diff options
| author | Paul Moore <paul.moore@hp.com> | 2008-02-04 18:31:00 -0500 |
|---|---|---|
| committer | James Morris <jmorris@localhost.localdomain> | 2008-02-06 08:40:59 -0500 |
| commit | 394c6753978a75cab7558a377f2551a3c1101027 (patch) | |
| tree | c2712cb2d52ecae5db1d9ae417241154fe7a0808 /security | |
| parent | a5ecbcb8c13ea8a822d243bf782d0dc9525b4f84 (diff) | |
SELinux: Remove security_get_policycaps()
The security_get_policycaps() functions has a couple of bugs in it and it
isn't currently used by any in-tree code, so get rid of it and all of it's
bugginess.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@localhost.localdomain>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/include/security.h | 1 | ||||
| -rw-r--r-- | security/selinux/ss/services.c | 33 |
2 files changed, 0 insertions, 34 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 23137c17f917..837ce420d2f6 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
| @@ -107,7 +107,6 @@ int security_get_classes(char ***classes, int *nclasses); | |||
| 107 | int security_get_permissions(char *class, char ***perms, int *nperms); | 107 | int security_get_permissions(char *class, char ***perms, int *nperms); |
| 108 | int security_get_reject_unknown(void); | 108 | int security_get_reject_unknown(void); |
| 109 | int security_get_allow_unknown(void); | 109 | int security_get_allow_unknown(void); |
| 110 | int security_get_policycaps(int *len, int **values); | ||
| 111 | 110 | ||
| 112 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ | 111 | #define SECURITY_FS_USE_XATTR 1 /* use xattr */ |
| 113 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ | 112 | #define SECURITY_FS_USE_TRANS 2 /* use transition SIDs, e.g. devpts/tmpfs */ |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index fced6bccee76..f37418601215 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
| @@ -2246,39 +2246,6 @@ int security_get_allow_unknown(void) | |||
| 2246 | } | 2246 | } |
| 2247 | 2247 | ||
| 2248 | /** | 2248 | /** |
| 2249 | * security_get_policycaps - Query the loaded policy for its capabilities | ||
| 2250 | * @len: the number of capability bits | ||
| 2251 | * @values: the capability bit array | ||
| 2252 | * | ||
| 2253 | * Description: | ||
| 2254 | * Get an array of the policy capabilities in @values where each entry in | ||
| 2255 | * @values is either true (1) or false (0) depending the policy's support of | ||
| 2256 | * that feature. The policy capabilities are defined by the | ||
| 2257 | * POLICYDB_CAPABILITY_* enums. The size of the array is stored in @len and it | ||
| 2258 | * is up to the caller to free the array in @values. Returns zero on success, | ||
| 2259 | * negative values on failure. | ||
| 2260 | * | ||
| 2261 | */ | ||
| 2262 | int security_get_policycaps(int *len, int **values) | ||
| 2263 | { | ||
| 2264 | int rc = -ENOMEM; | ||
| 2265 | unsigned int iter; | ||
| 2266 | |||
| 2267 | POLICY_RDLOCK; | ||
| 2268 | |||
| 2269 | *values = kcalloc(POLICYDB_CAPABILITY_MAX, sizeof(int), GFP_ATOMIC); | ||
| 2270 | if (*values == NULL) | ||
| 2271 | goto out; | ||
| 2272 | for (iter = 0; iter < POLICYDB_CAPABILITY_MAX; iter++) | ||
| 2273 | (*values)[iter] = ebitmap_get_bit(&policydb.policycaps, iter); | ||
| 2274 | *len = POLICYDB_CAPABILITY_MAX; | ||
| 2275 | |||
| 2276 | out: | ||
| 2277 | POLICY_RDUNLOCK; | ||
| 2278 | return rc; | ||
| 2279 | } | ||
| 2280 | |||
| 2281 | /** | ||
| 2282 | * security_policycap_supported - Check for a specific policy capability | 2249 | * security_policycap_supported - Check for a specific policy capability |
| 2283 | * @req_cap: capability | 2250 | * @req_cap: capability |
| 2284 | * | 2251 | * |