Commit a74574aafea3a63add3251047601611111f44562
Committed by
Linus Torvalds
Linus Torvalds
1 parent
570bc1c2e5
Exists in
master
and in
7 other branches
[PATCH] Remove security_inode_post_create/mkdir/symlink/mknod hooks
This patch removes the inode_post_create/mkdir/mknod/symlink LSM hooks as they are obsoleted by the new inode_init_security hook that enables atomic inode security labeling. If anyone sees any reason to retain these hooks, please speak now. Also, is anyone using the post_rename/link hooks; if not, those could also be removed. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Showing 5 changed files with 4 additions and 242 deletions Side-by-side Diff
fs/namei.c
| ... | ... | @@ -1316,10 +1316,8 @@ |
| 1316 | 1316 | return error; |
| 1317 | 1317 | DQUOT_INIT(dir); |
| 1318 | 1318 | error = dir->i_op->create(dir, dentry, mode, nd); |
| 1319 | - if (!error) { | |
| 1319 | + if (!error) | |
| 1320 | 1320 | fsnotify_create(dir, dentry->d_name.name); |
| 1321 | - security_inode_post_create(dir, dentry, mode); | |
| 1322 | - } | |
| 1323 | 1321 | return error; |
| 1324 | 1322 | } |
| 1325 | 1323 | |
| 1326 | 1324 | |
| ... | ... | @@ -1635,10 +1633,8 @@ |
| 1635 | 1633 | |
| 1636 | 1634 | DQUOT_INIT(dir); |
| 1637 | 1635 | error = dir->i_op->mknod(dir, dentry, mode, dev); |
| 1638 | - if (!error) { | |
| 1636 | + if (!error) | |
| 1639 | 1637 | fsnotify_create(dir, dentry->d_name.name); |
| 1640 | - security_inode_post_mknod(dir, dentry, mode, dev); | |
| 1641 | - } | |
| 1642 | 1638 | return error; |
| 1643 | 1639 | } |
| 1644 | 1640 | |
| 1645 | 1641 | |
| ... | ... | @@ -1708,10 +1704,8 @@ |
| 1708 | 1704 | |
| 1709 | 1705 | DQUOT_INIT(dir); |
| 1710 | 1706 | error = dir->i_op->mkdir(dir, dentry, mode); |
| 1711 | - if (!error) { | |
| 1707 | + if (!error) | |
| 1712 | 1708 | fsnotify_mkdir(dir, dentry->d_name.name); |
| 1713 | - security_inode_post_mkdir(dir,dentry, mode); | |
| 1714 | - } | |
| 1715 | 1709 | return error; |
| 1716 | 1710 | } |
| 1717 | 1711 | |
| 1718 | 1712 | |
| ... | ... | @@ -1947,10 +1941,8 @@ |
| 1947 | 1941 | |
| 1948 | 1942 | DQUOT_INIT(dir); |
| 1949 | 1943 | error = dir->i_op->symlink(dir, dentry, oldname); |
| 1950 | - if (!error) { | |
| 1944 | + if (!error) | |
| 1951 | 1945 | fsnotify_create(dir, dentry->d_name.name); |
| 1952 | - security_inode_post_symlink(dir, dentry, oldname); | |
| 1953 | - } | |
| 1954 | 1946 | return error; |
| 1955 | 1947 | } |
| 1956 | 1948 |
include/linux/security.h
| ... | ... | @@ -275,12 +275,6 @@ |
| 275 | 275 | * @dentry contains the dentry structure for the file to be created. |
| 276 | 276 | * @mode contains the file mode of the file to be created. |
| 277 | 277 | * Return 0 if permission is granted. |
| 278 | - * @inode_post_create: | |
| 279 | - * Set the security attributes on a newly created regular file. This hook | |
| 280 | - * is called after a file has been successfully created. | |
| 281 | - * @dir contains the inode structure of the parent directory of the new file. | |
| 282 | - * @dentry contains the the dentry structure for the newly created file. | |
| 283 | - * @mode contains the file mode. | |
