[PATCH] Remove security_inode_post_create/mkdir/symlink/mknod hooks

This patch removes the inode_post_create/mkdir/mknod/symlink LSM hooks as they are obsoleted by the new inode_init_security hook that enables atomic inode security labeling. If anyone sees any reason to retain these hooks, please speak now. Also, is anyone using the post_rename/link hooks; if not, those could also be removed. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
author: Stephen Smalley <sds@tycho.nsa.gov> 2005-09-09 16:01:44 -0400
committer: Linus Torvalds <torvalds@g5.osdl.org> 2005-09-09 16:57:28 -0400
commit: a74574aafea3a63add3251047601611111f44562 (patch)
tree: a8f4a809589513c666c6f5518cbe84f50ee5523e /include/linux/security.h
parent: 570bc1c2e5ccdb408081e77507a385dc7ebed7fa (diff)
1 files changed, 0 insertions, 90 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index d4f3b7a94ea6..875225bf8986 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -275,12 +275,6 @@ struct swap_info_struct;
 *      @dentry contains the dentry structure for the file to be created.
 *      @mode contains the file mode of the file to be created.
 *      Return 0 if permission is granted.
- * @inode_post_create:
- *      Set the security attributes on a newly created regular file.  This hook
- *      is called after a file has been successfully created.
- *      @dir contains the inode structure of the parent directory of the new file.
- *      @dentry contains the the dentry structure for the newly created file.
- *      @mode contains the file mode.
 * @inode_link:
 *      Check permission before creating a new hard link to a file.
 *      @old_dentry contains the dentry structure for an existing link to the file.
@@ -303,13 +297,6 @@ struct swap_info_struct;
 *      @dentry contains the dentry structure of the symbolic link.
 *      @old_name contains the pathname of file.
 *      Return 0 if permission is granted.
- * @inode_post_symlink:
- *      @dir contains the inode structure of the parent directory of the new link.
- *      @dentry contains the dentry structure of new symbolic link.
- *      @old_name contains the pathname of file.
- *      Set security attributes for a newly created symbolic link.  Note that
- *      @dentry->d_inode may be NULL, since the filesystem might not
- *      instantiate the dentry (e.g. NFS).
 * @inode_mkdir:
 *      Check permissions to create a new directory in the existing directory
 *      associated with inode strcture @dir. 
@@ -317,11 +304,6 @@ struct swap_info_struct;
 *      @dentry contains the dentry structure of new directory.
 *      @mode contains the mode of new directory.
 *      Return 0 if permission is granted.
- * @inode_post_mkdir:
- *      Set security attributes on a newly created directory.
- *      @dir contains the inode structure of parent of the directory to be created.
- *      @dentry contains the dentry structure of new directory.
- *      @mode contains the mode of new directory.
 * @inode_rmdir:
 *      Check the permission to remove a directory.
 *      @dir contains the inode structure of parent of the directory to be removed.
@@ -337,13 +319,6 @@ struct swap_info_struct;
 *      @mode contains the mode of the new file.
 *      @dev contains the the device number.
 *      Return 0 if permission is granted.
- * @inode_post_mknod:
- *      Set security attributes on a newly created special file (or socket or
- *      fifo file created via the mknod system call).
- *      @dir contains the inode structure of parent of the new node.
- *      @dentry contains the dentry structure of the new node.
- *      @mode contains the mode of the new node.
- *      @dev contains the the device number.
 * @inode_rename:
 *      Check for permission to rename a file or directory.
 *      @old_dir contains the inode structure for parent of the old link.
