From c1e992b99603a84d7debb188542b64f2d9232c07 Mon Sep 17 00:00:00 2001 From: "wzt.wzt@gmail.com" Date: Fri, 26 Feb 2010 22:49:55 +0800 Subject: Security: Add __init to register_security to disable load a security module on runtime LSM framework doesn't allow to load a security module on runtime, it must be loaded on boot time. but in security/security.c: int register_security(struct security_operations *ops) { ... if (security_ops != &default_security_ops) return -EAGAIN; ... } if security_ops == &default_security_ops, it can access to register a security module. If selinux is enabled, other security modules can't register, but if selinux is disabled on boot time, the security_ops was set to default_security_ops, LSM allows other kernel modules to use register_security() to register a not trust security module. For example: disable selinux on boot time(selinux=0). #include #include #include #include #include #include #include MODULE_LICENSE("GPL"); MODULE_AUTHOR("wzt"); extern int register_security(struct security_operations *ops); int (*new_register_security)(struct security_operations *ops); int rootkit_bprm_check_security(struct linux_binprm *bprm) { return 0; } struct security_operations rootkit_ops = { .bprm_check_security = rootkit_bprm_check_security, }; static int rootkit_init(void) { printk("Load LSM rootkit module.\n"); /* cat /proc/kallsyms | grep register_security */ new_register_security = 0xc0756689; if (new_register_security(&rootkit_ops)) { printk("Can't register rootkit module.\n"); return 0; } printk("Register rootkit module ok.\n"); return 0; } static void rootkit_exit(void) { printk("Unload LSM rootkit module.\n"); } module_init(rootkit_init); module_exit(rootkit_exit); Signed-off-by: Zhitong Wang Signed-off-by: James Morris --- security/security.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/security.c b/security/security.c index 122b748d0f4..7da630a8c06 100644 --- a/security/security.c +++ b/security/security.c @@ -110,7 +110,7 @@ int __init security_module_enable(struct security_operations *ops) * If there is already a security module registered with the kernel, * an error will be returned. Otherwise %0 is returned on success. */ -int register_security(struct security_operations *ops) +int __init register_security(struct security_operations *ops) { if (verify(ops)) { printk(KERN_DEBUG "%s could not verify " -- cgit v1.2.3-18-g5258 From b380de9e54ec354ccac55fd9a611ffe28b4daa76 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Mon, 1 Mar 2010 19:47:04 +0900 Subject: TOMOYO: Remove unused variables. Variable "atmark" is currently unused. Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/common.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index e0d0354008b..be1099b3bb4 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -1424,7 +1424,6 @@ static bool tomoyo_print_single_path_acl(struct tomoyo_io_buffer *head, { int pos; u8 bit; - const char *atmark = ""; const char *filename; const u16 perm = ptr->perm; @@ -1441,8 +1440,7 @@ static bool tomoyo_print_single_path_acl(struct tomoyo_io_buffer *head, continue; msg = tomoyo_sp2keyword(bit); pos = head->read_avail; - if (!tomoyo_io_printf(head, "allow_%s %s%s\n", msg, - atmark, filename)) + if (!tomoyo_io_printf(head, "allow_%s %s\n", msg, filename)) goto out; } head->read_bit = 0; @@ -1466,8 +1464,6 @@ static bool tomoyo_print_double_path_acl(struct tomoyo_io_buffer *head, ptr) { int pos; - const char *atmark1 = ""; - const char *atmark2 = ""; const char *filename1; const char *filename2; const u8 perm = ptr->perm; @@ -1482,8 +1478,8 @@ static bool tomoyo_print_double_path_acl(struct tomoyo_io_buffer *head, continue; msg = tomoyo_dp2keyword(bit); pos = head->read_avail; - if (!tomoyo_io_printf(head, "allow_%s %s%s %s%s\n", msg, - atmark1, filename1, atmark2, filename2)) + if (!tomoyo_io_printf(head, "allow_%s %s %s\n", msg, + filename1, filename2)) goto out; } head->read_bit = 0; -- cgit v1.2.3-18-g5258 From 31637b55b09753de9d5e24afc3a1d7fbdb2108d8 Mon Sep 17 00:00:00 2001 From: "wzt.wzt@gmail.com" Date: Tue, 2 Mar 2010 15:08:58 +0800 Subject: Selinux: Remove unused headers list.h in selinux/netlink.c list.h is unused in netlink.c, so remove it. Signed-off-by: Zhitong Wang Signed-off-by: James Morris --- security/selinux/netlink.c | 1 - 1 file changed, 1 deletion(-) diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c index 1ae556446e6..7d7be296d87 100644 --- a/security/selinux/netlink.c +++ b/security/selinux/netlink.c @@ -13,7 +13,6 @@ #include #include #include -#include #include #include #include -- cgit v1.2.3-18-g5258 From dbba541f9d9bd2c200041bc1b37c59dbaf9beb75 Mon Sep 17 00:00:00 2001 From: "wzt.wzt@gmail.com" Date: Tue, 2 Mar 2010 17:03:43 +0800 Subject: Selinux: Remove unused headers slab.h in selinux/ss/symtab.c slab.h is unused in symtab.c, so remove it. Signed-off-by: Zhitong Wang Signed-off-by: James Morris --- security/selinux/ss/symtab.c | 1 - 1 file changed, 1 deletion(-) diff --git a/security/selinux/ss/symtab.c b/security/selinux/ss/symtab.c index 837658a98a5..bcf9f620426 100644 --- a/security/selinux/ss/symtab.c +++ b/security/selinux/ss/symtab.c @@ -4,7 +4,6 @@ * Author : Stephen Smalley, */ #include -#include #include #include #include "symtab.h" -- cgit v1.2.3-18-g5258 From 06b9b72df43800b9ae4e77202c8bf5848c9d6998 Mon Sep 17 00:00:00 2001 From: "wzt.wzt@gmail.com" Date: Wed, 3 Mar 2010 21:29:37 +0800 Subject: Selinux: Remove unused headers skbuff.h in selinux/nlmsgtab.c skbuff.h is already included by netlink.h, so remove it. Signed-off-by: Zhitong Wang Signed-off-by: James Morris --- security/selinux/nlmsgtab.c | 1 - 1 file changed, 1 deletion(-) diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index dd7cc6de77f..75ec0c6ebac 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -11,7 +11,6 @@ */ #include #include -#include #include #include #include -- cgit v1.2.3-18-g5258 From c8563473c1259f5686ceb918c548c80132089f79 Mon Sep 17 00:00:00 2001 From: "wzt.wzt@gmail.com" Date: Thu, 4 Mar 2010 21:26:23 +0800 Subject: Security: Fix some coding styles in security/keys/keyring.c Fix some coding styles in security/keys/keyring.c Signed-off-by: Zhitong Wang Signed-off-by: James Morris --- security/keys/keyring.