Commit b0ae19811375031ae3b3fecc65b702a9c6e5cc28
Committed by
James Morris
1 parent
9b3056cca0
Exists in
master
and in
20 other branches
security: remove unused parameter from security_task_setscheduler()
All security modules shouldn't change sched_param parameter of security_task_setscheduler(). This is not only meaningless, but also make a harmful result if caller pass a static variable. This patch remove policy and sched_param parameter from security_task_setscheduler() becuase none of security module is using it. Cc: James Morris <jmorris@namei.org> Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: James Morris <jmorris@namei.org>
Showing 8 changed files with 17 additions and 26 deletions Side-by-side Diff
arch/mips/kernel/mips-mt-fpaff.c
include/linux/security.h
... | ... | @@ -74,7 +74,7 @@ |
74 | 74 | extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags); |
75 | 75 | extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, |
76 | 76 | unsigned long arg4, unsigned long arg5); |
77 | -extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp); | |
77 | +extern int cap_task_setscheduler(struct task_struct *p); | |
78 | 78 | extern int cap_task_setioprio(struct task_struct *p, int ioprio); |
79 | 79 | extern int cap_task_setnice(struct task_struct *p, int nice); |
80 | 80 | extern int cap_syslog(int type, bool from_file); |
... | ... | @@ -1501,8 +1501,7 @@ |
1501 | 1501 | int (*task_getioprio) (struct task_struct *p); |
1502 | 1502 | int (*task_setrlimit) (struct task_struct *p, unsigned int resource, |
1503 | 1503 | struct rlimit *new_rlim); |
1504 | - int (*task_setscheduler) (struct task_struct *p, int policy, | |
1505 | - struct sched_param *lp); | |
1504 | + int (*task_setscheduler) (struct task_struct *p); | |
1506 | 1505 | int (*task_getscheduler) (struct task_struct *p); |
1507 | 1506 | int (*task_movememory) (struct task_struct *p); |
1508 | 1507 | int (*task_kill) (struct task_struct *p, |
... | ... | @@ -1752,8 +1751,7 @@ |
1752 | 1751 | int security_task_getioprio(struct task_struct *p); |
1753 | 1752 | int security_task_setrlimit(struct task_struct *p, unsigned int resource, |
1754 | 1753 | struct rlimit *new_rlim); |
1755 | -int security_task_setscheduler(struct task_struct *p, | |
1756 | - int policy, struct sched_param *lp); | |
1754 | +int security_task_setscheduler(struct task_struct *p); | |
1757 | 1755 | int security_task_getscheduler(struct task_struct *p); |
1758 | 1756 | int security_task_movememory(struct task_struct *p); |
1759 | 1757 | int security_task_kill(struct task_struct *p, struct siginfo *info, |
1760 | 1758 | |
... | ... | @@ -2320,11 +2318,9 @@ |
2320 | 2318 | return 0; |
2321 | 2319 | } |
2322 | 2320 | |
2323 | -static inline int security_task_setscheduler(struct task_struct *p, | |
2324 | - int policy, | |
2325 | - struct sched_param *lp) | |
2321 | +static inline int security_task_setscheduler(struct task_struct *p) | |
2326 | 2322 | { |
2327 | - return cap_task_setscheduler(p, policy, lp); | |
2323 | + return cap_task_setscheduler(p); | |
2328 | 2324 | } |
2329 | 2325 | |
2330 | 2326 | static inline int security_task_getscheduler(struct task_struct *p) |
kernel/cpuset.c
... | ... | @@ -1397,7 +1397,7 @@ |
1397 | 1397 | if (tsk->flags & PF_THREAD_BOUND) |
1398 | 1398 | return -EINVAL; |
1399 | 1399 | |
1400 | - ret = security_task_setscheduler(tsk, 0, NULL); | |
1400 | + ret = security_task_setscheduler(tsk); | |
1401 | 1401 | if (ret) |
1402 | 1402 | return ret; |
