diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2006-02-01 06:05:56 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-02-01 11:53:19 -0500 |
| commit | 9ac49d22138348198f729f07371ffb11991368e6 (patch) | |
| tree | 4fb692731e6e72d0dc50add294128f6e5083d205 /security/selinux/hooks.c | |
| parent | 26d2a4be6a56eec575dac651f6606756a971f0fb (diff) | |
[PATCH] selinux: remove security struct magic number fields and tests
Remove the SELinux security structure magic number fields and tests, along
with some unnecessary tests for NULL security pointers. These fields and
tests are leftovers from the early attempts to support SELinux as a
loadable module during LSM development.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 49 |
1 files changed, 5 insertions, 44 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5e61635610bb..4ae834d89bce 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -127,7 +127,6 @@ static int task_alloc_security(struct task_struct *task) | |||
| 127 | if (!tsec) | 127 | if (!tsec) |
| 128 | return -ENOMEM; | 128 | return -ENOMEM; |
| 129 | 129 | ||
| 130 | tsec->magic = SELINUX_MAGIC; | ||
| 131 | tsec->task = task; | 130 | tsec->task = task; |
| 132 | tsec->osid = tsec->sid = tsec->ptrace_sid = SECINITSID_UNLABELED; | 131 | tsec->osid = tsec->sid = tsec->ptrace_sid = SECINITSID_UNLABELED; |
| 133 | task->security = tsec; | 132 | task->security = tsec; |
| @@ -138,10 +137,6 @@ static int task_alloc_security(struct task_struct *task) | |||
| 138 | static void task_free_security(struct task_struct *task) | 137 | static void task_free_security(struct task_struct *task) |
| 139 | { | 138 | { |
| 140 | struct task_security_struct *tsec = task->security; | 139 | struct task_security_struct *tsec = task->security; |
| 141 | |||
| 142 | if (!tsec || tsec->magic != SELINUX_MAGIC) | ||
| 143 | return; | ||
| 144 | |||
| 145 | task->security = NULL; | 140 | task->security = NULL; |
| 146 | kfree(tsec); | 141 | kfree(tsec); |
| 147 | } | 142 | } |
| @@ -157,14 +152,10 @@ static int inode_alloc_security(struct inode *inode) | |||
| 157 | 152 | ||
| 158 | init_MUTEX(&isec->sem); | 153 | init_MUTEX(&isec->sem); |
| 159 | INIT_LIST_HEAD(&isec->list); | 154 | INIT_LIST_HEAD(&isec->list); |
| 160 | isec->magic = SELINUX_MAGIC; | ||
| 161 | isec->inode = inode; | 155 | isec->inode = inode; |
| 162 | isec->sid = SECINITSID_UNLABELED; | 156 | isec->sid = SECINITSID_UNLABELED; |
| 163 | isec->sclass = SECCLASS_FILE; | 157 | isec->sclass = SECCLASS_FILE; |
| 164 | if (tsec && tsec->magic == SELINUX_MAGIC) | 158 | isec->task_sid = tsec->sid; |
| 165 | isec->task_sid = tsec->sid; | ||
| 166 | else | ||
| 167 | isec->task_sid = SECINITSID_UNLABELED; | ||
| 168 | inode->i_security = isec; | 159 | inode->i_security = isec; |
| 169 | 160 | ||
| 170 | return 0; | 161 | return 0; |
| @@ -175,9 +166,6 @@ static void inode_free_security(struct inode *inode) | |||
| 175 | struct inode_security_struct *isec = inode->i_security; | 166 | struct inode_security_struct *isec = inode->i_security; |
| 176 | struct superblock_security_struct *sbsec = inode->i_sb->s_security; | 167 | struct superblock_security_struct *sbsec = inode->i_sb->s_security; |
| 177 | 168 | ||