@@ -1103,8 +1078,6 @@ struct security_operations {
                                    char **name, void **value, size_t *len);
        int (*inode_create) (struct inode *dir,
                             struct dentry *dentry, int mode);
-        void (*inode_post_create) (struct inode *dir,
-                                   struct dentry *dentry, int mode);
        int (*inode_link) (struct dentry *old_dentry,
                           struct inode *dir, struct dentry *new_dentry);
        void (*inode_post_link) (struct dentry *old_dentry,
@@ -1112,17 +1085,10 @@ struct security_operations {
        int (*inode_unlink) (struct inode *dir, struct dentry *dentry);
        int (*inode_symlink) (struct inode *dir,
                              struct dentry *dentry, const char *old_name);
-        void (*inode_post_symlink) (struct inode *dir,
-                                    struct dentry *dentry,
-                                    const char *old_name);
        int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode);
-        void (*inode_post_mkdir) (struct inode *dir, struct dentry *dentry, 
-                            int mode);
        int (*inode_rmdir) (struct inode *dir, struct dentry *dentry);
        int (*inode_mknod) (struct inode *dir, struct dentry *dentry,
                            int mode, dev_t dev);
-        void (*inode_post_mknod) (struct inode *dir, struct dentry *dentry,
-                                  int mode, dev_t dev);
        int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry,
                             struct inode *new_dir, struct dentry *new_dentry);
        void (*inode_post_rename) (struct inode *old_dir,
@@ -1484,15 +1450,6 @@ static inline int security_inode_create (struct inode *dir,
        return security_ops->inode_create (dir, dentry, mode);
 }
-static inline void security_inode_post_create (struct inode *dir,
-                                               struct dentry *dentry,
-                                               int mode)
-{
-        if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
-                return;
-        security_ops->inode_post_create (dir, dentry, mode);
-}
 static inline int security_inode_link (struct dentry *old_dentry,
                                       struct inode *dir,
                                       struct dentry *new_dentry)
@@ -1528,15 +1485,6 @@ static inline int security_inode_symlink (struct inode *dir,
        return security_ops->inode_symlink (dir, dentry, old_name);
 }
-static inline void security_inode_post_symlink (struct inode *dir,
-                                                struct dentry *dentry,
-                                                const char *old_name)
-{
-        if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
-                return;
-        security_ops->inode_post_symlink (dir, dentry, old_name);
-}
 static inline int security_inode_mkdir (struct inode *dir,
                                        struct dentry *dentry,
                                        int mode)
@@ -1546,15 +1494,6 @@ static inline int security_inode_mkdir (struct inode *dir,
        return security_ops->inode_mkdir (dir, dentry, mode);
 }
-static inline void security_inode_post_mkdir (struct inode *dir,
-                                              struct dentry *dentry,
-                                              int mode)
-{
-        if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
-                return;
-        security_ops->inode_post_mkdir (dir, dentry, mode);
-}
 static inline int security_inode_rmdir (struct inode *dir,
                                        struct dentry *dentry)
 {
@@ -1572,15 +1511,6 @@ static inline int security_inode_mknod (struct inode *dir,
        return security_ops->inode_mknod (dir, dentry, mode, dev);
 }
-static inline void security_inode_post_mknod (struct inode *dir,
-                                              struct dentry *dentry,
-                                              int mode, dev_t dev)
-{
-        if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
-                return;
-        security_ops->inode_post_mknod (dir, dentry, mode, dev);
-}
 static inline int security_inode_rename (struct inode *old_dir,
                                         struct dentry *old_dentry,
                                         struct inode *new_dir,
@@ -2220,11 +2150,6 @@ static inline int security_inode_create (struct inode *dir,
        return 0;
 }
-static inline void security_inode_post_create (struct inode *dir,
-                                               struct dentry *dentry,
-                                               int mode)
-{ }
 static inline int security_inode_link (struct dentry *old_dentry,
                                       struct inode *dir,
                                       struct dentry *new_dentry)
@@ -2250,11 +2175,6 @@ static inline int security_inode_symlink (struct inode *dir,
        return 0;
 }
-static inline void security_inode_post_symlink (struct inode *dir,
-                                                struct dentry *dentry,
-                                                const char *old_name)
-{ }
 static inline int security_inode_mkdir (struct inode *dir,
                                        struct dentry *dentry,
                                        int mode)
@@ -2262,11 +2182,6 @@ static inline int security_inode_mkdir (struct inode *dir,
        return 0;
 }
-static inline void security_inode_post_mkdir (struct inode *dir,
-                                              struct dentry *dentry,
-                                              int mode)
-{ }
 static inline int security_inode_rmdir (struct inode *dir,
                                        struct dentry *dentry)
 {
@@ -2280,11 +2195,6 @@ static inline int security_inode_mknod (struct inode *dir,
        return 0;
 }
-static inline void security_inode_post_mknod (struct inode *dir,
-                                              struct dentry *dentry,
-                                              int mode, dev_t dev)
-{ }
 static inline int security_inode_rename (struct inode *old_dir,
                                         struct dentry *old_dentry,
                                         struct inode *new_dir,
author	Stephen Smalley <sds@tycho.nsa.gov>	2005-09-09 16:01:44 -0400
committer	Linus Torvalds <torvalds@g5.osdl.org>	2005-09-09 16:57:28 -0400
commit	a74574aafea3a63add3251047601611111f44562 (patch)
tree	a8f4a809589513c666c6f5518cbe84f50ee5523e /include/linux/security.h
parent	570bc1c2e5ccdb408081e77507a385dc7ebed7fa (diff)

diff --git a/include/linux/security.h b/include/linux/security.h index d4f3b7a94ea6..875225bf8986 100644 --- a/include/linux/security.h +++ b/include/linux/security.h
@@ -275,12 +275,6 @@ struct swap_info_struct;
275	* @dentry contains the dentry structure for the file to be created.	275	* @dentry contains the dentry structure for the file to be created.