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/security/keys/keyring.c b/security/keys/keyring.c index e814d2109f8..a98fb376f24 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -170,12 +170,10 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m) { struct keyring_list *klist; - if (keyring->description) { + if (keyring->description) seq_puts(m, keyring->description); - } - else { + else seq_puts(m, "[anon]"); - } rcu_read_lock(); klist = rcu_dereference(keyring->payload.subscriptions); -- cgit v1.2.3-18-g5258 From 634a539e16bd7a1ba31c3f832baa725565cc9f96 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 4 Mar 2010 21:59:03 -0800 Subject: selinux: const strings in tables Several places strings tables are used that should be declared const. Signed-off-by: Stephen Hemminger Signed-off-by: James Morris --- security/selinux/hooks.c | 2 +- security/selinux/include/initial_sid_to_string.h | 2 +- security/selinux/ss/policydb.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9a2ee845e9d..e1202cbceee 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -329,7 +329,7 @@ extern int ss_initialized; /* The file system's label must be initialized prior to use. */ -static char *labeling_behaviors[6] = { +static const char *labeling_behaviors[6] = { "uses xattr", "uses transition SIDs", "uses task SIDs", diff --git a/security/selinux/include/initial_sid_to_string.h b/security/selinux/include/initial_sid_to_string.h index d4fac82793a..a59b64e3fd0 100644 --- a/security/selinux/include/initial_sid_to_string.h +++ b/security/selinux/include/initial_sid_to_string.h @@ -1,5 +1,5 @@ /* This file is automatically generated. Do not edit. */ -static char *initial_sid_to_string[] = +static const char *initial_sid_to_string[] = { "null", "kernel", diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index f03667213ea..62361985189 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -40,7 +40,7 @@ #define _DEBUG_HASHES #ifdef DEBUG_HASHES -static char *symtab_name[SYM_NUM] = { +static const char *symtab_name[SYM_NUM] = { "common prefixes", "classes", "roles", -- cgit v1.2.3-18-g5258 From 512ea3bc30c0e052a961e1abce8e783f3e28c92a Mon Sep 17 00:00:00 2001 From: Chihau Chau Date: Mon, 8 Mar 2010 20:11:34 -0300 Subject: Security: key: keyring: fix some code style issues This fixes to include instead and some code style issues like to put a else sentence below close brace '}' and to replace a tab instead of some space characters. Signed-off-by: Chihau Chau Acked-by: David Howells Signed-off-by: James Morris --- security/keys/keyring.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/security/keys/keyring.c b/security/keys/keyring.c index a98fb376f24..fe0763a18c1 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -17,7 +17,7 @@ #include #include #include -#include +#include #include "internal.h" /* @@ -304,7 +304,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref, key_check(keyring); /* top keyring must have search permission to begin the search */ - err = key_task_permission(keyring_ref, cred, KEY_SEARCH); + err = key_task_permission(keyring_ref, cred, KEY_SEARCH); if (err < 0) { key_ref = ERR_PTR(err); goto error; @@ -773,8 +773,7 @@ int __key_link(struct key *keyring, struct key *key) smp_wmb(); klist->nkeys++; smp_wmb(); - } - else { + } else { /* grow the key list */ max = 4; if (klist) -- cgit v1.2.3-18-g5258 From a19c5bbefb37ebe22fb42bd3861a8d3b2a2652a1 Mon Sep 17 00:00:00 2001 From: H Hartley Sweeten Date: Tue, 9 Mar 2010 17:59:59 -0600 Subject: security/ima: replace gcc specific __FUNCTION__ with __func__ As noted by checkpatch.pl, __func__ should be used instead of gcc specific __FUNCTION__. Signed-off-by: H Hartley Sweeten Signed-off-by: James Morris --- security/integrity/ima/ima_iint.c | 6 +++--- security/integrity/ima/ima_main.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index 2d4d05d92fd..6cc22430cb4 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c @@ -79,17 +79,17 @@ void iint_free(struct kref *kref) iint->version = 0; iint->flags = 0UL; if (iint->readcount != 0) { - printk(KERN_INFO "%s: readcount: %ld\n", __FUNCTION__, + printk(KERN_INFO "%s: readcount: %ld\n", __func__, iint->readcount); iint->readcount = 0; } if (iint->writecount != 0) { - printk(KERN_INFO "%s: writecount: %ld\n", __FUNCTION__, + printk(KERN_INFO "%s: writecount: %ld\n", __func__, iint->writecount); iint->writecount = 0; } if (iint->opencount != 0) { - printk(KERN_INFO "%s: opencount: %ld\n", __FUNCTION__, + printk(KERN_INFO "%s: opencount: %ld\n", __func__, iint->opencount); iint->opencount = 0; } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 294b005d652..983037fb9a9 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -194,7 +194,7 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode, (iint->writecount < 0)) && !ima_limit_imbalance(file)) { printk(KERN_INFO "%s: open/free imbalance (r:%ld w:%ld o:%ld)\n", - __FUNCTION__, iint->readcount, iint->writecount, + __func__, iint->readcount, iint->writecount, iint->opencount); dump_stack(); } -- cgit v1.2.3-18-g5258 From 77c160e7798b4141a0705c734397a9236bb0e726 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Mon, 15 Mar 2010 10:42:11 -0400 Subject: SELinux: Reduce max avtab size to avoid page allocation failures Reduce MAX_AVTAB_HASH_BITS so that the avtab allocation is an order 2 allocation rather than an order 4 allocation on x86_64. This addresses reports of page allocation failures: http://marc.info/?l=selinux&m=126757230625867&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=570433 Reported-by: Russell Coker Signed-off-by: Stephen D. Smalley Acked-by: Eric Paris Signed-off-by: James Morris --- security/selinux/ss/avtab.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index 8da6a842808..cd4f734e274 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -82,7 +82,7 @@ struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified void avtab_cache_init(void); void avtab_cache_destroy(void); -#define MAX_AVTAB_HASH_BITS 13 +#define MAX_AVTAB_HASH_BITS 11 #define MAX_AVTAB_HASH_BUCKETS (1 << MAX_AVTAB_HASH_BITS) #define MAX_AVTAB_HASH_MASK (MAX_AVTAB_HASH_BUCKETS-1) #define MAX_AVTAB_SIZE MAX_AVTAB_HASH_BUCKETS -- cgit v1.2.3-18-g5258 From 310de047eef6685274045db1e6b39c9f313df428 Mon Sep 17 00:00:00 2001 From: James Morris Date: Tue, 16 Mar 2010 08:47:36 +1100 Subject: selinux: fix warning in genheaders Fix const warning in the genheaders script as a result of changes to the headers, as noted here: http://linux.derkeiler.com/Mailing-Lists/Kernel/2010-03/msg03977.html Reported-by: Stephen Rothwell Signed-off-by: James Morris --- scripts/selinux/genheaders/genheaders.