Commit 3011a344cdcda34cdbcb40c3fb3d1a6e89954abb
Committed by
James Morris
1 parent
6307f8fee2
Exists in
master
and in
7 other branches
security: remove dead hook key_session_to_parent
Unused hook. Remove. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Showing 4 changed files with 0 additions and 42 deletions Side-by-side Diff
include/linux/security.h
... | ... | @@ -1067,13 +1067,6 @@ |
1067 | 1067 | * Return the length of the string (including terminating NUL) or -ve if |
1068 | 1068 | * an error. |
1069 | 1069 | * May also return 0 (and a NULL buffer pointer) if there is no label. |
1070 | - * @key_session_to_parent: | |
1071 | - * Forcibly assign the session keyring from a process to its parent | |
1072 | - * process. | |
1073 | - * @cred: Pointer to process's credentials | |
1074 | - * @parent_cred: Pointer to parent process's credentials | |
1075 | - * @keyring: Proposed new session keyring | |
1076 | - * Return 0 if permission is granted, -ve error otherwise. | |
1077 | 1070 | * |
1078 | 1071 | * Security hooks affecting all System V IPC operations. |
1079 | 1072 | * |
... | ... | @@ -1642,9 +1635,6 @@ |
1642 | 1635 | const struct cred *cred, |
1643 | 1636 | key_perm_t perm); |
1644 | 1637 | int (*key_getsecurity)(struct key *key, char **_buffer); |
1645 | - int (*key_session_to_parent)(const struct cred *cred, | |
1646 | - const struct cred *parent_cred, | |
1647 | - struct key *key); | |
1648 | 1638 | #endif /* CONFIG_KEYS */ |
1649 | 1639 | |
1650 | 1640 | #ifdef CONFIG_AUDIT |
... | ... | @@ -2918,9 +2908,6 @@ |
2918 | 2908 | int security_key_permission(key_ref_t key_ref, |
2919 | 2909 | const struct cred *cred, key_perm_t perm); |
2920 | 2910 | int security_key_getsecurity(struct key *key, char **_buffer); |
2921 | -int security_key_session_to_parent(const struct cred *cred, | |
2922 | - const struct cred *parent_cred, | |
2923 | - struct key *key); | |
2924 | 2911 | |
2925 | 2912 | #else |
2926 | 2913 | |
... | ... | @@ -2945,13 +2932,6 @@ |
2945 | 2932 | static inline int security_key_getsecurity(struct key *key, char **_buffer) |
2946 | 2933 | { |
2947 | 2934 | *_buffer = NULL; |
2948 | - return 0; | |
2949 | -} | |
2950 | - | |
2951 | -static inline int security_key_session_to_parent(const struct cred *cred, | |
2952 | - const struct cred *parent_cred, | |
2953 | - struct key *key) | |
2954 | -{ | |
2955 | 2935 | return 0; |
2956 | 2936 | } |
2957 | 2937 |
security/capability.c
... | ... | @@ -826,13 +826,6 @@ |
826 | 826 | return 0; |
827 | 827 | } |
828 | 828 | |
829 | -static int cap_key_session_to_parent(const struct cred *cred, | |
830 | - const struct cred *parent_cred, | |
831 | - struct key *key) | |
832 | -{ | |
833 | - return 0; | |
834 | -} | |
835 | - | |
836 | 829 | #endif /* CONFIG_KEYS */ |
837 | 830 | |
838 | 831 | #ifdef CONFIG_AUDIT |
... | ... | @@ -1053,7 +1046,6 @@ |
1053 | 1046 | set_to_cap_if_null(ops, key_free); |
1054 | 1047 | set_to_cap_if_null(ops, key_permission); |
1055 | 1048 | set_to_cap_if_null(ops, key_getsecurity); |
1056 | - set_to_cap_if_null(ops, key_session_to_parent); | |
1057 | 1049 | #endif /* CONFIG_KEYS */ |
1058 | 1050 | #ifdef CONFIG_AUDIT |
1059 | 1051 | set_to_cap_if_null(ops, audit_rule_init); |
security/keys/keyctl.c
... | ... | @@ -1295,13 +1295,6 @@ |
1295 | 1295 | mycred->tgcred->session_keyring->uid != mycred->euid) |
1296 | 1296 | goto not_permitted; |
1297 | 1297 | |
1298 | - /* the LSM must permit the replacement of the parent's keyring with the | |
1299 | - * keyring from this process */ | |
1300 | - ret = security_key_session_to_parent(mycred, pcred, | |
1301 | - key_ref_to_ptr(keyring_r)); | |
1302 | - if (ret < 0) | |
1303 | - goto not_permitted; | |
1304 | - | |
1305 | 1298 | /* if there's an already pending keyring replacement, then we replace |
1306 | 1299 | * that */ |
1307 | 1300 | oldcred = parent->replacement_session_keyring; |
security/security.c
... | ... | @@ -1262,13 +1262,6 @@ |
1262 | 1262 | return security_ops->key_getsecurity(key, _buffer); |
1263 | 1263 | } |
1264 | 1264 | |
1265 | -int security_key_session_to_parent(const struct cred *cred, | |
1266 | - const struct cred *parent_cred, | |
1267 | - struct key *key) | |
1268 | -{ | |
1269 | - return security_ops->key_session_to_parent(cred, parent_cred, key); | |
1270 | -} | |
1271 | - | |
1272 | 1265 | #endif /* CONFIG_KEYS */ |
1273 | 1266 | |
1274 | 1267 | #ifdef CONFIG_AUDIT |