aboutsummaryrefslogtreecommitdiffstats
path: root/security/capability.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/capability.c')
-rw-r--r--security/capability.c76
1 files changed, 1 insertions, 75 deletions
diff --git a/security/capability.c b/security/capability.c
index 4875142b858d..8168e3ecd5bf 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -12,11 +12,6 @@
12 12
13#include <linux/security.h> 13#include <linux/security.h>
14 14
15static int cap_acct(struct file *file)
16{
17 return 0;
18}
19
20static int cap_sysctl(ctl_table *table, int op) 15static int cap_sysctl(ctl_table *table, int op)
21{ 16{
22 return 0; 17 return 0;
@@ -80,42 +75,16 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type,
80 return 0; 75 return 0;
81} 76}
82 77
83static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path)
84{
85 return 0;
86}
87
88static int cap_sb_umount(struct vfsmount *mnt, int flags) 78static int cap_sb_umount(struct vfsmount *mnt, int flags)
89{ 79{
90 return 0; 80 return 0;
91} 81}
92 82
93static void cap_sb_umount_close(struct vfsmount *mnt)
94{
95}
96
97static void cap_sb_umount_busy(struct vfsmount *mnt)
98{
99}
100
101static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags,
102 void *data)
103{
104}
105
106static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path)
107{
108}
109
110static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) 83static int cap_sb_pivotroot(struct path *old_path, struct path *new_path)
111{ 84{
112 return 0; 85 return 0;
113} 86}
114 87
115static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path)
116{
117}
118
119static int cap_sb_set_mnt_opts(struct super_block *sb, 88static int cap_sb_set_mnt_opts(struct super_block *sb,
120 struct security_mnt_opts *opts) 89 struct security_mnt_opts *opts)
121{ 90{
@@ -221,10 +190,6 @@ static int cap_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
221 return 0; 190 return 0;
222} 191}
223 192
224static void cap_inode_delete(struct inode *ino)
225{
226}
227
228static void cap_inode_post_setxattr(struct dentry *dentry, const char *name, 193static void cap_inode_post_setxattr(struct dentry *dentry, const char *name,
229 const void *value, size_t size, int flags) 194 const void *value, size_t size, int flags)
230{ 195{
@@ -403,10 +368,6 @@ static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp)
403 return 0; 368 return 0;
404} 369}
405 370
406static void cap_cred_commit(struct cred *new, const struct cred *old)
407{
408}
409
410static void cap_cred_transfer(struct cred *new, const struct cred *old) 371static void cap_cred_transfer(struct cred *new, const struct cred *old)
411{ 372{
412} 373}
@@ -426,16 +387,6 @@ static int cap_kernel_module_request(char *kmod_name)
426 return 0; 387 return 0;
427} 388}
428 389
429static int cap_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
430{
431 return 0;
432}
433
434static int cap_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
435{
436 return 0;
437}
438
439static int cap_task_setpgid(struct task_struct *p, pid_t pgid) 390static int cap_task_setpgid(struct task_struct *p, pid_t pgid)
440{ 391{
441 return 0; 392 return 0;
@@ -456,11 +407,6 @@ static void cap_task_getsecid(struct task_struct *p, u32 *secid)
456 *secid = 0; 407 *secid = 0;
457} 408}
458 409
459static int cap_task_setgroups(struct group_info *group_info)
460{
461 return 0;
462}
463
464static int cap_task_getioprio(struct task_struct *p) 410static int cap_task_getioprio(struct task_struct *p)
465{ 411{
466 return 0; 412 return 0;
@@ -875,13 +821,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer)
875 return 0; 821 return 0;
876} 822}
877 823
878static int cap_key_session_to_parent(const struct cred *cred,
879 const struct cred *parent_cred,
880 struct key *key)
881{
882 return 0;
883}
884
885#endif /* CONFIG_KEYS */ 824#endif /* CONFIG_KEYS */
886 825
887#ifdef CONFIG_AUDIT 826#ifdef CONFIG_AUDIT
@@ -915,13 +854,12 @@ static void cap_audit_rule_free(void *lsmrule)
915 } \ 854 } \
916 } while (0) 855 } while (0)
917 856
918void security_fixup_ops(struct security_operations *ops) 857void __init security_fixup_ops(struct security_operations *ops)
919{ 858{
920 set_to_cap_if_null(ops, ptrace_access_check); 859 set_to_cap_if_null(ops, ptrace_access_check);
921 set_to_cap_if_null(ops, ptrace_traceme); 860 set_to_cap_if_null(ops, ptrace_traceme);
