diff options
-rw-r--r-- | fs/namespace.c | 5 | ||||
-rw-r--r-- | include/linux/security.h | 14 | ||||
-rw-r--r-- | security/capability.c | 6 | ||||
-rw-r--r-- | security/security.c | 5 |
4 files changed, 0 insertions, 30 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index 8174c8ab5c70..c1d0d877bab7 100644 --- a/fs/namespace.c +++ b/fs/namespace.c | |||
@@ -1435,11 +1435,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path) | |||
1435 | if (IS_DEADDIR(path->dentry->d_inode)) | 1435 | if (IS_DEADDIR(path->dentry->d_inode)) |
1436 | goto out_unlock; | 1436 | goto out_unlock; |
1437 | 1437 | ||
1438 | err = security_sb_check_sb(mnt, path); | ||
1439 | if (err) | ||
1440 | goto out_unlock; | ||
1441 | |||
1442 | err = -ENOENT; | ||
1443 | if (!d_unlinked(path->dentry)) | 1438 | if (!d_unlinked(path->dentry)) |
1444 | err = attach_recursive_mnt(mnt, path, NULL); | 1439 | err = attach_recursive_mnt(mnt, path, NULL); |
1445 | out_unlock: | 1440 | out_unlock: |
diff --git a/include/linux/security.h b/include/linux/security.h index 233d20b52c1b..9ebd2e411d2d 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -267,12 +267,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
267 | * @orig the original mount data copied from userspace. | 267 | * @orig the original mount data copied from userspace. |
268 | * @copy copied data which will be passed to the security module. | 268 | * @copy copied data which will be passed to the security module. |
269 | * Returns 0 if the copy was successful. | 269 | * Returns 0 if the copy was successful. |
270 | * @sb_check_sb: | ||
271 | * Check permission before the device with superblock @mnt->sb is mounted | ||
272 | * on the mount point named by @nd. | ||
273 | * @mnt contains the vfsmount for device being mounted. | ||
274 | * @path contains the path for the mount point. | ||
275 | * Return 0 if permission is granted. | ||
276 | * @sb_umount: | 270 | * @sb_umount: |
277 | * Check permission before the @mnt file system is unmounted. | 271 | * Check permission before the @mnt file system is unmounted. |
278 | * @mnt contains the mounted file system. | 272 | * @mnt contains the mounted file system. |
@@ -1484,7 +1478,6 @@ struct security_operations { | |||
1484 | int (*sb_statfs) (struct dentry *dentry); | 1478 | int (*sb_statfs) (struct dentry *dentry); |
1485 | int (*sb_mount) (char *dev_name, struct path *path, | 1479 | int (*sb_mount) (char *dev_name, struct path *path, |
1486 | char *type, unsigned long flags, void *data); | 1480 | char *type, unsigned long flags, void *data); |
1487 | int (*sb_check_sb) (struct vfsmount *mnt, struct path *path); | ||
1488 | int (*sb_umount) (struct vfsmount *mnt, int flags); | 1481 | int (*sb_umount) (struct vfsmount *mnt, int flags); |
1489 | void (*sb_umount_close) (struct vfsmount *mnt); | 1482 | void (*sb_umount_close) (struct vfsmount *mnt); |
1490 | void (*sb_umount_busy) (struct vfsmount *mnt); | 1483 | void (*sb_umount_busy) (struct vfsmount *mnt); |
@@ -1783,7 +1776,6 @@ int security_sb_show_options(struct seq_file *m, struct super_block *sb); | |||
1783 | int security_sb_statfs(struct dentry *dentry); | 1776 | int security_sb_statfs(struct dentry *dentry); |
1784 | int security_sb_mount(char *dev_name, struct path *path, | 1777 | int security_sb_mount(char *dev_name, struct path *path, |
1785 | char *type, unsigned long flags, void *data); | 1778 | char *type, unsigned long flags, void *data); |
1786 | int security_sb_check_sb(struct vfsmount *mnt, struct path *path); | ||
1787 | int security_sb_umount(struct vfsmount *mnt, int flags); | 1779 | int security_sb_umount(struct vfsmount *mnt, int flags); |
1788 | void security_sb_umount_close(struct vfsmount *mnt); | 1780 | void security_sb_umount_close(struct vfsmount *mnt); |
1789 | void security_sb_umount_busy(struct vfsmount *mnt); | 1781 | void security_sb_umount_busy(struct vfsmount *mnt); |
@@ -2099,12 +2091,6 @@ static inline int security_sb_mount(char *dev_name, struct path *path, | |||
2099 | return 0; | 2091 | return 0; |
2100 | } | 2092 | } |
2101 | 2093 | ||
2102 | static inline int security_sb_check_sb(struct vfsmount *mnt, | ||
2103 | struct path *path) | ||
2104 | { | ||
2105 | return 0; | ||
2106 | } | ||
2107 | |||
2108 | static inline int security_sb_umount(struct vfsmount *mnt, int flags) | 2094 | static inline int security_sb_umount(struct vfsmount *mnt, int flags) |
2109 | { | 2095 | { |
2110 | return 0; | 2096 | return 0; |
diff --git a/security/capability.c b/security/capability.c index 4875142b858d..a7e905d8f1d3 100644 --- a/security/capability.c +++ b/security/capability.c | |||
@@ -80,11 +80,6 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type, | |||
80 | return 0; | 80 | return 0; |
81 | } | 81 | } |
82 | 82 | ||
83 | static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path) | ||
84 | { | ||
85 | return 0; | ||
86 | } | ||
87 | |||
88 | static int cap_sb_umount(struct vfsmount *mnt, int flags) | 83 | static int cap_sb_umount(struct vfsmount *mnt, int flags) |
89 | { | 84 | { |
90 | return 0; | 85 | return 0; |
@@ -941,7 +936,6 @@ void security_fixup_ops(struct security_operations *ops) | |||
941 | set_to_cap_if_null(ops, sb_show_options); | 936 | set_to_cap_if_null(ops, sb_show_options); |
942 | set_to_cap_if_null(ops, sb_statfs); | 937 | set_to_cap_if_null(ops, sb_statfs); |
943 | set_to_cap_if_null(ops, sb_mount); | 938 | set_to_cap_if_null(ops, sb_mount); |
944 | set_to_cap_if_null(ops, sb_check_sb); | ||
945 | set_to_cap_if_null(ops, sb_umount); | 939 | set_to_cap_if_null(ops, sb_umount); |
946 | set_to_cap_if_null(ops, sb_umount_close); | 940 | set_to_cap_if_null(ops, sb_umount_close); |
947 | set_to_cap_if_null(ops, sb_umount_busy); | 941 | set_to_cap_if_null(ops, sb_umount_busy); |
diff --git a/security/security.c b/security/security.c index b98334b0a576..a0bee70ed4b6 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -306,11 +306,6 @@ int security_sb_mount(char *dev_name, struct path *path, | |||
306 | return security_ops->sb_mount(dev_name, path, type, flags, data); | 306 | return security_ops->sb_mount(dev_name, path, type, flags, data); |
307 | } | 307 | } |
308 | 308 | ||
309 | int security_sb_check_sb(struct vfsmount *mnt, struct path *path) | ||
310 | { | ||
311 | return security_ops->sb_check_sb(mnt, path); | ||
312 | } | ||
313 | |||
314 | int security_sb_umount(struct vfsmount *mnt, int flags) | 309 | int security_sb_umount(struct vfsmount *mnt, int flags) |
315 | { | 310 | { |
316 | return security_ops->sb_umount(mnt, flags); | 311 | return security_ops->sb_umount(mnt, flags); |