| 284 | 278 | * @inode_link: |
| 285 | 279 | * Check permission before creating a new hard link to a file. |
| 286 | 280 | * @old_dentry contains the dentry structure for an existing link to the file. |
| ... | ... | @@ -303,13 +297,6 @@ |
| 303 | 297 | * @dentry contains the dentry structure of the symbolic link. |
| 304 | 298 | * @old_name contains the pathname of file. |
| 305 | 299 | * Return 0 if permission is granted. |
| 306 | - * @inode_post_symlink: | |
| 307 | - * @dir contains the inode structure of the parent directory of the new link. | |
| 308 | - * @dentry contains the dentry structure of new symbolic link. | |
| 309 | - * @old_name contains the pathname of file. | |
| 310 | - * Set security attributes for a newly created symbolic link. Note that | |
| 311 | - * @dentry->d_inode may be NULL, since the filesystem might not | |
| 312 | - * instantiate the dentry (e.g. NFS). | |
| 313 | 300 | * @inode_mkdir: |
| 314 | 301 | * Check permissions to create a new directory in the existing directory |
| 315 | 302 | * associated with inode strcture @dir. |
| ... | ... | @@ -317,11 +304,6 @@ |
| 317 | 304 | * @dentry contains the dentry structure of new directory. |
| 318 | 305 | * @mode contains the mode of new directory. |
| 319 | 306 | * Return 0 if permission is granted. |
| 320 | - * @inode_post_mkdir: | |
| 321 | - * Set security attributes on a newly created directory. | |
| 322 | - * @dir contains the inode structure of parent of the directory to be created. | |
| 323 | - * @dentry contains the dentry structure of new directory. | |
| 324 | - * @mode contains the mode of new directory. | |
| 325 | 307 | * @inode_rmdir: |
| 326 | 308 | * Check the permission to remove a directory. |
| 327 | 309 | * @dir contains the inode structure of parent of the directory to be removed. |
| ... | ... | @@ -337,13 +319,6 @@ |
| 337 | 319 | * @mode contains the mode of the new file. |
| 338 | 320 | * @dev contains the the device number. |
| 339 | 321 | * Return 0 if permission is granted. |
| 340 | - * @inode_post_mknod: | |
| 341 | - * Set security attributes on a newly created special file (or socket or | |
| 342 | - * fifo file created via the mknod system call). | |
| 343 | - * @dir contains the inode structure of parent of the new node. | |
| 344 | - * @dentry contains the dentry structure of the new node. | |
| 345 | - * @mode contains the mode of the new node. | |
| 346 | - * @dev contains the the device number. | |
| 347 | 322 | * @inode_rename: |
| 348 | 323 | * Check for permission to rename a file or directory. |
| 349 | 324 | * @old_dir contains the inode structure for parent of the old link. |
| ... | ... | @@ -1103,8 +1078,6 @@ |
| 1103 | 1078 | char **name, void **value, size_t *len); |
| 1104 | 1079 | int (*inode_create) (struct inode *dir, |
| 1105 | 1080 | struct dentry *dentry, int mode); |
| 1106 | - void (*inode_post_create) (struct inode *dir, | |
| 1107 | - struct dentry *dentry, int mode); | |
| 1108 | 1081 | int (*inode_link) (struct dentry *old_dentry, |
| 1109 | 1082 | struct inode *dir, struct dentry *new_dentry); |
