aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/namespace.c5
-rw-r--r--include/linux/security.h14
-rw-r--r--security/capability.c6
-rw-r--r--security/security.c5
4 files changed, 0 insertions, 30 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 8174c8ab5c70..c1d0d877bab7 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1435,11 +1435,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path)
1435 if (IS_DEADDIR(path->dentry->d_inode)) 1435 if (IS_DEADDIR(path->dentry->d_inode))
1436 goto out_unlock; 1436 goto out_unlock;
1437 1437
1438 err = security_sb_check_sb(mnt, path);
1439 if (err)
1440 goto out_unlock;
1441
1442 err = -ENOENT;
1443 if (!d_unlinked(path->dentry)) 1438 if (!d_unlinked(path->dentry))
1444 err = attach_recursive_mnt(mnt, path, NULL); 1439 err = attach_recursive_mnt(mnt, path, NULL);
1445out_unlock: 1440out_unlock:
diff --git a/include/linux/security.h b/include/linux/security.h
index 233d20b52c1b..9ebd2e411d2d 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -267,12 +267,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
267 * @orig the original mount data copied from userspace. 267 * @orig the original mount data copied from userspace.
268 * @copy copied data which will be passed to the security module. 268 * @copy copied data which will be passed to the security module.
269 * Returns 0 if the copy was successful. 269 * Returns 0 if the copy was successful.
270 * @sb_check_sb:
271 * Check permission before the device with superblock @mnt->sb is mounted
272 * on the mount point named by @nd.
273 * @mnt contains the vfsmount for device being mounted.
274 * @path contains the path for the mount point.
275 * Return 0 if permission is granted.
276 * @sb_umount: 270 * @sb_umount:
277 * Check permission before the @mnt file system is unmounted. 271 * Check permission before the @mnt file system is unmounted.
278 * @mnt contains the mounted file system. 272 * @mnt contains the mounted file system.
@@ -1484,7 +1478,6 @@ struct security_operations {
1484 int (*sb_statfs) (struct dentry *dentry); 1478 int (*sb_statfs) (struct dentry *dentry);
1485 int (*sb_mount) (char *dev_name, struct path *path, 1479 int (*sb_mount) (char *dev_name, struct path *path,
1486 char *type, unsigned long flags, void *data); 1480 char *type, unsigned long flags, void *data);
1487 int (*sb_check_sb) (struct vfsmount *mnt, struct path *path);
1488 int (*sb_umount) (struct vfsmount *mnt, int flags); 1481 int (*sb_umount) (struct vfsmount *mnt, int flags);
1489 void (*sb_umount_close) (struct vfsmount *mnt); 1482 void (*sb_umount_close) (struct vfsmount *mnt);
1490 void (*sb_umount_busy) (struct vfsmount *mnt); 1483 void (*sb_umount_busy) (struct vfsmount *mnt);
@@ -1783,7 +1776,6 @@ int security_sb_show_options(struct seq_file *m, struct super_block *sb);
1783int security_sb_statfs(struct dentry *dentry); 1776int security_sb_statfs(struct dentry *dentry);
1784int security_sb_mount(char *dev_name, struct path *path, 1777int security_sb_mount(char *dev_name, struct path *path,
1785 char *type, unsigned long flags, void *data); 1778 char *type, unsigned long flags, void *data);
1786int security_sb_check_sb(struct vfsmount *mnt, struct path *path);
1787int security_sb_umount(struct vfsmount *mnt, int flags); 1779int security_sb_umount(struct vfsmount *mnt, int flags);
1788void security_sb_umount_close(struct vfsmount *mnt); 1780void security_sb_umount_close(struct vfsmount *mnt);
1789void security_sb_umount_busy(struct vfsmount *mnt); 1781void security_sb_umount_busy(struct vfsmount *mnt);
@@ -2099,12 +2091,6 @@ static inline int security_sb_mount(char *dev_name, struct path *path,
2099 return 0; 2091 return 0;
2100} 2092}
2101 2093
2102static inline int security_sb_check_sb(struct vfsmount *mnt,
2103 struct path *path)
2104{
2105 return 0;
2106}
2107
2108static inline int security_sb_umount(struct vfsmount *mnt, int flags) 2094static inline int security_sb_umount(struct vfsmount *mnt, int flags)
2109{ 2095{
2110 return 0; 2096 return 0;
diff --git a/security/capability.c b/security/capability.c
index 4875142b858d..a7e905d8f1d3 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -80,11 +80,6 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type,
80 return 0; 80 return 0;
81} 81}
82 82
83static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path)
84{
85 return 0;
86}
87
88static int cap_sb_umount(struct vfsmount *mnt, int flags) 83static int cap_sb_umount(struct vfsmount *mnt, int flags)
89{ 84{
90 return 0; 85 return 0;
@@ -941,7 +936,6 @@ void security_fixup_ops(struct security_operations *ops)
941 set_to_cap_if_null(ops, sb_show_options); 936 set_to_cap_if_null(ops, sb_show_options);
942 set_to_cap_if_null(ops, sb_statfs); 937 set_to_cap_if_null(ops, sb_statfs);
943 set_to_cap_if_null(ops, sb_mount); 938 set_to_cap_if_null(ops, sb_mount);
944 set_to_cap_if_null(ops, sb_check_sb);
945 set_to_cap_if_null(ops, sb_umount); 939 set_to_cap_if_null(ops, sb_umount);
946 set_to_cap_if_null(ops, sb_umount_close); 940 set_to_cap_if_null(ops, sb_umount_close);
947 set_to_cap_if_null(ops, sb_umount_busy); 941 set_to_cap_if_null(ops, sb_umount_busy);
diff --git a/security/security.c b/security/security.c
index b98334b0a576..a0bee70ed4b6 100644
--- a/security/security.c
+++ b/security/security.c
@@ -306,11 +306,6 @@ int security_sb_mount(char *dev_name, struct path *path,
306 return security_ops->sb_mount(dev_name, path, type, flags, data); 306 return security_ops->sb_mount(dev_name, path, type, flags, data);
307} 307}
308 308
309int security_sb_check_sb(struct vfsmount *mnt, struct path *path)
310{
311 return security_ops->sb_check_sb(mnt, path);
312}
313
314int security_sb_umount(struct vfsmount *mnt, int flags) 309int security_sb_umount(struct vfsmount *mnt, int flags)
315{ 310{
316 return security_ops->sb_umount(mnt, flags); 311 return security_ops->sb_umount(mnt, flags);