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c index 24626968055..58a12c27870 100644 --- a/scripts/selinux/genheaders/genheaders.c +++ b/scripts/selinux/genheaders/genheaders.c @@ -81,7 +81,7 @@ int main(int argc, char *argv[]) fprintf(fout, "\n"); for (i = 1; i < isids_len; i++) { - char *s = initial_sid_to_string[i]; + const char *s = initial_sid_to_string[i]; fprintf(fout, "#define SECINITSID_%s", s); for (j = 0; j < max(1, 40 - strlen(s)); j++) fprintf(fout, " "); -- cgit v1.2.3-18-g5258 From 225a9be24d799aa16d543c31fb09f0c9ed1d9caa Mon Sep 17 00:00:00 2001 From: Rajiv Andrade Date: Thu, 25 Mar 2010 00:55:32 -0300 Subject: TPM: workaround to enforce PCR updates across suspends Add a workaround for TPM's which fail to flush last written PCR values in a TPM_SaveState, in preparation for suspend. Signed-off-by: David Safford Acked-by: Rajiv Andrade Signed-off-by: James Morris --- Documentation/kernel-parameters.txt | 10 ++++++++ drivers/char/tpm/tpm.c | 47 +++++++++++++++++++++++++++++++------ 2 files changed, 50 insertions(+), 7 deletions(-) diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index d80930d58da..e0df679c390 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -99,6 +99,7 @@ parameter is applicable: SWSUSP Software suspend (hibernation) is enabled. SUSPEND System suspend states are enabled. FTRACE Function tracing enabled. + TPM TPM drivers are enabled. TS Appropriate touchscreen support is enabled. UMS USB Mass Storage support is enabled. USB USB support is enabled. @@ -2619,6 +2620,15 @@ and is between 256 and 4096 characters. It is defined in the file tp720= [HW,PS2] + tpm_suspend_pcr=[HW,TPM] + Format: integer pcr id + Specify that at suspend time, the tpm driver + should extend the specified pcr with zeros, + as a workaround for some chips which fail to + flush the last written pcr on TPM_SaveState. + This will guarantee that all the other pcrs + are saved. + trace_buf_size=nn[KMG] [FTRACE] will set tracing buffer size. diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c index f06bb37defb..5c447c991bd 100644 --- a/drivers/char/tpm/tpm.c +++ b/drivers/char/tpm/tpm.c @@ -1067,6 +1067,27 @@ void tpm_remove_hardware(struct device *dev) } EXPORT_SYMBOL_GPL(tpm_remove_hardware); +#define TPM_ORD_SAVESTATE cpu_to_be32(152) +#define SAVESTATE_RESULT_SIZE 10 + +static struct tpm_input_header savestate_header = { + .tag = TPM_TAG_RQU_COMMAND, + .length = cpu_to_be32(10), + .ordinal = TPM_ORD_SAVESTATE +}; + +/* Bug workaround - some TPM's don't flush the most + * recently changed pcr on suspend, so force the flush + * with an extend to the selected _unused_ non-volatile pcr. + */ +static int tpm_suspend_pcr; +static int __init tpm_suspend_setup(char *str) +{ + get_option(&str, &tpm_suspend_pcr); + return 1; +} +__setup("tpm_suspend_pcr=", tpm_suspend_setup); + /* * We are about to suspend. Save the TPM state * so that it can be restored. @@ -1074,17 +1095,29 @@ EXPORT_SYMBOL_GPL(tpm_remove_hardware); int tpm_pm_suspend(struct device *dev, pm_message_t pm_state) { struct tpm_chip *chip = dev_get_drvdata(dev); - u8 savestate[] = { - 0, 193, /* TPM_TAG_RQU_COMMAND */ - 0, 0, 0, 10, /* blob length (in bytes) */ - 0, 0, 0, 152 /* TPM_ORD_SaveState */ - }; + struct tpm_cmd_t cmd; + int rc; + + u8 dummy_hash[TPM_DIGEST_SIZE] = { 0 }; if (chip == NULL) return -ENODEV; - tpm_transmit(chip, savestate, sizeof(savestate)); - return 0; + /* for buggy tpm, flush pcrs with extend to selected dummy */ + if (tpm_suspend_pcr) { + cmd.header.in = pcrextend_header; + cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr); + memcpy(cmd.params.pcrextend_in.hash, dummy_hash, + TPM_DIGEST_SIZE); + rc = transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE, + "extending dummy pcr before suspend"); + } + + /* now do the actual savestate */ + cmd.header.in = savestate_header; + rc = transmit_cmd(chip, &cmd, SAVESTATE_RESULT_SIZE, + "sending savestate before suspend"); + return rc; } EXPORT_SYMBOL_GPL(tpm_pm_suspend); -- cgit v1.2.3-18-g5258 From dd3e7836bfe093fc611f715c323cf53be9252b27 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:08:46 -0400 Subject: selinux: always call sk_security_struct sksec trying to grep everything that messes with a sk_security_struct isn't easy since we don't always call it sksec. Just rename everything sksec. Signed-off-by: Eric Paris Signed-off-by: James Morris --- security/selinux/hooks.c | 50 ++++++++++++++++++------------------- security/selinux/include/netlabel.h | 8 +++--- security/selinux/netlabel.c | 14 +++++------ 3 files changed, 36 insertions(+), 36 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 63c2d36d55a..ebee467e291 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -293,28 +293,28 @@ static void superblock_free_security(struct super_block *sb) static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) { - struct sk_security_struct *ssec; + struct sk_security_struct *sksec; - ssec = kzalloc(sizeof(*ssec), priority); - if (!ssec) + sksec = kzalloc(sizeof(*sksec), priority); + if (!sksec) return -ENOMEM; - ssec->peer_sid = SECINITSID_UNLABELED; - ssec->sid = SECINITSID_UNLABELED; - sk->sk_security = ssec; + sksec->peer_sid = SECINITSID_UNLABELED; + sksec->sid = SECINITSID_UNLABELED; + sk->sk_security = sksec; - selinux_netlbl_sk_security_reset(ssec); + selinux_netlbl_sk_security_reset(sksec); return 0; } static void sk_free_security(struct sock *sk) { - struct sk_security_struct *ssec = sk->sk_security; + struct sk_security_struct *sksec = sk->sk_security; sk->sk_security = NULL; - selinux_netlbl_sk_security_free(ssec); - kfree(ssec); + selinux_netlbl_sk_security_free(sksec); + kfree(sksec); } /* The security server must be initialized before @@ -4002,7 +4002,7 @@ static int selinux_socket_unix_stream_connect(struct socket *sock, struct socket *other, struct sock *newsk) { - struct sk_security_struct *ssec; + struct sk_security_struct *sksec; struct inode_security_struct *isec; struct inode_security_struct *other_isec; struct common_audit_data ad; @@ -4021,13 +4021,13 @@ static int selinux_socket_unix_stream_connect(struct socket *sock, return err; /* connecting socket */ - ssec = sock->sk->sk_security; - ssec->peer_sid = other_isec->sid; + sksec = sock->sk->sk_security; + sksec->peer_sid = other_isec->sid; /* server child socket */ - ssec = newsk->sk_security; - ssec->peer_sid = isec->sid; - err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid); + sksec = newsk->sk_security; + sksec->peer_sid = isec->sid; + err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid); return err; } @@ -4190,7 +4190,7 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op int err = 0; char *scontext; u32 scontext_len; - struct