diff options
| -rw-r--r-- | fs/namespace.c | 1 | ||||
| -rw-r--r-- | include/linux/security.h | 11 | ||||
| -rw-r--r-- | security/capability.c | 5 | ||||
| -rw-r--r-- | security/security.c | 5 |
4 files changed, 0 insertions, 22 deletions
diff --git a/fs/namespace.c b/fs/namespace.c index 7a0c9ce62bed..c36785a2fd86 100644 --- a/fs/namespace.c +++ b/fs/namespace.c | |||
| @@ -2265,7 +2265,6 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, | |||
| 2265 | touch_mnt_namespace(current->nsproxy->mnt_ns); | 2265 | touch_mnt_namespace(current->nsproxy->mnt_ns); |
| 2266 | spin_unlock(&vfsmount_lock); | 2266 | spin_unlock(&vfsmount_lock); |
| 2267 | chroot_fs_refs(&root, &new); | 2267 | chroot_fs_refs(&root, &new); |
| 2268 | security_sb_post_pivotroot(&root, &new); | ||
| 2269 | error = 0; | 2268 | error = 0; |
| 2270 | path_put(&root_parent); | 2269 | path_put(&root_parent); |
| 2271 | path_put(&parent_path); | 2270 | path_put(&parent_path); |
diff --git a/include/linux/security.h b/include/linux/security.h index a42d733086a1..4de5bbb39052 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -277,10 +277,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 277 | * @old_path contains the path for the new location of the current root (put_old). | 277 | * @old_path contains the path for the new location of the current root (put_old). |
| 278 | * @new_path contains the path for the new root (new_root). | 278 | * @new_path contains the path for the new root (new_root). |
| 279 | * Return 0 if permission is granted. | 279 | * Return 0 if permission is granted. |
| 280 | * @sb_post_pivotroot: | ||
| 281 | * Update module state after a successful pivot. | ||
| 282 | * @old_path contains the path for the old root. | ||
| 283 | * @new_path contains the path for the new root. | ||
| 284 | * @sb_set_mnt_opts: | 280 | * @sb_set_mnt_opts: |
| 285 | * Set the security relevant mount options used for a superblock | 281 | * Set the security relevant mount options used for a superblock |
| 286 | * @sb the superblock to set security mount options for | 282 | * @sb the superblock to set security mount options for |
| @@ -1458,8 +1454,6 @@ struct security_operations { | |||
| 1458 | int (*sb_umount) (struct vfsmount *mnt, int flags); | 1454 | int (*sb_umount) (struct vfsmount *mnt, int flags); |
| 1459 | int (*sb_pivotroot) (struct path *old_path, | 1455 | int (*sb_pivotroot) (struct path *old_path, |
| 1460 | struct path *new_path); | 1456 | struct path *new_path); |
| 1461 | void (*sb_post_pivotroot) (struct path *old_path, | ||
| 1462 | struct path *new_path); | ||
| 1463 | int (*sb_set_mnt_opts) (struct super_block *sb, | 1457 | int (*sb_set_mnt_opts) (struct super_block *sb, |
| 1464 | struct security_mnt_opts *opts); | 1458 | struct security_mnt_opts *opts); |
| 1465 | void (*sb_clone_mnt_opts) (const struct super_block *oldsb, | 1459 | void (*sb_clone_mnt_opts) (const struct super_block *oldsb, |
| @@ -1749,7 +1743,6 @@ int security_sb_mount(char *dev_name, struct path *path, | |||
| 1749 | char *type, unsigned long flags, void *data); | 1743 | char *type, unsigned long flags, void *data); |
| 1750 | int security_sb_umount(struct vfsmount *mnt, int flags); | 1744 | int security_sb_umount(struct vfsmount *mnt, int flags); |
