diff options
Diffstat (limited to 'security/capability.c')
-rw-r--r-- | security/capability.c | 76 |
1 files changed, 1 insertions, 75 deletions
diff --git a/security/capability.c b/security/capability.c index 4875142b858d..8168e3ecd5bf 100644 --- a/security/capability.c +++ b/security/capability.c | |||
@@ -12,11 +12,6 @@ | |||
12 | 12 | ||
13 | #include <linux/security.h> | 13 | #include <linux/security.h> |
14 | 14 | ||
15 | static int cap_acct(struct file *file) | ||
16 | { | ||
17 | return 0; | ||
18 | } | ||
19 | |||
20 | static int cap_sysctl(ctl_table *table, int op) | 15 | static int cap_sysctl(ctl_table *table, int op) |
21 | { | 16 | { |
22 | return 0; | 17 | return 0; |
@@ -80,42 +75,16 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type, | |||
80 | return 0; | 75 | return 0; |
81 | } | 76 | } |
82 | 77 | ||
83 | static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path) | ||
84 | { | ||
85 | return 0; | ||
86 | } | ||
87 | |||
88 | static int cap_sb_umount(struct vfsmount *mnt, int flags) | 78 | static int cap_sb_umount(struct vfsmount *mnt, int flags) |
89 | { | 79 | { |
90 | return 0; | 80 | return 0; |
91 | } | 81 | } |
92 | 82 | ||
93 | static void cap_sb_umount_close(struct vfsmount *mnt) | ||
94 | { | ||
95 | } | ||
96 | |||
97 | static void cap_sb_umount_busy(struct vfsmount *mnt) | ||
98 | { | ||
99 | } | ||
100 | |||
101 | static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags, | ||
102 | void *data) | ||
103 | { | ||
104 | } | ||
105 | |||
106 | static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path) | ||
107 | { | ||
108 | } | ||
109 | |||
110 | static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) | 83 | static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) |
111 | { | 84 | { |
112 | return 0; | 85 | return 0; |
113 | } | 86 | } |
114 | 87 | ||
115 | static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path) | ||
116 | { | ||
117 | } | ||
118 | |||
119 | static int cap_sb_set_mnt_opts(struct super_block *sb, | 88 | static int cap_sb_set_mnt_opts(struct super_block *sb, |
120 | struct security_mnt_opts *opts) | 89 | struct security_mnt_opts *opts) |
121 | { | 90 | { |
@@ -221,10 +190,6 @@ static int cap_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) | |||
221 | return 0; | 190 | return 0; |
222 | } | 191 | } |
223 | 192 | ||
224 | static void cap_inode_delete(struct inode *ino) | ||
225 | { | ||
226 | } | ||
227 | |||
228 | static void cap_inode_post_setxattr(struct dentry *dentry, const char *name, | 193 | static void cap_inode_post_setxattr(struct dentry *dentry, const char *name, |
229 | const void *value, size_t size, int flags) | 194 | const void *value, size_t size, int flags) |
230 | { | 195 | { |
@@ -403,10 +368,6 @@ static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) | |||
403 | return 0; | 368 | return 0; |
404 | } | 369 | } |
405 | 370 | ||
406 | static void cap_cred_commit(struct cred *new, const struct cred *old) | ||
407 | { | ||
408 | } | ||
409 | |||
410 | static void cap_cred_transfer(struct cred *new, const struct cred *old) | 371 | static void cap_cred_transfer(struct cred *new, const struct cred *old) |
411 | { | 372 | { |
412 | } | 373 | } |
@@ -426,16 +387,6 @@ static int cap_kernel_module_request(char *kmod_name) | |||
426 | return 0; | 387 | return 0; |
427 | } | 388 | } |
428 | 389 | ||