sk_security_struct *ssec; + struct sk_security_struct *sksec; struct inode_security_struct *isec; u32 peer_sid = SECSID_NULL; @@ -4198,8 +4198,8 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET || isec->sclass == SECCLASS_TCP_SOCKET) { - ssec = sock->sk->sk_security; - peer_sid = ssec->peer_sid; + sksec = sock->sk->sk_security; + peer_sid = sksec->peer_sid; } if (peer_sid == SECSID_NULL) { err = -ENOPROTOOPT; @@ -4266,14 +4266,14 @@ static void selinux_sk_free_security(struct sock *sk) static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) { - struct sk_security_struct *ssec = sk->sk_security; - struct sk_security_struct *newssec = newsk->sk_security; + struct sk_security_struct *sksec = sk->sk_security; + struct sk_security_struct *newsksec = newsk->sk_security; - newssec->sid = ssec->sid; - newssec->peer_sid = ssec->peer_sid; - newssec->sclass = ssec->sclass; + newsksec->sid = sksec->sid; + newsksec->peer_sid = sksec->peer_sid; + newsksec->sclass = sksec->sclass; - selinux_netlbl_sk_security_reset(newssec); + selinux_netlbl_sk_security_reset(newsksec); } static void selinux_sk_getsecid(struct sock *sk, u32 *secid) diff --git a/security/selinux/include/netlabel.h b/security/selinux/include/netlabel.h index 8d7384280a7..cf2f628e6e2 100644 --- a/security/selinux/include/netlabel.h +++ b/security/selinux/include/netlabel.h @@ -42,8 +42,8 @@ void selinux_netlbl_cache_invalidate(void); void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway); -void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec); -void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec); +void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec); +void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec); int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, u16 family, @@ -79,13 +79,13 @@ static inline void selinux_netlbl_err(struct sk_buff *skb, } static inline void selinux_netlbl_sk_security_free( - struct sk_security_struct *ssec) + struct sk_security_struct *sksec) { return; } static inline void selinux_netlbl_sk_security_reset( - struct sk_security_struct *ssec) + struct sk_security_struct *sksec) { return; } diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index 2534400317c..3d09a2afc33 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c @@ -131,21 +131,21 @@ void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway) /** * selinux_netlbl_sk_security_free - Free the NetLabel fields - * @sssec: the sk_security_struct + * @sksec: the sk_security_struct * * Description: * Free all of the memory in the NetLabel fields of a sk_security_struct. * */ -void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) +void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec) { - if (ssec->nlbl_secattr != NULL) - netlbl_secattr_free(ssec->nlbl_secattr); + if (sksec->nlbl_secattr != NULL) + netlbl_secattr_free(sksec->nlbl_secattr); } /** * selinux_netlbl_sk_security_reset - Reset the NetLabel fields - * @ssec: the sk_security_struct + * @sksec: the sk_security_struct * @family: the socket family * * Description: @@ -153,9 +153,9 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) * The caller is responsibile for all the NetLabel sk_security_struct locking. * */ -void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec) +void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec) { - ssec->nlbl_state = NLBL_UNSET; + sksec->nlbl_state = NLBL_UNSET; } /** -- cgit v1.2.3-18-g5258 From e2902eb79fdea3c3bf679a8f15f3432b393cb2c0 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:10:35 -0400 Subject: SMACK: remove dead cred_commit hook This is an unused hook in SMACK so remove it. Signed-off-by: Eric Paris Acked-by: Casey Schaufler Signed-off-by: James Morris --- security/smack/smack_lsm.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 5225e668dbf..98eeddcb4b6 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1117,15 +1117,6 @@ static int smack_cred_prepare(struct cred *new, const struct cred *old, return 0; } -/** - * smack_cred_commit - commit new credentials - * @new: the new credentials - * @old: the original credentials - */ -static void smack_cred_commit(struct cred *new, const struct cred *old) -{ -} - /** * smack_cred_transfer - Transfer the old credentials to the new credentials * @new: the new credentials @@ -3120,7 +3111,6 @@ struct security_operations smack_ops = { .cred_alloc_blank = smack_cred_alloc_blank, .cred_free = smack_cred_free, .cred_prepare = smack_cred_prepare, - .cred_commit = smack_cred_commit, .cred_transfer = smack_cred_transfer, .kernel_act_as = smack_kernel_act_as, .kernel_create_files_as = smack_kernel_create_files_as, -- cgit v1.2.3-18-g5258 From c1a7368a6f0b18b10fdec87972da680ebdf03794 Mon Sep 17 00:00:00 2001 From: "wzt.wzt@gmail.com" Date: Fri, 9 Apr 2010 19:30:29 +0800 Subject: Security: Fix coding style in security/ Fix coding style in security/ Signed-off-by: Zhitong Wang Signed-off-by: James Morris --- security/selinux/selinuxfs.c | 44 +++++++++++++++++++++--------------------- security/selinux/ss/mls.c | 2 +- security/selinux/ss/policydb.c | 4 ++-- security/selinux/ss/services.c | 12 ++++++------ 4 files changed, 31 insertions(+), 31 deletions(-) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index cd191bbec03..0293843f7ed 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -503,11 +503,11 @@ static ssize_t sel_write_access(struct file *file, char *buf, size_t size) return length; length = -ENOMEM; - scon = kzalloc(size+1, GFP_KERNEL); + scon = kzalloc(size + 1, GFP_KERNEL); if (!scon) return length; - tcon = kzalloc(size+1, GFP_KERNEL); + tcon = kzalloc(size + 1, GFP_KERNEL); if (!tcon) goto out; @@ -515,10 +515,10 @@ static ssize_t sel_write_access(struct file *file, char *buf, size_t size) if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) goto out2; - length = security_context_to_sid(scon, strlen(scon)+1, &ssid); + length = security_context_to_sid(scon, strlen(scon) + 1, &ssid); if (length < 0) goto out2; - length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); + length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid); if (length < 0) goto out2; @@ -550,11 +550,11 @@ static ssize_t sel_write_create(struct file *file, char *buf, size_t size) return length; length = -ENOMEM; - scon = kzalloc(size+1, GFP_KERNEL); + scon = kzalloc(size + 1, GFP_KERNEL); if (!scon) return length; - tcon = kzalloc(size+1, GFP_KERNEL); + tcon = kzalloc(size + 1, GFP_KERNEL); if (!tcon) goto out; @@ -562,10 +562,10 @@ static ssize_t