| 178 | if (!isec || isec->magic != SELINUX_MAGIC) | ||
| 179 | return; | ||
| 180 | |||
| 181 | spin_lock(&sbsec->isec_lock); | 169 | spin_lock(&sbsec->isec_lock); |
| 182 | if (!list_empty(&isec->list)) | 170 | if (!list_empty(&isec->list)) |
| 183 | list_del_init(&isec->list); | 171 | list_del_init(&isec->list); |
| @@ -196,15 +184,9 @@ static int file_alloc_security(struct file *file) | |||
| 196 | if (!fsec) | 184 | if (!fsec) |
| 197 | return -ENOMEM; | 185 | return -ENOMEM; |
| 198 | 186 | ||
| 199 | fsec->magic = SELINUX_MAGIC; | ||
| 200 | fsec->file = file; | 187 | fsec->file = file; |
| 201 | if (tsec && tsec->magic == SELINUX_MAGIC) { | 188 | fsec->sid = tsec->sid; |
| 202 | fsec->sid = tsec->sid; | 189 | fsec->fown_sid = tsec->sid; |
| 203 | fsec->fown_sid = tsec->sid; | ||
| 204 | } else { | ||
| 205 | fsec->sid = SECINITSID_UNLABELED; | ||
| 206 | fsec->fown_sid = SECINITSID_UNLABELED; | ||
| 207 | } | ||
| 208 | file->f_security = fsec; | 190 | file->f_security = fsec; |
| 209 | 191 | ||
| 210 | return 0; | 192 | return 0; |
| @@ -213,10 +195,6 @@ static int file_alloc_security(struct file *file) | |||
| 213 | static void file_free_security(struct file *file) | 195 | static void file_free_security(struct file *file) |
| 214 | { | 196 | { |
| 215 | struct file_security_struct *fsec = file->f_security; | 197 | struct file_security_struct *fsec = file->f_security; |
| 216 | |||
| 217 | if (!fsec || fsec->magic != SELINUX_MAGIC) | ||
| 218 | return; | ||
| 219 | |||
| 220 | file->f_security = NULL; | 198 | file->f_security = NULL; |
| 221 | kfree(fsec); | 199 | kfree(fsec); |
| 222 | } | 200 | } |
| @@ -233,7 +211,6 @@ static int superblock_alloc_security(struct super_block *sb) | |||
| 233 | INIT_LIST_HEAD(&sbsec->list); | 211 | INIT_LIST_HEAD(&sbsec->list); |
| 234 | INIT_LIST_HEAD(&sbsec->isec_head); | 212 | INIT_LIST_HEAD(&sbsec->isec_head); |
| 235 | spin_lock_init(&sbsec->isec_lock); | 213 | spin_lock_init(&sbsec->isec_lock); |
| 236 | sbsec->magic = SELINUX_MAGIC; | ||
| 237 | sbsec->sb = sb; | 214 | sbsec->sb = sb; |
| 238 | sbsec->sid = SECINITSID_UNLABELED; | 215 | sbsec->sid = SECINITSID_UNLABELED; |
| 239 | sbsec->def_sid = SECINITSID_FILE; | 216 | sbsec->def_sid = SECINITSID_FILE; |
| @@ -246,9 +223,6 @@ static void superblock_free_security(struct super_block *sb) | |||
| 246 | { | 223 | { |
| 247 | struct superblock_security_struct *sbsec = sb->s_security; | 224 | struct superblock_security_struct *sbsec = sb->s_security; |
| 248 | 225 | ||
| 249 | if (!sbsec || sbsec->magic != SELINUX_MAGIC) | ||
| 250 | return; | ||
| 251 | |||
| 252 | spin_lock(&sb_security_lock); | 226 | spin_lock(&sb_security_lock); |
| 253 | if (!list_empty(&sbsec->list)) | 227 | if (!list_empty(&sbsec->list)) |
| 254 | list_del_init(&sbsec->list); | 228 | list_del_init(&sbsec->list); |
| @@ -270,7 +244,6 @@ static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) | |||
| 270 | if (!ssec) | 244 | if (!ssec) |
| 271 | return -ENOMEM; | 245 | return -ENOMEM; |
| 272 | 246 | ||
| 273 | ssec->magic = SELINUX_MAGIC; | ||
| 274 | ssec->sk = sk; | 247 | ssec->sk = sk; |
| 275 | ssec->peer_sid = SECINITSID_UNLABELED; | 248 | ssec->peer_sid = SECINITSID_UNLABELED; |