429 | static int cap_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) | ||
430 | { | ||
431 | return 0; | ||
432 | } | ||
433 | |||
434 | static int cap_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags) | ||
435 | { | ||
436 | return 0; | ||
437 | } | ||
438 | |||
439 | static int cap_task_setpgid(struct task_struct *p, pid_t pgid) | 390 | static int cap_task_setpgid(struct task_struct *p, pid_t pgid) |
440 | { | 391 | { |
441 | return 0; | 392 | return 0; |
@@ -456,11 +407,6 @@ static void cap_task_getsecid(struct task_struct *p, u32 *secid) | |||
456 | *secid = 0; | 407 | *secid = 0; |
457 | } | 408 | } |
458 | 409 | ||
459 | static int cap_task_setgroups(struct group_info *group_info) | ||
460 | { | ||
461 | return 0; | ||
462 | } | ||
463 | |||
464 | static int cap_task_getioprio(struct task_struct *p) | 410 | static int cap_task_getioprio(struct task_struct *p) |
465 | { | 411 | { |
466 | return 0; | 412 | return 0; |
@@ -875,13 +821,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer) | |||
875 | return 0; | 821 | return 0; |
876 | } | 822 | } |
877 | 823 | ||
878 | static int cap_key_session_to_parent(const struct cred *cred, | ||
879 | const struct cred *parent_cred, | ||
880 | struct key *key) | ||
881 | { | ||
882 | return 0; | ||
883 | } | ||
884 | |||
885 | #endif /* CONFIG_KEYS */ | 824 | #endif /* CONFIG_KEYS */ |
886 | 825 | ||
887 | #ifdef CONFIG_AUDIT | 826 | #ifdef CONFIG_AUDIT |
@@ -915,13 +854,12 @@ static void cap_audit_rule_free(void *lsmrule) | |||
915 | } \ | 854 | } \ |
916 | } while (0) | 855 | } while (0) |
917 | 856 | ||
918 | void security_fixup_ops(struct security_operations *ops) | 857 | void __init security_fixup_ops(struct security_operations *ops) |
919 | { | 858 | { |
920 | set_to_cap_if_null(ops, ptrace_access_check); | 859 | set_to_cap_if_null(ops, ptrace_access_check); |
921 | set_to_cap_if_null(ops, ptrace_traceme); | 860 | set_to_cap_if_null(ops, ptrace_traceme); |
922 | set_to_cap_if_null(ops, capget); | 861 | set_to_cap_if_null(ops, capget); |
923 | set_to_cap_if_null(ops, capset); | 862 | set_to_cap_if_null(ops, capset); |
924 | set_to_cap_if_null(ops, acct); | ||
925 | set_to_cap_if_null(ops, capable); | 863 | set_to_cap_if_null(ops, capable); |
926 | set_to_cap_if_null(ops, quotactl); | 864 | set_to_cap_if_null(ops, quotactl); |
927 | set_to_cap_if_null(ops, quota_on); | 865 | set_to_cap_if_null(ops, quota_on); |
@@ -941,14 +879,8 @@ void security_fixup_ops(struct security_operations *ops) | |||
941 | set_to_cap_if_null(ops, sb_show_options); | 879 | set_to_cap_if_null(ops, sb_show_options); |
942 | set_to_cap_if_null(ops, sb_statfs); | 880 | set_to_cap_if_null(ops, sb_statfs); |
943 | set_to_cap_if_null(ops, sb_mount); | 881 | set_to_cap_if_null(ops, sb_mount); |
944 | set_to_cap_if_null(ops, sb_check_sb); | ||
945 | set_to_cap_if_null(ops, sb_umount); | 882 | set_to_cap_if_null(ops, sb_umount); |
946 | set_to_cap_if_null(ops, sb_umount_close); | ||
947 | set_to_cap_if_null(ops, sb_umount_busy); | ||
948 | set_to_cap_if_null(ops, sb_post_remount); | ||
949 | set_to_cap_if_null(ops, sb_post_addmount); | ||
950 | set_to_cap_if_null(ops, sb_pivotroot); | 883 | set_to_cap_if_null(ops, sb_pivotroot); |
951 | set_to_cap_if_null(ops, sb_post_pivotroot); | ||
952 | set_to_cap_if_null(ops, sb_set_mnt_opts); | 884 | set_to_cap_if_null(ops, sb_set_mnt_opts); |