| 1110 | 1083 | void (*inode_post_link) (struct dentry *old_dentry, |
| 1111 | 1084 | |
| 1112 | 1085 | |
| ... | ... | @@ -1112,17 +1085,10 @@ |
| 1112 | 1085 | int (*inode_unlink) (struct inode *dir, struct dentry *dentry); |
| 1113 | 1086 | int (*inode_symlink) (struct inode *dir, |
| 1114 | 1087 | struct dentry *dentry, const char *old_name); |
| 1115 | - void (*inode_post_symlink) (struct inode *dir, | |
| 1116 | - struct dentry *dentry, | |
| 1117 | - const char *old_name); | |
| 1118 | 1088 | int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode); |
| 1119 | - void (*inode_post_mkdir) (struct inode *dir, struct dentry *dentry, | |
| 1120 | - int mode); | |
| 1121 | 1089 | int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); |
| 1122 | 1090 | int (*inode_mknod) (struct inode *dir, struct dentry *dentry, |
| 1123 | 1091 | int mode, dev_t dev); |
| 1124 | - void (*inode_post_mknod) (struct inode *dir, struct dentry *dentry, | |
| 1125 | - int mode, dev_t dev); | |
| 1126 | 1092 | int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, |
| 1127 | 1093 | struct inode *new_dir, struct dentry *new_dentry); |
| 1128 | 1094 | void (*inode_post_rename) (struct inode *old_dir, |
| ... | ... | @@ -1484,15 +1450,6 @@ |
| 1484 | 1450 | return security_ops->inode_create (dir, dentry, mode); |
| 1485 | 1451 | } |
| 1486 | 1452 | |
| 1487 | -static inline void security_inode_post_create (struct inode *dir, | |
| 1488 | - struct dentry *dentry, | |
| 1489 | - int mode) | |
| 1490 | -{ | |
| 1491 | - if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode))) | |
| 1492 | - return; | |
| 1493 | - security_ops->inode_post_create (dir, dentry, mode); | |
| 1494 | -} | |
| 1495 | - | |
| 1496 | 1453 | static inline int security_inode_link (struct dentry *old_dentry, |
| 1497 | 1454 | struct inode *dir, |
| 1498 | 1455 | struct dentry *new_dentry) |
| ... | ... | @@ -1528,15 +1485,6 @@ |
| 1528 | 1485 | return security_ops->inode_symlink (dir, dentry, old_name); |
| 1529 | 1486 | } |
| 1530 | 1487 | |
| 1531 | -static inline void security_inode_post_symlink (struct inode *dir, | |
| 1532 | - struct dentry *dentry, | |
| 1533 | - const char *old_name) | |
| 1534 | -{ | |
| 1535 | - if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode))) | |
| 1536 | - return; | |
| 1537 | - security_ops->inode_post_symlink (dir, dentry, old_name); | |
| 1538 | -} | |
| 1539 | - | |
| 1540 | 1488 | static inline int security_inode_mkdir (struct inode *dir, |
| 1541 | 1489 | struct dentry *dentry, |
| 1542 | 1490 | int mode) |
| ... | ... | @@ -1546,15 +1494,6 @@ |
| 1546 | 1494 | return security_ops->inode_mkdir (dir, dentry, mode); |
| 1547 | 1495 | } |
| 1548 | 1496 | |
| 1549 | -static inline void security_inode_post_mkdir (struct inode *dir, | |
| 1550 | - struct dentry *dentry, | |
| 1551 | - int mode) | |
| 1552 | -{ | |
| 1553 | - if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode))) | |
| 1554 | - return; | |
| 1555 | - security_ops->inode_post_mkdir (dir, dentry, mode); | |
| 1556 | -} | |
| 1557 | - | |
| 1558 | 1497 | static inline int security_inode_rmdir (struct inode *dir, |