| 276 | sk->sk_security = ssec; | 249 | sk->sk_security = ssec; |
| @@ -282,7 +255,7 @@ static void sk_free_security(struct sock *sk) | |||
| 282 | { | 255 | { |
| 283 | struct sk_security_struct *ssec = sk->sk_security; | 256 | struct sk_security_struct *ssec = sk->sk_security; |
| 284 | 257 | ||
| 285 | if (sk->sk_family != PF_UNIX || ssec->magic != SELINUX_MAGIC) | 258 | if (sk->sk_family != PF_UNIX) |
| 286 | return; | 259 | return; |
| 287 | 260 | ||
| 288 | sk->sk_security = NULL; | 261 | sk->sk_security = NULL; |
| @@ -1483,7 +1456,6 @@ static int selinux_bprm_alloc_security(struct linux_binprm *bprm) | |||
| 1483 | if (!bsec) | 1456 | if (!bsec) |
| 1484 | return -ENOMEM; | 1457 | return -ENOMEM; |
| 1485 | 1458 | ||
| 1486 | bsec->magic = SELINUX_MAGIC; | ||
| 1487 | bsec->bprm = bprm; | 1459 | bsec->bprm = bprm; |
| 1488 | bsec->sid = SECINITSID_UNLABELED; | 1460 | bsec->sid = SECINITSID_UNLABELED; |
| 1489 | bsec->set = 0; | 1461 | bsec->set = 0; |
| @@ -3634,14 +3606,9 @@ static int ipc_alloc_security(struct task_struct *task, | |||
| 3634 | if (!isec) | 3606 | if (!isec) |
| 3635 | return -ENOMEM; | 3607 | return -ENOMEM; |
| 3636 | 3608 | ||
| 3637 | isec->magic = SELINUX_MAGIC; | ||
| 3638 | isec->sclass = sclass; | 3609 | isec->sclass = sclass; |
| 3639 | isec->ipc_perm = perm; | 3610 | isec->ipc_perm = perm; |
| 3640 | if (tsec) { | 3611 | isec->sid = tsec->sid; |
| 3641 | isec->sid = tsec->sid; | ||
| 3642 | } else { | ||
| 3643 | isec->sid = SECINITSID_UNLABELED; | ||
| 3644 | } | ||
| 3645 | perm->security = isec; | 3612 | perm->security = isec; |
| 3646 | 3613 | ||
| 3647 | return 0; | 3614 | return 0; |
| @@ -3650,9 +3617,6 @@ static int ipc_alloc_security(struct task_struct *task, | |||
| 3650 | static void ipc_free_security(struct kern_ipc_perm *perm) | 3617 | static void ipc_free_security(struct kern_ipc_perm *perm) |
| 3651 | { | 3618 | { |
| 3652 | struct ipc_security_struct *isec = perm->security; | 3619 | struct ipc_security_struct *isec = perm->security; |
| 3653 | if (!isec || isec->magic != SELINUX_MAGIC) | ||
| 3654 | return; | ||
| 3655 | |||
| 3656 | perm->security = NULL; | 3620 | perm->security = NULL; |
| 3657 | kfree(isec); | 3621 | kfree(isec); |
| 3658 | } | 3622 | } |
| @@ -3665,7 +3629,6 @@ static int msg_msg_alloc_security(struct msg_msg *msg) | |||
| 3665 | if (!msec) | 3629 | if (!msec) |
| 3666 | return -ENOMEM; | 3630 | return -ENOMEM; |
| 3667 | 3631 | ||
| 3668 | msec->magic = SELINUX_MAGIC; | ||
| 3669 | msec->msg = msg; | 3632 | msec->msg = msg; |
| 3670 | msec->sid = SECINITSID_UNLABELED; | 3633 | msec->sid = SECINITSID_UNLABELED; |
| 3671 | msg->security = msec; | 3634 | msg->security = msec; |
| @@ -3676,8 +3639,6 @@ static int msg_msg_alloc_security(struct msg_msg *msg) | |||
| 3676 | static void msg_msg_free_security(struct msg_msg *msg) | 3639 | static void msg_msg_free_security(struct msg_msg *msg) |
| 3677 | { | 3640 | { |
| 3678 | struct msg_security_struct *msec = msg->security; | 3641 | struct msg_security_struct *msec = msg->security; |
| 3679 | if (!msec || msec->magic != SELINUX_MAGIC) | ||
| 3680 | return; | ||
| 3681 | 3642 | ||
| 3682 | msg->security = NULL; | 3643 | msg->security = NULL; |
| 3683 | kfree(msec); | 3644 | kfree(msec); |