1403 | 1403 | if (threadgroup) { |
... | ... | @@ -1405,7 +1405,7 @@ |
1405 | 1405 | |
1406 | 1406 | rcu_read_lock(); |
1407 | 1407 | list_for_each_entry_rcu(c, &tsk->thread_group, thread_group) { |
1408 | - ret = security_task_setscheduler(c, 0, NULL); | |
1408 | + ret = security_task_setscheduler(c); | |
1409 | 1409 | if (ret) { |
1410 | 1410 | rcu_read_unlock(); |
1411 | 1411 | return ret; |
kernel/sched.c
... | ... | @@ -4645,7 +4645,7 @@ |
4645 | 4645 | } |
4646 | 4646 | |
4647 | 4647 | if (user) { |
4648 | - retval = security_task_setscheduler(p, policy, param); | |
4648 | + retval = security_task_setscheduler(p); | |
4649 | 4649 | if (retval) |
4650 | 4650 | return retval; |
4651 | 4651 | } |
... | ... | @@ -4887,7 +4887,7 @@ |
4887 | 4887 | if (!check_same_owner(p) && !capable(CAP_SYS_NICE)) |
4888 | 4888 | goto out_unlock; |
4889 | 4889 | |
4890 | - retval = security_task_setscheduler(p, 0, NULL); | |
4890 | + retval = security_task_setscheduler(p); | |
4891 | 4891 | if (retval) |
4892 | 4892 | goto out_unlock; |
4893 | 4893 |
security/commoncap.c
... | ... | @@ -719,14 +719,11 @@ |
719 | 719 | /** |
720 | 720 | * cap_task_setscheduler - Detemine if scheduler policy change is permitted |
721 | 721 | * @p: The task to affect |
722 | - * @policy: The policy to effect | |
723 | - * @lp: The parameters to the scheduling policy | |
724 | 722 | * |
725 | 723 | * Detemine if the requested scheduler policy change is permitted for the |
726 | 724 | * specified task, returning 0 if permission is granted, -ve if denied. |
727 | 725 | */ |
728 | -int cap_task_setscheduler(struct task_struct *p, int policy, | |
729 | - struct sched_param *lp) | |
726 | +int cap_task_setscheduler(struct task_struct *p) | |
730 | 727 | { |
731 | 728 | return cap_safe_nice(p); |
732 | 729 | } |
security/security.c
... | ... | @@ -778,10 +778,9 @@ |
778 | 778 | return security_ops->task_setrlimit(p, resource, new_rlim); |
779 | 779 | } |
780 | 780 | |
781 | -int security_task_setscheduler(struct task_struct *p, | |
782 | - int policy, struct sched_param *lp) | |
781 | +int security_task_setscheduler(struct task_struct *p) | |
783 | 782 | { |
784 | - return security_ops->task_setscheduler(p, policy, lp); | |
783 | + return security_ops->task_setscheduler(p); | |
785 | 784 | } |
786 | 785 | |
787 | 786 | int security_task_getscheduler(struct task_struct *p) |
security/selinux/hooks.c
... | ... | @@ -3354,11 +3354,11 @@ |
3354 | 3354 | return 0; |
3355 | 3355 | } |
3356 | 3356 | |
3357 | -static int selinux_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp) | |
3357 | +static int selinux_task_setscheduler(struct task_struct *p) | |
3358 | 3358 | { |
3359 | 3359 | int rc; |
3360 | 3360 | |
3361 | - rc = cap_task_setscheduler(p, policy, lp); | |
3361 | + rc = cap_task_setscheduler(p); | |
3362 | 3362 | if (rc) |
3363 | 3363 | return rc; |
3364 | 3364 |
security/smack/smack_lsm.c
... | ... | @@ -1281,12 +1281,11 @@ |
1281 | 1281 | * |
1282 | 1282 | * Return 0 if read access is permitted |
1283 | 1283 | */ |
1284 | -static int smack_task_setscheduler(struct task_struct *p, int policy, | |
1285 | - struct sched_param *lp) | |
1284 | +static int smack_task_setscheduler(struct task_struct *p) | |
1286 | 1285 | { |
1287 | 1286 | int rc; |
1288 | 1287 | |
1289 | - rc = cap_task_setscheduler(p, policy, lp); | |
1288 | + rc = cap_task_setscheduler(p); | |
1290 | 1289 | if (rc == 0) |
1291 | 1290 | rc = smk_curacc_on_task(p, MAY_WRITE); |
1292 | 1291 | return rc; |