sel_write_create(struct file *file, char *buf, size_t size) if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) goto out2; - length = security_context_to_sid(scon, strlen(scon)+1, &ssid); + length = security_context_to_sid(scon, strlen(scon) + 1, &ssid); if (length < 0) goto out2; - length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); + length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid); if (length < 0) goto out2; @@ -609,11 +609,11 @@ static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size) return length; length = -ENOMEM; - scon = kzalloc(size+1, GFP_KERNEL); + scon = kzalloc(size + 1, GFP_KERNEL); if (!scon) return length; - tcon = kzalloc(size+1, GFP_KERNEL); + tcon = kzalloc(size + 1, GFP_KERNEL); if (!tcon) goto out; @@ -621,10 +621,10 @@ static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size) if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) goto out2; - length = security_context_to_sid(scon, strlen(scon)+1, &ssid); + length = security_context_to_sid(scon, strlen(scon) + 1, &ssid); if (length < 0) goto out2; - length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); + length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid); if (length < 0) goto out2; @@ -666,11 +666,11 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size) return length; length = -ENOMEM; - con = kzalloc(size+1, GFP_KERNEL); + con = kzalloc(size + 1, GFP_KERNEL); if (!con) return length; - user = kzalloc(size+1, GFP_KERNEL); + user = kzalloc(size + 1, GFP_KERNEL); if (!user) goto out; @@ -678,7 +678,7 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size) if (sscanf(buf, "%s %s", con, user) != 2) goto out2; - length = security_context_to_sid(con, strlen(con)+1, &sid); + length = security_context_to_sid(con, strlen(con) + 1, &sid); if (length < 0) goto out2; @@ -727,11 +727,11 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size) return length; length = -ENOMEM; - scon = kzalloc(size+1, GFP_KERNEL); + scon = kzalloc(size + 1, GFP_KERNEL); if (!scon) return length; - tcon = kzalloc(size+1, GFP_KERNEL); + tcon = kzalloc(size + 1, GFP_KERNEL); if (!tcon) goto out; @@ -739,10 +739,10 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size) if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) goto out2; - length = security_context_to_sid(scon, strlen(scon)+1, &ssid); + length = security_context_to_sid(scon, strlen(scon) + 1, &ssid); if (length < 0) goto out2; - length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); + length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid); if (length < 0) goto out2; @@ -1401,7 +1401,7 @@ static int sel_make_perm_files(char *objclass, int classvalue, } inode->i_fop = &sel_perm_ops; /* i+1 since perm values are 1-indexed */ - inode->i_ino = sel_perm_to_ino(classvalue, i+1); + inode->i_ino = sel_perm_to_ino(classvalue, i + 1); d_add(dentry, inode); } @@ -1489,7 +1489,7 @@ static int sel_make_classes(void) goto out; /* +2 since classes are 1-indexed */ - last_class_ino = sel_class_to_ino(nclasses+2); + last_class_ino = sel_class_to_ino(nclasses + 2); for (i = 0; i < nclasses; i++) { struct dentry *class_name_dir; @@ -1506,7 +1506,7 @@ static int sel_make_classes(void) goto out1; /* i+1 since class values are 1-indexed */ - rc = sel_make_class_dir_entries(classes[i], i+1, + rc = sel_make_class_dir_entries(classes[i], i + 1, class_name_dir); if (rc) goto out1; diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index 372b773f821..b4eff7a60c5 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -255,7 +255,7 @@ int mls_context_to_sid(struct policydb *pol, if (!pol->mls_enabled) { if (def_sid != SECSID_NULL && oldc) - *scontext += strlen(*scontext)+1; + *scontext += strlen(*scontext) + 1; return 0; } diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 24ced65ac4f..4f584fb71ef 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -156,7 +156,7 @@ static int roles_init(struct policydb *p) rc = -EINVAL; goto out_free_role; } - key = kmalloc(strlen(OBJECT_R)+1, GFP_KERNEL); + key = kmalloc(strlen(OBJECT_R) + 1, GFP_KERNEL); if (!key) { rc = -ENOMEM; goto out_free_role; @@ -2195,7 +2195,7 @@ int policydb_read(struct policydb *p, void *fp) rangetr_hash_eval(p->range_tr); } - p->type_attr_map = kmalloc(p->p_types.nprim*sizeof(struct ebitmap), GFP_KERNEL); + p->type_attr_map = kmalloc(p->p_types.nprim * sizeof(struct ebitmap), GFP_KERNEL); if (!p->type_attr_map) goto bad; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index cf27b3ee1a9..0b44f5a2b7b 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -274,15 +274,15 @@ static int constraint_expr_eval(struct context *scontext, case CEXPR_AND: BUG_ON(sp < 1); sp--; - s[sp] &= s[sp+1]; + s[sp] &= s[sp + 1]; break; case CEXPR_OR: BUG_ON(sp < 1); sp--; - s[sp] |= s[sp+1]; + s[sp] |= s[sp + 1]; break; case CEXPR_ATTR: - if (sp == (CEXPR_MAXDEPTH-1)) + if (sp == (CEXPR_MAXDEPTH - 1)) return 0; switch (e->attr) { case CEXPR_USER: @@ -1216,7 +1216,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, *sid = SECSID_NULL; /* Copy the string so that we can modify the copy as we parse it. */ - scontext2 = kmalloc(scontext_len+1, gfp_flags); + scontext2 = kmalloc(scontext_len + 1, gfp_flags); if (!scontext2) return -ENOMEM; memcpy(scontext2, scontext, scontext_len); @@ -2101,9 +2101,9 @@ int security_get_user_sids(u32 fromsid, ebitmap_for_each_positive_bit(&user->roles, rnode, i) { role = policydb.role_val_to_struct[i]; - usercon.role = i+1; + usercon.role = i + 1; ebitmap_for_each_positive_bit(&role->types, tnode, j) { - usercon.type = j+1; + usercon.type = j + 1; if (mls_setup_user_range(fromcon, user, &usercon)) continue; -- cgit v1.2.3-18-g5258 From 353633100d8d684ac0acae4ce93fb833f92881f4 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:15 -0400 Subject: security: remove sb_check_sb hooks Unused hook. Remove it. