Commit 3011a344cdcda34cdbcb40c3fb3d1a6e89954abb
Committed by
James Morris
James Morris
1 parent
6307f8fee2
Exists in
master
and in
7 other branches
security: remove dead hook key_session_to_parent
Unused hook. Remove. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Showing 4 changed files with 0 additions and 42 deletions Side-by-side Diff
include/linux/security.h
| ... | ... | @@ -1067,13 +1067,6 @@ |
| 1067 | 1067 | * Return the length of the string (including terminating NUL) or -ve if |
| 1068 | 1068 | * an error. |
| 1069 | 1069 | * May also return 0 (and a NULL buffer pointer) if there is no label. |
| 1070 | - * @key_session_to_parent: | |
| 1071 | - * Forcibly assign the session keyring from a process to its parent | |
| 1072 | - * process. | |
| 1073 | - * @cred: Pointer to process's credentials | |
| 1074 | - * @parent_cred: Pointer to parent process's credentials | |
| 1075 | - * @keyring: Proposed new session keyring | |
| 1076 | - * Return 0 if permission is granted, -ve error otherwise. | |
| 1077 | 1070 | * |
| 1078 | 1071 | * Security hooks affecting all System V IPC operations. |
| 1079 | 1072 | * |
| ... | ... | @@ -1642,9 +1635,6 @@ |
| 1642 | 1635 | const struct cred *cred, |
| 1643 | 1636 | key_perm_t perm); |
| 1644 | 1637 | int (*key_getsecurity)(struct key *key, char **_buffer); |
| 1645 | - int (*key_session_to_parent)(const struct cred *cred, | |
| 1646 | - const struct cred *parent_cred, | |
| 1647 | - struct key *key); | |
| 1648 | 1638 | #endif /* CONFIG_KEYS */ |
| 1649 | 1639 | |
| 1650 | 1640 | #ifdef CONFIG_AUDIT |
| ... | ... | @@ -2918,9 +2908,6 @@ |
| 2918 | 2908 | int security_key_permission(key_ref_t key_ref, |
| 2919 | 2909 | const struct cred *cred, key_perm_t perm); |
| 2920 | 2910 | int security_key_getsecurity(struct key *key, char **_buffer); |
| 2921 | -int security_key_session_to_parent(const struct cred *cred, | |
| 2922 | - const struct cred *parent_cred, | |
| 2923 | - struct key *key); | |
| 2924 | 2911 | |
| 2925 | 2912 | #else |
| 2926 | 2913 | |
| ... | ... | @@ -2945,13 +2932,6 @@ |
| 2945 | 2932 | static inline int security_key_getsecurity(struct key *key, char **_buffer) |
| 2946 | 2933 | { |
| 2947 | 2934 | *_buffer = NULL; |
| 2948 | - return 0; | |
| 2949 | -} | |
| 2950 | - | |
| 2951 | -static inline int security_key_session_to_parent(const struct cred *cred, | |
| 2952 | - const struct cred *parent_cred, | |
| 2953 | - struct key *key) | |
| 2954 | -{ | |
| 2955 | 2935 | return 0; |
| 2956 | 2936 | } |
| 2957 | 2937 |
security/capability.c
| ... | ... | @@ -826,13 +826,6 @@ |
| 826 | 826 | return 0; |
| 827 | 827 | } |
| 828 | 828 | |
| 829 | -static int cap_key_session_to_parent(const struct cred *cred, | |
| 830 | - const struct cred *parent_cred, | |
| 831 | - struct key *key) | |
| 832 | -{ | |
| 833 | - return 0; | |
| 834 | -} | |
| 835 | - | |
| 836 | 829 | #endif /* CONFIG_KEYS */ |
| 837 | 830 | |
| 838 | 831 | #ifdef CONFIG_AUDIT |
| ... | ... | @@ -1053,7 +1046,6 @@ |
| 1053 | 1046 | set_to_cap_if_null(ops, key_free); |
| 1054 | 1047 | set_to_cap_if_null(ops, key_permission); |
| 1055 | 1048 | set_to_cap_if_null(ops, key_getsecurity); |
| 1056 | - set_to_cap_if_null(ops, key_session_to_parent); | |
| 1057 | 1049 | #endif /* CONFIG_KEYS */ |
| 1058 | 1050 | #ifdef CONFIG_AUDIT |
| 1059 | 1051 | set_to_cap_if_null(ops, audit_rule_init); |
security/keys/keyctl.c
| ... | ... | @@ -1295,13 +1295,6 @@ |
| 1295 | 1295 | mycred->tgcred->session_keyring->uid != mycred->euid) |
| 1296 | 1296 | goto not_permitted; |
| 1297 | 1297 | |
| 1298 | - /* the LSM must permit the replacement of the parent's keyring with the | |
| 1299 | - * keyring from this process */ | |
| 1300 | - ret = security_key_session_to_parent(mycred, pcred, | |
| 1301 | - key_ref_to_ptr(keyring_r)); | |
| 1302 | - if (ret < 0) | |
| 1303 | - goto not_permitted; | |
| 1304 | - | |
| 1305 | 1298 | /* if there's an already pending keyring replacement, then we replace |
| 1306 | 1299 | * that */ |
| 1307 | 1300 | oldcred = parent->replacement_session_keyring; |
security/security.c
| ... | ... | @@ -1262,13 +1262,6 @@ |
| 1262 | 1262 | return security_ops->key_getsecurity(key, _buffer); |
| 1263 | 1263 | } |
| 1264 | 1264 | |
| 1265 | -int security_key_session_to_parent(const struct cred *cred, | |
| 1266 | - const struct cred *parent_cred, | |
| 1267 | - struct key *key) | |
| 1268 | -{ | |
| 1269 | - return security_ops->key_session_to_parent(cred, parent_cred, key); | |
| 1270 | -} | |
| 1271 | - | |
| 1272 | 1265 | #endif /* CONFIG_KEYS */ |
| 1273 | 1266 | |
| 1274 | 1267 | #ifdef CONFIG_AUDIT |