| 1559 | 1498 | struct dentry *dentry) |
| 1560 | 1499 | { |
| ... | ... | @@ -1572,15 +1511,6 @@ |
| 1572 | 1511 | return security_ops->inode_mknod (dir, dentry, mode, dev); |
| 1573 | 1512 | } |
| 1574 | 1513 | |
| 1575 | -static inline void security_inode_post_mknod (struct inode *dir, | |
| 1576 | - struct dentry *dentry, | |
| 1577 | - int mode, dev_t dev) | |
| 1578 | -{ | |
| 1579 | - if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode))) | |
| 1580 | - return; | |
| 1581 | - security_ops->inode_post_mknod (dir, dentry, mode, dev); | |
| 1582 | -} | |
| 1583 | - | |
| 1584 | 1514 | static inline int security_inode_rename (struct inode *old_dir, |
| 1585 | 1515 | struct dentry *old_dentry, |
| 1586 | 1516 | struct inode *new_dir, |
| ... | ... | @@ -2220,11 +2150,6 @@ |
| 2220 | 2150 | return 0; |
| 2221 | 2151 | } |
| 2222 | 2152 | |
| 2223 | -static inline void security_inode_post_create (struct inode *dir, | |
| 2224 | - struct dentry *dentry, | |
| 2225 | - int mode) | |
| 2226 | -{ } | |
| 2227 | - | |
| 2228 | 2153 | static inline int security_inode_link (struct dentry *old_dentry, |
| 2229 | 2154 | struct inode *dir, |
| 2230 | 2155 | struct dentry *new_dentry) |
| ... | ... | @@ -2250,11 +2175,6 @@ |
| 2250 | 2175 | return 0; |
| 2251 | 2176 | } |
| 2252 | 2177 | |
| 2253 | -static inline void security_inode_post_symlink (struct inode *dir, | |
| 2254 | - struct dentry *dentry, | |
| 2255 | - const char *old_name) | |
| 2256 | -{ } | |
| 2257 | - | |
| 2258 | 2178 | static inline int security_inode_mkdir (struct inode *dir, |
| 2259 | 2179 | struct dentry *dentry, |
| 2260 | 2180 | int mode) |
| ... | ... | @@ -2262,11 +2182,6 @@ |
| 2262 | 2182 | return 0; |
| 2263 | 2183 | } |
| 2264 | 2184 | |
| 2265 | -static inline void security_inode_post_mkdir (struct inode *dir, | |
| 2266 | - struct dentry *dentry, | |
| 2267 | - int mode) | |
| 2268 | -{ } | |
| 2269 | - | |
| 2270 | 2185 | static inline int security_inode_rmdir (struct inode *dir, |
| 2271 | 2186 | struct dentry *dentry) |
| 2272 | 2187 | { |
| ... | ... | @@ -2279,11 +2194,6 @@ |
| 2279 | 2194 | { |
| 2280 | 2195 | return 0; |
| 2281 | 2196 | } |
| 2282 | - | |
| 2283 | -static inline void security_inode_post_mknod (struct inode *dir, | |
| 2284 | - struct dentry *dentry, | |
| 2285 | - int mode, dev_t dev) | |
| 2286 | -{ } | |
| 2287 | 2197 | |
| 2288 | 2198 | static inline int security_inode_rename (struct inode *old_dir, |
| 2289 | 2199 | struct dentry *old_dentry, |
security/dummy.c
| ... | ... | @@ -270,12 +270,6 @@ |
| 270 | 270 | return 0; |
| 271 | 271 | } |
| 272 | 272 | |
| 273 | -static void dummy_inode_post_create (struct inode *inode, struct dentry *dentry, | |
| 274 | - int mask) | |
| 275 | -{ | |
| 276 | - return; | |
| 277 | -} | |
| 278 | - | |
| 279 | 273 | static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode, |
| 280 | 274 | struct dentry *new_dentry) |
| 281 | 275 | { |
| 282 | 276 | |
| ... | ... | @@ -300,24 +294,12 @@ |
| 300 | 294 | return 0; |
| 301 | 295 | } |
| 302 | 296 | |
| 303 | -static void dummy_inode_post_symlink (struct inode *inode, | |
| 304 | - struct dentry *dentry, const char *name) | |