276	* @mode contains the file mode of the file to be created.	276	* @mode contains the file mode of the file to be created.
277	* Return 0 if permission is granted.	277	* Return 0 if permission is granted.
278	* @inode_post_create:
279	* Set the security attributes on a newly created regular file. This hook
280	* is called after a file has been successfully created.
281	* @dir contains the inode structure of the parent directory of the new file.
282	* @dentry contains the the dentry structure for the newly created file.
283	* @mode contains the file mode.
284	* @inode_link:	278	* @inode_link:
285	* Check permission before creating a new hard link to a file.	279	* Check permission before creating a new hard link to a file.
286	* @old_dentry contains the dentry structure for an existing link to the file.	280	* @old_dentry contains the dentry structure for an existing link to the file.
@@ -303,13 +297,6 @@ struct swap_info_struct;
303	* @dentry contains the dentry structure of the symbolic link.	297	* @dentry contains the dentry structure of the symbolic link.
304	* @old_name contains the pathname of file.	298	* @old_name contains the pathname of file.
305	* Return 0 if permission is granted.	299	* Return 0 if permission is granted.
306	* @inode_post_symlink:
307	* @dir contains the inode structure of the parent directory of the new link.
308	* @dentry contains the dentry structure of new symbolic link.
309	* @old_name contains the pathname of file.
310	* Set security attributes for a newly created symbolic link. Note that
311	* @dentry->d_inode may be NULL, since the filesystem might not
312	* instantiate the dentry (e.g. NFS).
313	* @inode_mkdir:	300	* @inode_mkdir:
314	* Check permissions to create a new directory in the existing directory	301	* Check permissions to create a new directory in the existing directory
315	* associated with inode strcture @dir.	302	* associated with inode strcture @dir.
@@ -317,11 +304,6 @@ struct swap_info_struct;
317	* @dentry contains the dentry structure of new directory.	304	* @dentry contains the dentry structure of new directory.
318	* @mode contains the mode of new directory.	305	* @mode contains the mode of new directory.
319	* Return 0 if permission is granted.	306	* Return 0 if permission is granted.
320	* @inode_post_mkdir:
321	* Set security attributes on a newly created directory.
322	* @dir contains the inode structure of parent of the directory to be created.
323	* @dentry contains the dentry structure of new directory.
324	* @mode contains the mode of new directory.
325	* @inode_rmdir:	307	* @inode_rmdir:
326	* Check the permission to remove a directory.	308	* Check the permission to remove a directory.
327	* @dir contains the inode structure of parent of the directory to be removed.	309	* @dir contains the inode structure of parent of the directory to be removed.
@@ -337,13 +319,6 @@ struct swap_info_struct;
337	* @mode contains the mode of the new file.	319	* @mode contains the mode of the new file.
338	* @dev contains the the device number.	320	* @dev contains the the device number.
339	* Return 0 if permission is granted.	321	* Return 0 if permission is granted.
340	* @inode_post_mknod:
341	* Set security attributes on a newly created special file (or socket or
342	* fifo file created via the mknod system call).
343	* @dir contains the inode structure of parent of the new node.
344	* @dentry contains the dentry structure of the new node.