922 set_to_cap_if_null(ops, capget); 861 set_to_cap_if_null(ops, capget);
923 set_to_cap_if_null(ops, capset); 862 set_to_cap_if_null(ops, capset);
924 set_to_cap_if_null(ops, acct);
925 set_to_cap_if_null(ops, capable); 863 set_to_cap_if_null(ops, capable);
926 set_to_cap_if_null(ops, quotactl); 864 set_to_cap_if_null(ops, quotactl);
927 set_to_cap_if_null(ops, quota_on); 865 set_to_cap_if_null(ops, quota_on);
@@ -941,14 +879,8 @@ void security_fixup_ops(struct security_operations *ops)
941 set_to_cap_if_null(ops, sb_show_options); 879 set_to_cap_if_null(ops, sb_show_options);
942 set_to_cap_if_null(ops, sb_statfs); 880 set_to_cap_if_null(ops, sb_statfs);
943 set_to_cap_if_null(ops, sb_mount); 881 set_to_cap_if_null(ops, sb_mount);
944 set_to_cap_if_null(ops, sb_check_sb);
945 set_to_cap_if_null(ops, sb_umount); 882 set_to_cap_if_null(ops, sb_umount);
946 set_to_cap_if_null(ops, sb_umount_close);
947 set_to_cap_if_null(ops, sb_umount_busy);
948 set_to_cap_if_null(ops, sb_post_remount);
949 set_to_cap_if_null(ops, sb_post_addmount);
950 set_to_cap_if_null(ops, sb_pivotroot); 883 set_to_cap_if_null(ops, sb_pivotroot);
951 set_to_cap_if_null(ops, sb_post_pivotroot);
952 set_to_cap_if_null(ops, sb_set_mnt_opts); 884 set_to_cap_if_null(ops, sb_set_mnt_opts);
953 set_to_cap_if_null(ops, sb_clone_mnt_opts); 885 set_to_cap_if_null(ops, sb_clone_mnt_opts);
954 set_to_cap_if_null(ops, sb_parse_opts_str); 886 set_to_cap_if_null(ops, sb_parse_opts_str);
@@ -968,7 +900,6 @@ void security_fixup_ops(struct security_operations *ops)
968 set_to_cap_if_null(ops, inode_permission); 900 set_to_cap_if_null(ops, inode_permission);
969 set_to_cap_if_null(ops, inode_setattr); 901 set_to_cap_if_null(ops, inode_setattr);
970 set_to_cap_if_null(ops, inode_getattr); 902 set_to_cap_if_null(ops, inode_getattr);
971 set_to_cap_if_null(ops, inode_delete);
972 set_to_cap_if_null(ops, inode_setxattr); 903 set_to_cap_if_null(ops, inode_setxattr);
973 set_to_cap_if_null(ops, inode_post_setxattr); 904 set_to_cap_if_null(ops, inode_post_setxattr);
974 set_to_cap_if_null(ops, inode_getxattr); 905 set_to_cap_if_null(ops, inode_getxattr);
@@ -1009,19 +940,15 @@ void security_fixup_ops(struct security_operations *ops)
1009 set_to_cap_if_null(ops, cred_alloc_blank); 940 set_to_cap_if_null(ops, cred_alloc_blank);
1010 set_to_cap_if_null(ops, cred_free); 941 set_to_cap_if_null(ops, cred_free);
1011 set_to_cap_if_null(ops, cred_prepare); 942 set_to_cap_if_null(ops, cred_prepare);
1012 set_to_cap_if_null(ops, cred_commit);
1013 set_to_cap_if_null(ops, cred_transfer); 943 set_to_cap_if_null(ops, cred_transfer);
1014 set_to_cap_if_null(ops, kernel_act_as); 944 set_to_cap_if_null(ops, kernel_act_as);
1015 set_to_cap_if_null(ops, kernel_create_files_as); 945 set_to_cap_if_null(ops, kernel_create_files_as);
1016 set_to_cap_if_null(ops, kernel_module_request); 946 set_to_cap_if_null(ops, kernel_module_request);
1017 set_to_cap_if_null(ops, task_setuid);
1018 set_to_cap_if_null(ops, task_fix_setuid); 947 set_to_cap_if_null(ops, task_fix_setuid);
1019 set_to_cap_if_null(ops, task_setgid);
1020 set_to_cap_if_null(ops, task_setpgid); 948 set_to_cap_if_null(ops, task_setpgid);
1021 set_to_cap_if_null(ops, task_getpgid); 949 set_to_cap_if_null(ops, task_getpgid);
1022 set_to_cap_if_null(ops, task_getsid); 950 set_to_cap_if_null(ops, task_getsid);
1023 set_to_cap_if_null(ops, task_getsecid); 951 set_to_cap_if_null(ops, task_getsecid);
1024 set_to_cap_if_null(ops, task_setgroups);
1025 set_to_cap_if_null(ops, task_setnice); 952 set_to_cap_if_null(ops, task_setnice);
1026 set_to_cap_if_null(ops, task_setioprio); 953 set_to_cap_if_null(ops, task_setioprio);
1027 set_to_cap_if_null(ops, task_getioprio); 954 set_to_cap_if_null(ops, task_getioprio);
@@ -1113,7 +1040,6 @@ void security_fixup_ops(struct security_operations *ops)
1113 set_to_cap_if_null(ops, key_free); 1040 set_to_cap_if_null(ops, key_free);
1114 set_to_cap_if_null(ops, key_permission); 1041 set_to_cap_if_null(ops, key_permission);
1115 set_to_cap_if_null(ops, key_getsecurity); 1042 set_to_cap_if_null(ops, key_getsecurity);
1116 set_to_cap_if_null(ops, key_session_to_parent);
1117#endif /* CONFIG_KEYS */ 1043#endif /* CONFIG_KEYS */
1118#ifdef CONFIG_AUDIT 1044#ifdef CONFIG_AUDIT
1119 set_to_cap_if_null(ops, audit_rule_init); 1045 set_to_cap_if_null(ops, audit_rule_init);