| 305 | -{ | |
| 306 | - return; | |
| 307 | -} | |
| 308 | - | |
| 309 | 297 | static int dummy_inode_mkdir (struct inode *inode, struct dentry *dentry, |
| 310 | 298 | int mask) |
| 311 | 299 | { |
| 312 | 300 | return 0; |
| 313 | 301 | } |
| 314 | 302 | |
| 315 | -static void dummy_inode_post_mkdir (struct inode *inode, struct dentry *dentry, | |
| 316 | - int mask) | |
| 317 | -{ | |
| 318 | - return; | |
| 319 | -} | |
| 320 | - | |
| 321 | 303 | static int dummy_inode_rmdir (struct inode *inode, struct dentry *dentry) |
| 322 | 304 | { |
| 323 | 305 | return 0; |
| ... | ... | @@ -329,12 +311,6 @@ |
| 329 | 311 | return 0; |
| 330 | 312 | } |
| 331 | 313 | |
| 332 | -static void dummy_inode_post_mknod (struct inode *inode, struct dentry *dentry, | |
| 333 | - int mode, dev_t dev) | |
| 334 | -{ | |
| 335 | - return; | |
| 336 | -} | |
| 337 | - | |
| 338 | 314 | static int dummy_inode_rename (struct inode *old_inode, |
| 339 | 315 | struct dentry *old_dentry, |
| 340 | 316 | struct inode *new_inode, |
| 341 | 317 | |
| 342 | 318 | |
| 343 | 319 | |
| ... | ... | @@ -894,17 +870,13 @@ |
| 894 | 870 | set_to_dummy_if_null(ops, inode_free_security); |
| 895 | 871 | set_to_dummy_if_null(ops, inode_init_security); |
| 896 | 872 | set_to_dummy_if_null(ops, inode_create); |
| 897 | - set_to_dummy_if_null(ops, inode_post_create); | |
| 898 | 873 | set_to_dummy_if_null(ops, inode_link); |
| 899 | 874 | set_to_dummy_if_null(ops, inode_post_link); |
| 900 | 875 | set_to_dummy_if_null(ops, inode_unlink); |
| 901 | 876 | set_to_dummy_if_null(ops, inode_symlink); |
| 902 | - set_to_dummy_if_null(ops, inode_post_symlink); | |
| 903 | 877 | set_to_dummy_if_null(ops, inode_mkdir); |
| 904 | - set_to_dummy_if_null(ops, inode_post_mkdir); | |
| 905 | 878 | set_to_dummy_if_null(ops, inode_rmdir); |
| 906 | 879 | set_to_dummy_if_null(ops, inode_mknod); |
| 907 | - set_to_dummy_if_null(ops, inode_post_mknod); | |
| 908 | 880 | set_to_dummy_if_null(ops, inode_rename); |
| 909 | 881 | set_to_dummy_if_null(ops, inode_post_rename); |
| 910 | 882 | set_to_dummy_if_null(ops, inode_readlink); |
security/selinux/hooks.c
| ... | ... | @@ -1265,91 +1265,6 @@ |
| 1265 | 1265 | return 0; |
| 1266 | 1266 | } |
| 1267 | 1267 | |
| 1268 | -/* Set the security attributes on a newly created file. */ | |
| 1269 | -static int post_create(struct inode *dir, | |
| 1270 | - struct dentry *dentry) | |
| 1271 | -{ | |
| 1272 | - | |
| 1273 | - struct task_security_struct *tsec; | |
| 1274 | - struct inode *inode; | |
| 1275 | - struct inode_security_struct *dsec; | |
| 1276 | - struct superblock_security_struct *sbsec; | |
| 1277 | - struct inode_security_struct *isec; | |
| 1278 | - u32 newsid; | |
| 1279 | - char *context; | |
| 1280 | - unsigned int len; | |
| 1281 | - int rc; | |
| 1282 | - | |
| 1283 | - tsec = current->security; | |
| 1284 | - dsec = dir->i_security; | |
| 1285 | - sbsec = dir->i_sb->s_security; | |
| 1286 | - | |
| 1287 | - inode = dentry->d_inode; | |
| 1288 | - if (!inode) { | |
| 1289 | - /* Some file system types (e.g. NFS) may not instantiate | |
