selinux: remove dead code in type_attribute_bounds_av()

This patch removes dead code in type_attribute_bounds_av().

Due to the historical reason, the type boundary feature is delivered
from hierarchical types in libsepol, it has supported boundary features
both of subject type (domain; in most cases) and target type.

However, we don't have any actual use cases in bounded target types,
and it tended to make conceptual confusion.
So, this patch removes the dead code to apply boundary checks on the
target types. I makes clear the TYPEBOUNDS restricts privileges of
a certain domain bounded to any other domain.

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>

--
 security/selinux/ss/services.c |   43 +++------------------------------------
 1 files changed, 4 insertions(+), 39 deletions(-)
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 4 insertions, 39 deletions

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 3b42b154d87c..4a2bf212057b 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -516,16 +516,14 @@ static void type_attribute_bounds_av(struct context *scontext,
                                      u16 tclass,
                                      struct av_decision *avd)
 {
-        struct context lo_scontext;
-        struct context lo_tcontext;
-        struct av_decision lo_avd;
         struct type_datum *source
                 = policydb.type_val_to_struct[scontext->type - 1];
-        struct type_datum *target
-                = policydb.type_val_to_struct[tcontext->type - 1];
-        u32 masked = 0;
 
         if (source->bounds) {
+                struct context lo_scontext;
+                struct av_decision lo_avd;
+                u32 masked;
+
                 memset(&lo_avd, 0, sizeof(lo_avd));
 
                 memcpy(&lo_scontext, scontext, sizeof(lo_scontext));
@@ -538,40 +536,7 @@ static void type_attribute_bounds_av(struct context *scontext,
                 if ((lo_avd.allowed & avd->allowed) == avd->allowed)
                         return;         /* no masked permission */
                 masked = ~lo_avd.allowed & avd->allowed;
-        }
-
-        if (target->bounds) {
-                memset(&lo_avd, 0, sizeof(lo_avd));
-
-                memcpy(&lo_tcontext, tcontext, sizeof(lo_tcontext));
-                lo_tcontext.type = target->bounds;
-
-                context_struct_compute_av(scontext,
-                                          &lo_tcontext,
-                                          tclass,
-                                          &lo_avd);
-                if ((lo_avd.allowed & avd->allowed) == avd->allowed)
-                        return;         /* no masked permission */
-                masked = ~lo_avd.allowed & avd->allowed;
-        }
-
-        if (source->bounds && target->bounds) {
-                memset(&lo_avd, 0, sizeof(lo_avd));
-                /*
-                 * lo_scontext and lo_tcontext are already
-                 * set up.
-                 */
-
-                context_struct_compute_av(&lo_scontext,
-                                          &lo_tcontext,
-                                          tclass,
-                                          &lo_avd);
-                if ((lo_avd.allowed & avd->allowed) == avd->allowed)
-                        return;         /* no masked permission */
-                masked = ~lo_avd.allowed & avd->allowed;
-        }
 
-        if (masked) {
                 /* mask violated permissions */
                 avd->allowed &= ~masked;