345	* @mode contains the mode of the new node.
346	* @dev contains the the device number.
347	* @inode_rename:	322	* @inode_rename:
348	* Check for permission to rename a file or directory.	323	* Check for permission to rename a file or directory.
349	* @old_dir contains the inode structure for parent of the old link.	324	* @old_dir contains the inode structure for parent of the old link.
@@ -1103,8 +1078,6 @@ struct security_operations {
1103	char name, void value, size_t *len);	1078	char name, void value, size_t *len);
1104	int (inode_create) (struct inode dir,	1079	int (inode_create) (struct inode dir,
1105	struct dentry *dentry, int mode);	1080	struct dentry *dentry, int mode);
1106	void (inode_post_create) (struct inode dir,
1107	struct dentry *dentry, int mode);
1108	int (inode_link) (struct dentry old_dentry,	1081	int (inode_link) (struct dentry old_dentry,
1109	struct inode dir, struct dentry new_dentry);	1082	struct inode dir, struct dentry new_dentry);
1110	void (inode_post_link) (struct dentry old_dentry,	1083	void (inode_post_link) (struct dentry old_dentry,
@@ -1112,17 +1085,10 @@ struct security_operations {
1112	int (inode_unlink) (struct inode dir, struct dentry *dentry);	1085	int (inode_unlink) (struct inode dir, struct dentry *dentry);
1113	int (inode_symlink) (struct inode dir,	1086	int (inode_symlink) (struct inode dir,
1114	struct dentry dentry, const char old_name);	1087	struct dentry dentry, const char old_name);
1115	void (inode_post_symlink) (struct inode dir,
1116	struct dentry *dentry,
1117	const char *old_name);
1118	int (inode_mkdir) (struct inode dir, struct dentry *dentry, int mode);	1088	int (inode_mkdir) (struct inode dir, struct dentry *dentry, int mode);
1119	void (inode_post_mkdir) (struct inode dir, struct dentry *dentry,
1120	int mode);
1121	int (inode_rmdir) (struct inode dir, struct dentry *dentry);	1089	int (inode_rmdir) (struct inode dir, struct dentry *dentry);
1122	int (inode_mknod) (struct inode dir, struct dentry *dentry,	1090	int (inode_mknod) (struct inode dir, struct dentry *dentry,
1123	int mode, dev_t dev);	1091	int mode, dev_t dev);
1124	void (inode_post_mknod) (struct inode dir, struct dentry *dentry,
1125	int mode, dev_t dev);
1126	int (inode_rename) (struct inode old_dir, struct dentry *old_dentry,	1092	int (inode_rename) (struct inode old_dir, struct dentry *old_dentry,
1127	struct inode new_dir, struct dentry new_dentry);	1093	struct inode new_dir, struct dentry new_dentry);
1128	void (inode_post_rename) (struct inode old_dir,	1094	void (inode_post_rename) (struct inode old_dir,
@@ -1484,15 +1450,6 @@ static inline int security_inode_create (struct inode *dir,
1484	return security_ops->inode_create (dir, dentry, mode);	1450	return security_ops->inode_create (dir, dentry, mode);
1485	}	1451	}
1486		1452
1487	static inline void security_inode_post_create (struct inode *dir,
1488	struct dentry *dentry,
1489	int mode)
1490	{
1491	if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
1492	return;
1493	security_ops->inode_post_create (dir, dentry, mode);
1494	}
1495
1496	static inline int security_inode_link (struct dentry *old_dentry,	1453	static inline int security_inode_link (struct dentry *old_dentry,
1497	struct inode *dir,	1454	struct inode *dir,
1498	struct dentry *new_dentry)	1455	struct dentry *new_dentry)
@@ -1528,15 +1485,6 @@ static inline int security_inode_symlink (struct inode *dir,
1528	return security_ops->inode_symlink (dir, dentry, old_name);	1485	return security_ops->inode_symlink (dir, dentry, old_name);
1529	}	1486	}
1530		1487
1531	static inline void security_inode_post_symlink (struct inode *dir,
1532	struct dentry *dentry,
1533	const char *old_name)
1534	{
1535	if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