| 1290 | - a dentry for all create operations (e.g. symlink), | |
| 1291 | - so we have to check to see if the inode is non-NULL. */ | |
| 1292 | - printk(KERN_WARNING "post_create: no inode, dir (dev=%s, " | |
| 1293 | - "ino=%ld)\n", dir->i_sb->s_id, dir->i_ino); | |
| 1294 | - return 0; | |
| 1295 | - } | |
| 1296 | - | |
| 1297 | - isec = inode->i_security; | |
| 1298 | - | |
| 1299 | - if (isec->security_attr_init) | |
| 1300 | - return 0; | |
| 1301 | - | |
| 1302 | - if (tsec->create_sid && sbsec->behavior != SECURITY_FS_USE_MNTPOINT) { | |
| 1303 | - newsid = tsec->create_sid; | |
| 1304 | - } else { | |
| 1305 | - rc = security_transition_sid(tsec->sid, dsec->sid, | |
| 1306 | - inode_mode_to_security_class(inode->i_mode), | |
| 1307 | - &newsid); | |
| 1308 | - if (rc) { | |
| 1309 | - printk(KERN_WARNING "post_create: " | |
| 1310 | - "security_transition_sid failed, rc=%d (dev=%s " | |
| 1311 | - "ino=%ld)\n", | |
| 1312 | - -rc, inode->i_sb->s_id, inode->i_ino); | |
| 1313 | - return rc; | |
| 1314 | - } | |
| 1315 | - } | |
| 1316 | - | |
| 1317 | - rc = inode_security_set_sid(inode, newsid); | |
| 1318 | - if (rc) { | |
| 1319 | - printk(KERN_WARNING "post_create: inode_security_set_sid " | |
| 1320 | - "failed, rc=%d (dev=%s ino=%ld)\n", | |
| 1321 | - -rc, inode->i_sb->s_id, inode->i_ino); | |
| 1322 | - return rc; | |
| 1323 | - } | |
| 1324 | - | |
| 1325 | - if (sbsec->behavior == SECURITY_FS_USE_XATTR && | |
| 1326 | - inode->i_op->setxattr) { | |
| 1327 | - /* Use extended attributes. */ | |
| 1328 | - rc = security_sid_to_context(newsid, &context, &len); | |
| 1329 | - if (rc) { | |
| 1330 | - printk(KERN_WARNING "post_create: sid_to_context " | |
| 1331 | - "failed, rc=%d (dev=%s ino=%ld)\n", | |
| 1332 | - -rc, inode->i_sb->s_id, inode->i_ino); | |
| 1333 | - return rc; | |
| 1334 | - } | |
| 1335 | - down(&inode->i_sem); | |
| 1336 | - rc = inode->i_op->setxattr(dentry, | |
| 1337 | - XATTR_NAME_SELINUX, | |
| 1338 | - context, len, 0); | |
| 1339 | - up(&inode->i_sem); | |
| 1340 | - kfree(context); | |
| 1341 | - if (rc < 0) { | |
| 1342 | - printk(KERN_WARNING "post_create: setxattr failed, " | |
| 1343 | - "rc=%d (dev=%s ino=%ld)\n", | |
| 1344 | - -rc, inode->i_sb->s_id, inode->i_ino); | |
| 1345 | - return rc; | |
| 1346 | - } | |
| 1347 | - } | |
| 1348 | - | |
| 1349 | - return 0; | |
| 1350 | -} | |
| 1351 | - | |
| 1352 | - | |
| 1353 | 1268 | /* Hook functions begin here. */ |
| 1354 | 1269 | |
| 1355 | 1270 | static int selinux_ptrace(struct task_struct *parent, struct task_struct *child) |
| ... | ... | @@ -2076,8 +1991,6 @@ |
| 2076 | 1991 | *len = clen; |
| 2077 | 1992 | } |
| 2078 | 1993 | |
| 2079 | - isec->security_attr_init = 1; | |
| 2080 | - | |
| 2081 | 1994 | return 0; |
| 2082 | 1995 | } |
| 2083 | 1996 | |
| ... | ... | @@ -2086,11 +1999,6 @@ |
| 2086 | 1999 | return may_create(dir, dentry, SECCLASS_FILE); |
| 2087 | 2000 | } |
| 2088 | 2001 | |
| 2089 | -static void selinux_inode_post_create(struct inode *dir, struct dentry *dentry, int mask) | |
| 2090 | -{ | |
| 2091 | - post_create(dir, dentry); | |
| 2092 | -} | |
| 2093 | - | |
