1 files changed, 0 insertions, 35 deletions
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index d0b47b859067..5e2ad5bf88e2 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -419,15 +419,6 @@ static struct ctl_table kern_table[] = {
                .proc_handler   = &proc_dointvec,
        },
 #endif
-#ifdef CONFIG_SECURITY_CAPABILITIES
-        {
-                .procname       = "cap-bound",
-                .data           = &cap_bset,
-                .maxlen         = sizeof(kernel_cap_t),
-                .mode           = 0600,
-                .proc_handler   = &proc_dointvec_bset,
-        },
-#endif /* def CONFIG_SECURITY_CAPABILITIES */
 #ifdef CONFIG_BLK_DEV_INITRD
        {
                .ctl_name       = KERN_REALROOTDEV,
@@ -2096,26 +2087,6 @@ static int do_proc_dointvec_bset_conv(int *negp, unsigned long *lvalp,
        return 0;
 }
-#ifdef CONFIG_SECURITY_CAPABILITIES
-/*
- *      init may raise the set.
- */
-int proc_dointvec_bset(struct ctl_table *table, int write, struct file *filp,
-                        void __user *buffer, size_t *lenp, loff_t *ppos)
-{
-        int op;
-        if (write && !capable(CAP_SYS_MODULE)) {
-                return -EPERM;
-        }
-        op = is_global_init(current) ? OP_SET : OP_AND;
-        return do_proc_dointvec(table,write,filp,buffer,lenp,ppos,
-                                do_proc_dointvec_bset_conv,&op);
-}
-#endif /* def CONFIG_SECURITY_CAPABILITIES */
 /*
 *      Taint values can only be increased
 */
@@ -2529,12 +2500,6 @@ int proc_dointvec(struct ctl_table *table, int write, struct file *filp,
        return -ENOSYS;
 }
-int proc_dointvec_bset(struct ctl_table *table, int write, struct file *filp,
-                        void __user *buffer, size_t *lenp, loff_t *ppos)
-{
-        return -ENOSYS;
-}
 int proc_dointvec_minmax(struct ctl_table *table, int write, struct file *filp,
                    void __user *buffer, size_t *lenp, loff_t *ppos)
 {

diff --git a/kernel/sysctl.c b/kernel/sysctl.c index d0b47b859067..5e2ad5bf88e2 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c
@@ -419,15 +419,6 @@ static struct ctl_table kern_table[] = {
419	.proc_handler = &proc_dointvec,	419	.proc_handler = &proc_dointvec,
420	},	420	},
421	#endif	421	#endif
422	#ifdef CONFIG_SECURITY_CAPABILITIES
423	{
424	.procname = "cap-bound",
425	.data = &cap_bset,
426	.maxlen = sizeof(kernel_cap_t),
427	.mode = 0600,
428	.proc_handler = &proc_dointvec_bset,
429	},
430	#endif /* def CONFIG_SECURITY_CAPABILITIES */
431	#ifdef CONFIG_BLK_DEV_INITRD	422	#ifdef CONFIG_BLK_DEV_INITRD
432	{	423	{
433	.ctl_name = KERN_REALROOTDEV,	424	.ctl_name = KERN_REALROOTDEV,
@@ -2096,26 +2087,6 @@ static int do_proc_dointvec_bset_conv(int negp, unsigned long lvalp,
2096	return 0;	2087	return 0;
2097	}	2088	}
2098		2089
2099	#ifdef CONFIG_SECURITY_CAPABILITIES
2100	/*
2101	* init may raise the set.
2102	*/
2103
2104	int proc_dointvec_bset(struct ctl_table table, int write, struct file filp,
2105	void __user buffer, size_t lenp, loff_t *ppos)
2106	{
2107	int op;
2108
2109	if (write && !capable(CAP_SYS_MODULE)) {
2110	return -EPERM;
2111	}
2112
2113	op = is_global_init(current) ? OP_SET : OP_AND;
2114	return do_proc_dointvec(table,write,filp,buffer,lenp,ppos,
2115	do_proc_dointvec_bset_conv,&op);
2116	}
2117	#endif /* def CONFIG_SECURITY_CAPABILITIES */
2118
2119	/*	2090	/*
2120	* Taint values can only be increased	2091	* Taint values can only be increased
2121	*/	2092	*/
@@ -2529,12 +2500,6 @@ int proc_dointvec(struct ctl_table table, int write, struct file filp,
2529	return -ENOSYS;	2500	return -ENOSYS;
2530	}	2501	}
2531		2502
2532	int proc_dointvec_bset(struct ctl_table table, int write, struct file filp,
2533	void __user buffer, size_t lenp, loff_t *ppos)
2534	{
2535	return -ENOSYS;
2536	}
2537
2538	int proc_dointvec_minmax(struct ctl_table table, int write, struct file filp,	2503	int proc_dointvec_minmax(struct ctl_table table, int write, struct file filp,
2539	void __user buffer, size_t lenp, loff_t *ppos)	2504	void __user buffer, size_t lenp, loff_t *ppos)
2540	{	2505	{