| 1751 | int security_sb_pivotroot(struct path *old_path, struct path *new_path); | 1745 | int security_sb_pivotroot(struct path *old_path, struct path *new_path); |
| 1752 | void security_sb_post_pivotroot(struct path *old_path, struct path *new_path); | ||
| 1753 | int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts); | 1746 | int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts); |
| 1754 | void security_sb_clone_mnt_opts(const struct super_block *oldsb, | 1747 | void security_sb_clone_mnt_opts(const struct super_block *oldsb, |
| 1755 | struct super_block *newsb); | 1748 | struct super_block *newsb); |
| @@ -2069,10 +2062,6 @@ static inline int security_sb_pivotroot(struct path *old_path, | |||
| 2069 | return 0; | 2062 | return 0; |
| 2070 | } | 2063 | } |
| 2071 | 2064 | ||
| 2072 | static inline void security_sb_post_pivotroot(struct path *old_path, | ||
| 2073 | struct path *new_path) | ||
| 2074 | { } | ||
| 2075 | |||
| 2076 | static inline int security_sb_set_mnt_opts(struct super_block *sb, | 2065 | static inline int security_sb_set_mnt_opts(struct super_block *sb, |
| 2077 | struct security_mnt_opts *opts) | 2066 | struct security_mnt_opts *opts) |
| 2078 | { | 2067 | { |
diff --git a/security/capability.c b/security/capability.c index 38752ddf69d7..b64b50105a04 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -90,10 +90,6 @@ static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) | |||
| 90 | return 0; | 90 | return 0; |
| 91 | } | 91 | } |
| 92 | 92 | ||
| 93 | static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path) | ||
| 94 | { | ||
| 95 | } | ||
| 96 | |||
| 97 | static int cap_sb_set_mnt_opts(struct super_block *sb, | 93 | static int cap_sb_set_mnt_opts(struct super_block *sb, |
| 98 | struct security_mnt_opts *opts) | 94 | struct security_mnt_opts *opts) |
| 99 | { | 95 | { |
| @@ -921,7 +917,6 @@ void security_fixup_ops(struct security_operations *ops) | |||
| 921 | set_to_cap_if_null(ops, sb_mount); | 917 | set_to_cap_if_null(ops, sb_mount); |
| 922 | set_to_cap_if_null(ops, sb_umount); | 918 | set_to_cap_if_null(ops, sb_umount); |
| 923 | set_to_cap_if_null(ops, sb_pivotroot); | 919 | set_to_cap_if_null(ops, sb_pivotroot); |
| 924 | set_to_cap_if_null(ops, sb_post_pivotroot); | ||
| 925 | set_to_cap_if_null(ops, sb_set_mnt_opts); | 920 | set_to_cap_if_null(ops, sb_set_mnt_opts); |
| 926 | set_to_cap_if_null(ops, sb_clone_mnt_opts); | 921 | set_to_cap_if_null(ops, sb_clone_mnt_opts); |
| 927 | set_to_cap_if_null(ops, sb_parse_opts_str); | 922 | set_to_cap_if_null(ops, sb_parse_opts_str); |
diff --git a/security/security.c b/security/security.c index 6a8e5411d7a0..5223fa408271 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -316,11 +316,6 @@ int security_sb_pivotroot(struct path *old_path, struct path *new_path) | |||
| 316 | return security_ops->sb_pivotroot(old_path, new_path); | 316 | return security_ops->sb_pivotroot(old_path, new_path); |
| 317 | } | 317 | } |
| 318 | 318 | ||
| 319 | void security_sb_post_pivotroot(struct path *old_path, struct path *new_path) | ||
| 320 | { | ||
| 321 | security_ops->sb_post_pivotroot(old_path, new_path); | ||
| 322 | } | ||
| 323 | |||
| 324 | int security_sb_set_mnt_opts(struct super_block *sb, | 319 | int security_sb_set_mnt_opts(struct super_block *sb, |
| 325 | struct security_mnt_opts *opts) | 320 | struct security_mnt_opts *opts) |
| 326 | { | 321 | { |