| 2094 | 2002 | static int selinux_inode_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry) |
| 2095 | 2003 | { |
| 2096 | 2004 | int rc; |
| 2097 | 2005 | |
| ... | ... | @@ -2121,21 +2029,11 @@ |
| 2121 | 2029 | return may_create(dir, dentry, SECCLASS_LNK_FILE); |
| 2122 | 2030 | } |
| 2123 | 2031 | |
| 2124 | -static void selinux_inode_post_symlink(struct inode *dir, struct dentry *dentry, const char *name) | |
| 2125 | -{ | |
| 2126 | - post_create(dir, dentry); | |
| 2127 | -} | |
| 2128 | - | |
| 2129 | 2032 | static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, int mask) |
| 2130 | 2033 | { |
| 2131 | 2034 | return may_create(dir, dentry, SECCLASS_DIR); |
| 2132 | 2035 | } |
| 2133 | 2036 | |
| 2134 | -static void selinux_inode_post_mkdir(struct inode *dir, struct dentry *dentry, int mask) | |
| 2135 | -{ | |
| 2136 | - post_create(dir, dentry); | |
| 2137 | -} | |
| 2138 | - | |
| 2139 | 2037 | static int selinux_inode_rmdir(struct inode *dir, struct dentry *dentry) |
| 2140 | 2038 | { |
| 2141 | 2039 | return may_link(dir, dentry, MAY_RMDIR); |
| ... | ... | @@ -2152,11 +2050,6 @@ |
| 2152 | 2050 | return may_create(dir, dentry, inode_mode_to_security_class(mode)); |
| 2153 | 2051 | } |
| 2154 | 2052 | |
| 2155 | -static void selinux_inode_post_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) | |
| 2156 | -{ | |
| 2157 | - post_create(dir, dentry); | |
| 2158 | -} | |
| 2159 | - | |
| 2160 | 2053 | static int selinux_inode_rename(struct inode *old_inode, struct dentry *old_dentry, |
| 2161 | 2054 | struct inode *new_inode, struct dentry *new_dentry) |
| 2162 | 2055 | { |
| 2163 | 2056 | |
| 2164 | 2057 | |
| 2165 | 2058 | |
| ... | ... | @@ -4363,17 +4256,13 @@ |
| 4363 | 4256 | .inode_free_security = selinux_inode_free_security, |
| 4364 | 4257 | .inode_init_security = selinux_inode_init_security, |
| 4365 | 4258 | .inode_create = selinux_inode_create, |
| 4366 | - .inode_post_create = selinux_inode_post_create, | |
| 4367 | 4259 | .inode_link = selinux_inode_link, |
| 4368 | 4260 | .inode_post_link = selinux_inode_post_link, |
| 4369 | 4261 | .inode_unlink = selinux_inode_unlink, |
| 4370 | 4262 | .inode_symlink = selinux_inode_symlink, |
| 4371 | - .inode_post_symlink = selinux_inode_post_symlink, | |
| 4372 | 4263 | .inode_mkdir = selinux_inode_mkdir, |
| 4373 | - .inode_post_mkdir = selinux_inode_post_mkdir, | |
| 4374 | 4264 | .inode_rmdir = selinux_inode_rmdir, |
| 4375 | 4265 | .inode_mknod = selinux_inode_mknod, |
| 4376 | - .inode_post_mknod = selinux_inode_post_mknod, | |
| 4377 | 4266 | .inode_rename = selinux_inode_rename, |
| 4378 | 4267 | .inode_post_rename = selinux_inode_post_rename, |
| 4379 | 4268 | .inode_readlink = selinux_inode_readlink, |
security/selinux/include/objsec.h
| ... | ... | @@ -46,7 +46,6 @@ |
| 46 | 46 | unsigned char initialized; /* initialization flag */ |
| 47 | 47 | struct semaphore sem; |
| 48 | 48 | unsigned char inherit; /* inherit SID from parent entry */ |
| 49 | - unsigned char security_attr_init; /* security attributes init flag */ | |
| 50 | 49 | }; |
| 51 | 50 | |
| 52 | 51 | struct file_security_struct { |