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/namespace.c | 5 ----- include/linux/security.h | 14 -------------- security/capability.c | 6 ------ security/security.c | 5 ----- 4 files changed, 30 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 8174c8ab5c7..c1d0d877bab 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1435,11 +1435,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path) if (IS_DEADDIR(path->dentry->d_inode)) goto out_unlock; - err = security_sb_check_sb(mnt, path); - if (err) - goto out_unlock; - - err = -ENOENT; if (!d_unlinked(path->dentry)) err = attach_recursive_mnt(mnt, path, NULL); out_unlock: diff --git a/include/linux/security.h b/include/linux/security.h index 233d20b52c1..9ebd2e411d2 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -267,12 +267,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @orig the original mount data copied from userspace. * @copy copied data which will be passed to the security module. * Returns 0 if the copy was successful. - * @sb_check_sb: - * Check permission before the device with superblock @mnt->sb is mounted - * on the mount point named by @nd. - * @mnt contains the vfsmount for device being mounted. - * @path contains the path for the mount point. - * Return 0 if permission is granted. * @sb_umount: * Check permission before the @mnt file system is unmounted. * @mnt contains the mounted file system. @@ -1484,7 +1478,6 @@ struct security_operations { int (*sb_statfs) (struct dentry *dentry); int (*sb_mount) (char *dev_name, struct path *path, char *type, unsigned long flags, void *data); - int (*sb_check_sb) (struct vfsmount *mnt, struct path *path); int (*sb_umount) (struct vfsmount *mnt, int flags); void (*sb_umount_close) (struct vfsmount *mnt); void (*sb_umount_busy) (struct vfsmount *mnt); @@ -1783,7 +1776,6 @@ int security_sb_show_options(struct seq_file *m, struct super_block *sb); int security_sb_statfs(struct dentry *dentry); int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); -int security_sb_check_sb(struct vfsmount *mnt, struct path *path); int security_sb_umount(struct vfsmount *mnt, int flags); void security_sb_umount_close(struct vfsmount *mnt); void security_sb_umount_busy(struct vfsmount *mnt); @@ -2099,12 +2091,6 @@ static inline int security_sb_mount(char *dev_name, struct path *path, return 0; } -static inline int security_sb_check_sb(struct vfsmount *mnt, - struct path *path) -{ - return 0; -} - static inline int security_sb_umount(struct vfsmount *mnt, int flags) { return 0; diff --git a/security/capability.c b/security/capability.c index 4875142b858..a7e905d8f1d 100644 --- a/security/capability.c +++ b/security/capability.c @@ -80,11 +80,6 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type, return 0; } -static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path) -{ - return 0; -} - static int cap_sb_umount(struct vfsmount *mnt, int flags) { return 0; @@ -941,7 +936,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_show_options); set_to_cap_if_null(ops, sb_statfs); set_to_cap_if_null(ops, sb_mount); - set_to_cap_if_null(ops, sb_check_sb); set_to_cap_if_null(ops, sb_umount); set_to_cap_if_null(ops, sb_umount_close); set_to_cap_if_null(ops, sb_umount_busy); diff --git a/security/security.c b/security/security.c index b98334b0a57..a0bee70ed4b 100644 --- a/security/security.c +++ b/security/security.c @@ -306,11 +306,6 @@ int security_sb_mount(char *dev_name, struct path *path, return security_ops->sb_mount(dev_name, path, type, flags, data); } -int security_sb_check_sb(struct vfsmount *mnt, struct path *path) -{ - return security_ops->sb_check_sb(mnt, path); -} - int security_sb_umount(struct vfsmount *mnt, int flags) { return security_ops->sb_umount(mnt, flags); -- cgit v1.2.3-18-g5258 From 231923bd0e06cba69f7c2028f4a68602b8d22160 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:21 -0400 Subject: security: remove dead hook sb_umount_close Unused hook. Remove. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/namespace.c | 1 - include/linux/security.h | 10 ---------- security/capability.c | 5 ----- security/security.c | 5 ----- 4 files changed, 21 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index c1d0d877bab..8aea78c8e76 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -628,7 +628,6 @@ repeat: mnt->mnt_pinned = 0; spin_unlock(&vfsmount_lock); acct_auto_close_mnt(mnt); - security_sb_umount_close(mnt); goto repeat; } } diff --git a/include/linux/security.h b/include/linux/security.h index 9ebd2e411d2..354b0ceefc8 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -272,11 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @mnt contains the mounted file system. * @flags contains the unmount flags, e.g. MNT_FORCE. * Return 0 if permission is granted. - * @sb_umount_close: - * Close any files in the @mnt mounted filesystem that are held open by - * the security module. This hook is called during an umount operation - * prior to checking whether the filesystem is still busy. - * @mnt contains the mounted filesystem. * @sb_umount_busy: * Handle a failed umount of the @mnt mounted filesystem, e.g. re-opening * any files that were closed by umount_close. This hook is called during @@ -1479,7 +1474,6 @@ struct security_operations { int (*sb_mount) (char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int (*sb_umount) (struct vfsmount *mnt, int flags); - void (*sb_umount_close) (struct vfsmount *mnt); void (*sb_umount_busy) (struct vfsmount *mnt); void (*sb_post_remount) (struct vfsmount *mnt, unsigned long flags, void *data); @@ -1777,7 +1771,6 @@ int security_sb_statfs(struct dentry *dentry); int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int security_sb_umount(struct vfsmount *mnt, int flags); -void security_sb_umount_close(struct vfsmount *mnt); void security_sb_umount_busy(struct vfsmount *mnt); void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data); void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint); @@ -2096,9 +2089,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static inline void security_sb_umount_close(struct vfsmount *mnt) -{ } - static inline void security_sb_umount_busy(struct vfsmount *mnt) { } diff --git a/security/capability.c b/security/capability.c index a7e905d8f1d..db72f4f5a9e 100644 --- a/security/capability.c +++ b/security/capability.c @@ -85,10 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static void cap_sb_umount_close(struct vfsmount *mnt) -{ -} - static void cap_sb_umount_busy(struct vfsmount *mnt) { } @@ -937,7 +933,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_statfs); set_to_cap_if_null(ops, sb_mount); set_to_cap_if_null(ops, sb_umount); - set_to_cap_if_null(ops, sb_umount_close); set_to_cap_if_null(ops, sb_umount_busy); set_to_cap_if_null(ops, sb_post_remount); set_to_cap_if_null(ops, sb_post_addmount); diff --git a/security/security.c b/security/security.c index a0bee70ed4b..591c25fd430 100644 --- a/security/security.c +++ b/security/security.c @@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags) return security_ops->sb_umount(mnt, flags); } -void security_sb_umount_close(struct vfsmount *mnt) -{ - security_ops->sb_umount_close(mnt); -} - void security_sb_umount_busy(struct vfsmount *mnt) { security_ops->sb_umount_busy(mnt); -- cgit v1.2.3-18-g5258 From 4b61d12c84293ac061909f27f567c1905e4d90e3 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:27 -0400 Subject: security: remove dead hook sb_umount_busy Unused hook. Remove. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/namespace.c | 2 -- include/linux/security.h | 11 ----------- security/capability.c | 5 ----- security/security.c | 5 ----- 4 files changed, 23 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 8aea78c8e76..6c9ca7358aa 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1116,8 +1116,6 @@ static int do_umount(struct vfsmount *mnt, int flags) retval = 0; } spin_unlock(&vfsmount_lock); - if (retval) - security_sb_umount_busy(mnt); up_write(&namespace_sem); release_mounts(&umount_list); return retval; diff --git a/include/linux/security.h b/include/linux/security.h index 354b0ceefc8..b206795c09f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -272,12 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @mnt contains the mounted file system. * @flags contains the unmount flags, e.g. MNT_FORCE. * Return 0 if permission is granted. - * @sb_umount_busy: - * Handle a failed umount of the @mnt mounted filesystem, e.g. re-opening - * any files that were closed by umount_close. This hook is called during - * an umount operation if the umount fails after a call to the - * umount_close hook. - * @mnt contains the mounted filesystem. * @sb_post_remount: * Update the security module's state when a filesystem is remounted. * This hook is only called if the remount was successful. @@ -1474,7 +1468,6 @@ struct security_operations { int (*sb_mount) (char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int (*sb_umount) (struct vfsmount *mnt, int flags); - void (*sb_umount_busy) (struct vfsmount *mnt); void (*sb_post_remount) (struct vfsmount *mnt, unsigned long flags, void *data); void (*sb_post_addmount) (struct vfsmount *mnt, @@ -1771,7 +1764,6 @@ int security_sb_statfs(struct dentry *dentry); int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int security_sb_umount(struct vfsmount *mnt, int flags); -void security_sb_umount_busy(struct vfsmount *mnt); void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data); void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint); int security_sb_pivotroot(struct path *old_path, struct path *new_path); @@ -2089,9 +2081,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static inline void security_sb_umount_busy(struct vfsmount *mnt) -{ } - static inline void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data) { } diff --git a/security/capability.c b/security/capability.c index db72f4f5a9e..476d4303090 100644 --- a/security/capability.c +++ b/security/capability.c @@ -85,10 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static void cap_sb_umount_busy(struct vfsmount *mnt) -{ -} - static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data) { @@ -933,7 +929,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_statfs); set_to_cap_if_null(ops, sb_mount); set_to_cap_if_null(ops, sb_umount); - set_to_cap_if_null(ops, sb_umount_busy); set_to_cap_if_null(ops, sb_post_remount); set_to_cap_if_null(ops, sb_post_addmount); set_to_cap_if_null(ops, sb_pivotroot); diff --git a/security/security.c b/security/security.c index 591c25fd430..c1341fbe98c 100644 --- a/security/security.c +++ b/security/security.c @@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags) return security_ops->sb_umount(mnt, flags); } -void security_sb_umount_busy(struct vfsmount *mnt) -{ - security_ops->sb_umount_busy(mnt); -} - void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data) { security_ops->sb_post_remount(mnt, flags, data); -- cgit v1.2.3-18-g5258 From 82dab10453d65ad9ca551de5b8925673ca05c7e9 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:33 -0400 Subject: security: remove dead hook sb_post_remount Unused hook. Remove. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/namespace.c | 2 -- include/linux/security.h | 13 ------------- security/capability.c | 6 ------ security/security.c | 5 ----- 4 files changed, 26 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 6c9ca7358aa..f87f56e348f 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1573,8 +1573,6 @@ static int do_remount(struct path *path, int flags, int mnt_flags, } up_write(&sb->s_umount); if (!err) { - security_sb_post_remount(path->mnt, flags, data); - spin_lock(&vfsmount_lock); touch_mnt_namespace(path->mnt->mnt_ns); spin_unlock(&vfsmount_lock); diff --git a/include/linux/security.h b/include/linux/security.h index b206795c09f..338617a50fa 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -272,12 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @mnt contains the mounted file system. * @flags contains the unmount flags, e.g. MNT_FORCE. * Return 0 if permission is granted. - * @sb_post_remount: - * Update the security module's state when a filesystem is remounted. - * This hook is only called if the remount was successful. - * @mnt contains the mounted file system. - * @flags contains the new filesystem flags. - * @data contains the filesystem-specific data. * @sb_post_addmount: * Update the security module's state when a filesystem is mounted. * This hook is called any time a mount is successfully grafetd to @@ -1468,8 +1462,6 @@ struct security_operations { int (*sb_mount) (char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int (*sb_umount) (struct vfsmount *mnt, int flags); - void (*sb_post_remount) (struct vfsmount *mnt, - unsigned long flags, void *data); void (*sb_post_addmount) (struct vfsmount *mnt, struct path *mountpoint); int (*sb_pivotroot) (struct path *old_path, @@ -1764,7 +1756,6 @@ int security_sb_statfs(struct dentry *dentry); int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int security_sb_umount(struct vfsmount *mnt, int flags); -void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data); void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint); int security_sb_pivotroot(struct path *old_path, struct path *new_path); void security_sb_post_pivotroot(struct path *old_path, struct path *new_path); @@ -2081,10 +2072,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static inline void security_sb_post_remount(struct vfsmount *mnt, - unsigned long flags, void *data) -{ } - static inline void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint) { } diff --git a/security/capability.c b/security/capability.c index 