953 | set_to_cap_if_null(ops, sb_clone_mnt_opts); | 885 | set_to_cap_if_null(ops, sb_clone_mnt_opts); |
954 | set_to_cap_if_null(ops, sb_parse_opts_str); | 886 | set_to_cap_if_null(ops, sb_parse_opts_str); |
@@ -968,7 +900,6 @@ void security_fixup_ops(struct security_operations *ops) | |||
968 | set_to_cap_if_null(ops, inode_permission); | 900 | set_to_cap_if_null(ops, inode_permission); |
969 | set_to_cap_if_null(ops, inode_setattr); | 901 | set_to_cap_if_null(ops, inode_setattr); |
970 | set_to_cap_if_null(ops, inode_getattr); | 902 | set_to_cap_if_null(ops, inode_getattr); |
971 | set_to_cap_if_null(ops, inode_delete); | ||
972 | set_to_cap_if_null(ops, inode_setxattr); | 903 | set_to_cap_if_null(ops, inode_setxattr); |
973 | set_to_cap_if_null(ops, inode_post_setxattr); | 904 | set_to_cap_if_null(ops, inode_post_setxattr); |
974 | set_to_cap_if_null(ops, inode_getxattr); | 905 | set_to_cap_if_null(ops, inode_getxattr); |
@@ -1009,19 +940,15 @@ void security_fixup_ops(struct security_operations *ops) | |||
1009 | set_to_cap_if_null(ops, cred_alloc_blank); | 940 | set_to_cap_if_null(ops, cred_alloc_blank); |
1010 | set_to_cap_if_null(ops, cred_free); | 941 | set_to_cap_if_null(ops, cred_free); |
1011 | set_to_cap_if_null(ops, cred_prepare); | 942 | set_to_cap_if_null(ops, cred_prepare); |
1012 | set_to_cap_if_null(ops, cred_commit); | ||
1013 | set_to_cap_if_null(ops, cred_transfer); | 943 | set_to_cap_if_null(ops, cred_transfer); |
1014 | set_to_cap_if_null(ops, kernel_act_as); | 944 | set_to_cap_if_null(ops, kernel_act_as); |
1015 | set_to_cap_if_null(ops, kernel_create_files_as); | 945 | set_to_cap_if_null(ops, kernel_create_files_as); |
1016 | set_to_cap_if_null(ops, kernel_module_request); | 946 | set_to_cap_if_null(ops, kernel_module_request); |
1017 | set_to_cap_if_null(ops, task_setuid); | ||
1018 | set_to_cap_if_null(ops, task_fix_setuid); | 947 | set_to_cap_if_null(ops, task_fix_setuid); |
1019 | set_to_cap_if_null(ops, task_setgid); | ||
1020 | set_to_cap_if_null(ops, task_setpgid); | 948 | set_to_cap_if_null(ops, task_setpgid); |
1021 | set_to_cap_if_null(ops, task_getpgid); | 949 | set_to_cap_if_null(ops, task_getpgid); |
1022 | set_to_cap_if_null(ops, task_getsid); | 950 | set_to_cap_if_null(ops, task_getsid); |
1023 | set_to_cap_if_null(ops, task_getsecid); | 951 | set_to_cap_if_null(ops, task_getsecid); |
1024 | set_to_cap_if_null(ops, task_setgroups); | ||
1025 | set_to_cap_if_null(ops, task_setnice); | 952 | set_to_cap_if_null(ops, task_setnice); |
1026 | set_to_cap_if_null(ops, task_setioprio); | 953 | set_to_cap_if_null(ops, task_setioprio); |
1027 | set_to_cap_if_null(ops, task_getioprio); | 954 | set_to_cap_if_null(ops, task_getioprio); |
@@ -1113,7 +1040,6 @@ void security_fixup_ops(struct security_operations *ops) | |||
1113 | set_to_cap_if_null(ops, key_free); | 1040 | set_to_cap_if_null(ops, key_free); |
1114 | set_to_cap_if_null(ops, key_permission); | 1041 | set_to_cap_if_null(ops, key_permission); |
1115 | set_to_cap_if_null(ops, key_getsecurity); | 1042 | set_to_cap_if_null(ops, key_getsecurity); |
1116 | set_to_cap_if_null(ops, key_session_to_parent); | ||
1117 | #endif /* CONFIG_KEYS */ | 1043 | #endif /* CONFIG_KEYS */ |
1118 | #ifdef CONFIG_AUDIT | 1044 | #ifdef CONFIG_AUDIT |
1119 | set_to_cap_if_null(ops, audit_rule_init); | 1045 | set_to_cap_if_null(ops, audit_rule_init); |