SELinux: remove redundant exports
Remove the following exported SELinux interfaces: selinux_get_inode_sid(inode, sid) selinux_get_ipc_sid(ipcp, sid) selinux_get_task_sid(tsk, sid) selinux_sid_to_string(sid, ctx, len) They can be substitued with the following generic equivalents respectively: new LSM hook, inode_getsecid(inode, secid) new LSM hook, ipc_getsecid*(ipcp, secid) LSM hook, task_getsecid(tsk, secid) LSM hook, sid_to_secctx(sid, ctx, len) Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
-rw-r--r--include/linux/selinux.h62
-rw-r--r--security/selinux/exports.c42
2 files changed, 0 insertions, 104 deletions
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
index 8c2cc4c02526..24b0af1c4cac 100644
--- a/include/linux/selinux.h
+++ b/include/linux/selinux.h
@@ -16,7 +16,6 @@
16 16
17struct selinux_audit_rule; 17struct selinux_audit_rule;
18struct audit_context; 18struct audit_context;
19struct inode;
20struct kern_ipc_perm; 19struct kern_ipc_perm;
21 20
22#ifdef CONFIG_SECURITY_SELINUX 21#ifdef CONFIG_SECURITY_SELINUX
@@ -70,45 +69,6 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op,
70void selinux_audit_set_callback(int (*callback)(void)); 69void selinux_audit_set_callback(int (*callback)(void));
71 70
72/** 71/**
73 * selinux_sid_to_string - map a security context ID to a string
74 * @sid: security context ID to be converted.
75 * @ctx: address of context string to be returned
76 * @ctxlen: length of returned context string.
77 *
78 * Returns 0 if successful, -errno if not. On success, the context
79 * string will be allocated internally, and the caller must call
80 * kfree() on it after use.
81 */
82int selinux_sid_to_string(u32 sid, char **ctx, u32 *ctxlen);
83
84/**
85 * selinux_get_inode_sid - get the inode's security context ID
86 * @inode: inode structure to get the sid from.
87 * @sid: pointer to security context ID to be filled in.
88 *
89 * Returns nothing
90 */
91void selinux_get_inode_sid(const struct inode *inode, u32 *sid);
92
93/**
94 * selinux_get_ipc_sid - get the ipc security context ID
95 * @ipcp: ipc structure to get the sid from.
96 * @sid: pointer to security context ID to be filled in.
97 *
98 * Returns nothing
99 */
100void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid);
101
102/**
103 * selinux_get_task_sid - return the SID of task
104 * @tsk: the task whose SID will be returned
105 * @sid: pointer to security context ID to be filled in.
106 *
107 * Returns nothing
108 */
109void selinux_get_task_sid(struct task_struct *tsk, u32 *sid);
110
111/**
112 * selinux_string_to_sid - map a security context string to a security ID 72 * selinux_string_to_sid - map a security context string to a security ID
113 * @str: the security context string to be mapped 73 * @str: the security context string to be mapped
114 * @sid: ID value returned via this. 74 * @sid: ID value returned via this.
@@ -175,28 +135,6 @@ static inline void selinux_audit_set_callback(int (*callback)(void))
175 return; 135 return;
176} 136}
177 137
178static inline int selinux_sid_to_string(u32 sid, char **ctx, u32 *ctxlen)
179{
180 *ctx = NULL;
181 *ctxlen = 0;
182 return 0;
183}
184
185static inline void selinux_get_inode_sid(const struct inode *inode, u32 *sid)
186{
187 *sid = 0;
188}
189
190static inline void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid)
191{
192 *sid = 0;
193}
194
195static inline void selinux_get_task_sid(struct task_struct *tsk, u32 *sid)
196{
197 *sid = 0;
198}
199
200static inline int selinux_string_to_sid(const char *str, u32 *sid) 138static inline int selinux_string_to_sid(const char *str, u32 *sid)
201{ 139{
202 *sid = 0; 140 *sid = 0;
diff --git a/security/selinux/exports.c b/security/selinux/exports.c
index 87d2bb3ea355..64af2d3409ef 100644
--- a/security/selinux/exports.c
+++ b/security/selinux/exports.c
@@ -25,48 +25,6 @@
25/* SECMARK reference count */ 25/* SECMARK reference count */
26extern atomic_t selinux_secmark_refcount; 26extern atomic_t selinux_secmark_refcount;
27 27
28int selinux_sid_to_string(u32 sid, char **ctx, u32 *ctxlen)
29{
30 if (selinux_enabled)
31 return security_sid_to_context(sid, ctx, ctxlen);
32 else {
33 *ctx = NULL;
34 *ctxlen = 0;
35 }
36
37 return 0;
38}
39
40void selinux_get_inode_sid(const struct inode *inode, u32 *sid)
41{
42 if (selinux_enabled) {
43 struct inode_security_struct *isec = inode->i_security;
44 *sid = isec->sid;
45 return;
46 }
47 *sid = 0;
48}
49
50void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid)
51{
52 if (selinux_enabled) {
53 struct ipc_security_struct *isec = ipcp->security;
54 *sid = isec->sid;
55 return;
56 }
57 *sid = 0;
58}
59
60void selinux_get_task_sid(struct task_struct *tsk, u32 *sid)
61{
62 if (selinux_enabled) {
63 struct task_security_struct *tsec = tsk->security;
64 *sid = tsec->sid;
65 return;
66 }
67 *sid = 0;
68}
69
70int selinux_string_to_sid(char *str, u32 *sid) 28int selinux_string_to_sid(char *str, u32 *sid)
71{ 29{
72 if (selinux_enabled) 30 if (selinux_enabled)