1536	return;
1537	security_ops->inode_post_symlink (dir, dentry, old_name);
1538	}
1539
1540	static inline int security_inode_mkdir (struct inode *dir,	1488	static inline int security_inode_mkdir (struct inode *dir,
1541	struct dentry *dentry,	1489	struct dentry *dentry,
1542	int mode)	1490	int mode)
@@ -1546,15 +1494,6 @@ static inline int security_inode_mkdir (struct inode *dir,
1546	return security_ops->inode_mkdir (dir, dentry, mode);	1494	return security_ops->inode_mkdir (dir, dentry, mode);
1547	}	1495	}
1548		1496
1549	static inline void security_inode_post_mkdir (struct inode *dir,
1550	struct dentry *dentry,
1551	int mode)
1552	{
1553	if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
1554	return;
1555	security_ops->inode_post_mkdir (dir, dentry, mode);
1556	}
1557
1558	static inline int security_inode_rmdir (struct inode *dir,	1497	static inline int security_inode_rmdir (struct inode *dir,
1559	struct dentry *dentry)	1498	struct dentry *dentry)
1560	{	1499	{
@@ -1572,15 +1511,6 @@ static inline int security_inode_mknod (struct inode *dir,
1572	return security_ops->inode_mknod (dir, dentry, mode, dev);	1511	return security_ops->inode_mknod (dir, dentry, mode, dev);
1573	}	1512	}
1574		1513
1575	static inline void security_inode_post_mknod (struct inode *dir,
1576	struct dentry *dentry,
1577	int mode, dev_t dev)
1578	{
1579	if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode)))
1580	return;
1581	security_ops->inode_post_mknod (dir, dentry, mode, dev);
1582	}
1583
1584	static inline int security_inode_rename (struct inode *old_dir,	1514	static inline int security_inode_rename (struct inode *old_dir,
1585	struct dentry *old_dentry,	1515	struct dentry *old_dentry,
1586	struct inode *new_dir,	1516	struct inode *new_dir,
@@ -2220,11 +2150,6 @@ static inline int security_inode_create (struct inode *dir,
2220	return 0;	2150	return 0;
2221	}	2151	}
2222		2152
2223	static inline void security_inode_post_create (struct inode *dir,
2224	struct dentry *dentry,
2225	int mode)
2226	{ }
2227
2228	static inline int security_inode_link (struct dentry *old_dentry,	2153	static inline int security_inode_link (struct dentry *old_dentry,
2229	struct inode *dir,	2154	struct inode *dir,
2230	struct dentry *new_dentry)	2155	struct dentry *new_dentry)
@@ -2250,11 +2175,6 @@ static inline int security_inode_symlink (struct inode *dir,
2250	return 0;	2175	return 0;
2251	}	2176	}
2252		2177
2253	static inline void security_inode_post_symlink (struct inode *dir,
2254	struct dentry *dentry,
2255	const char *old_name)
2256	{ }
2257
2258	static inline int security_inode_mkdir (struct inode *dir,	2178	static inline int security_inode_mkdir (struct inode *dir,
2259	struct dentry *dentry,	2179	struct dentry *dentry,
2260	int mode)	2180	int mode)
@@ -2262,11 +2182,6 @@ static inline int security_inode_mkdir (struct inode *dir,
2262	return 0;	2182	return 0;
2263	}	2183	}
2264		2184
2265	static inline void security_inode_post_mkdir (struct inode *dir,
2266	struct dentry *dentry,
2267	int mode)
2268	{ }
2269
2270	static inline int security_inode_rmdir (struct inode *dir,	2185	static inline int security_inode_rmdir (struct inode *dir,
2271	struct dentry *dentry)	2186	struct dentry *dentry)
2272	{	2187	{
@@ -2280,11 +2195,6 @@ static inline int security_inode_mknod (struct inode *dir,
2280	return 0;	2195	return 0;
2281	}	2196	}
2282		2197
2283	static inline void security_inode_post_mknod (struct inode *dir,
2284	struct dentry *dentry,
2285	int mode, dev_t dev)
2286	{ }
2287
2288	static inline int security_inode_rename (struct inode *old_dir,	2198	static inline int security_inode_rename (struct inode *old_dir,
2289	struct dentry *old_dentry,	2199	struct dentry *old_dentry,
2290	struct inode *new_dir,	2200	struct inode *new_dir,