476d4303090..26fc92caa33 100644 --- a/security/capability.c +++ b/security/capability.c @@ -85,11 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags, - void *data) -{ -} - static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path) { } @@ -929,7 +924,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_statfs); set_to_cap_if_null(ops, sb_mount); set_to_cap_if_null(ops, sb_umount); - set_to_cap_if_null(ops, sb_post_remount); set_to_cap_if_null(ops, sb_post_addmount); set_to_cap_if_null(ops, sb_pivotroot); set_to_cap_if_null(ops, sb_post_pivotroot); diff --git a/security/security.c b/security/security.c index c1341fbe98c..d9538d98736 100644 --- a/security/security.c +++ b/security/security.c @@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags) return security_ops->sb_umount(mnt, flags); } -void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data) -{ - security_ops->sb_post_remount(mnt, flags, data); -} - void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint) { security_ops->sb_post_addmount(mnt, mountpoint); -- cgit v1.2.3-18-g5258 From 3db291017753e539af64c8bab373785f34e43ed2 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:39 -0400 Subject: security: remove dead hook sb_post_addmount Unused hook. Remove. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/namespace.c | 2 -- include/linux/security.h | 13 ------------- security/capability.c | 5 ----- security/security.c | 5 ----- 4 files changed, 25 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index f87f56e348f..7a0c9ce62be 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -1436,8 +1436,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path) err = attach_recursive_mnt(mnt, path, NULL); out_unlock: mutex_unlock(&path->dentry->d_inode->i_mutex); - if (!err) - security_sb_post_addmount(mnt, path); return err; } diff --git a/include/linux/security.h b/include/linux/security.h index 338617a50fa..a42d733086a 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -272,12 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @mnt contains the mounted file system. * @flags contains the unmount flags, e.g. MNT_FORCE. * Return 0 if permission is granted. - * @sb_post_addmount: - * Update the security module's state when a filesystem is mounted. - * This hook is called any time a mount is successfully grafetd to - * the tree. - * @mnt contains the mounted filesystem. - * @mountpoint contains the path for the mount point. * @sb_pivotroot: * Check permission before pivoting the root filesystem. * @old_path contains the path for the new location of the current root (put_old). @@ -1462,8 +1456,6 @@ struct security_operations { int (*sb_mount) (char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int (*sb_umount) (struct vfsmount *mnt, int flags); - void (*sb_post_addmount) (struct vfsmount *mnt, - struct path *mountpoint); int (*sb_pivotroot) (struct path *old_path, struct path *new_path); void (*sb_post_pivotroot) (struct path *old_path, @@ -1756,7 +1748,6 @@ int security_sb_statfs(struct dentry *dentry); int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int security_sb_umount(struct vfsmount *mnt, int flags); -void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint); int security_sb_pivotroot(struct path *old_path, struct path *new_path); void security_sb_post_pivotroot(struct path *old_path, struct path *new_path); int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts); @@ -2072,10 +2063,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static inline void security_sb_post_addmount(struct vfsmount *mnt, - struct path *mountpoint) -{ } - static inline int security_sb_pivotroot(struct path *old_path, struct path *new_path) { diff --git a/security/capability.c b/security/capability.c index 26fc92caa33..38752ddf69d 100644 --- a/security/capability.c +++ b/security/capability.c @@ -85,10 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags) return 0; } -static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path) -{ -} - static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) { return 0; @@ -924,7 +920,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_statfs); set_to_cap_if_null(ops, sb_mount); set_to_cap_if_null(ops, sb_umount); - set_to_cap_if_null(ops, sb_post_addmount); set_to_cap_if_null(ops, sb_pivotroot); set_to_cap_if_null(ops, sb_post_pivotroot); set_to_cap_if_null(ops, sb_set_mnt_opts); diff --git a/security/security.c b/security/security.c index d9538d98736..6a8e5411d7a 100644 --- a/security/security.c +++ b/security/security.c @@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags) return security_ops->sb_umount(mnt, flags); } -void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint) -{ - security_ops->sb_post_addmount(mnt, mountpoint); -} - int security_sb_pivotroot(struct path *old_path, struct path *new_path) { return security_ops->sb_pivotroot(old_path, new_path); -- cgit v1.2.3-18-g5258 From 91a9420f5826db482030c21eca8c507271bbc441 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:45 -0400 Subject: security: remove dead hook sb_post_pivotroot Unused hook. Remove. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/namespace.c | 1 - include/linux/security.h | 11 ----------- security/capability.c | 5 ----- security/security.c | 5 ----- 4 files changed, 22 deletions(-) diff --git a/fs/namespace.c b/fs/namespace.c index 7a0c9ce62be..c36785a2fd8 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -2265,7 +2265,6 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, touch_mnt_namespace(current->nsproxy->mnt_ns); spin_unlock(&vfsmount_lock); chroot_fs_refs(&root, &new); - security_sb_post_pivotroot(&root, &new); error = 0; path_put(&root_parent); path_put(&parent_path); diff --git a/include/linux/security.h b/include/linux/security.h index a42d733086a..4de5bbb3905 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -277,10 +277,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @old_path contains the path for the new location of the current root (put_old). * @new_path contains the path for the new root (new_root). * Return 0 if permission is granted. - * @sb_post_pivotroot: - * Update module state after a successful pivot. - * @old_path contains the path for the old root. - * @new_path contains the path for the new root. * @sb_set_mnt_opts: * Set the security relevant mount options used for a superblock * @sb the superblock to set security mount options for @@ -1458,8 +1454,6 @@ struct security_operations { int (*sb_umount) (struct vfsmount *mnt, int flags); int (*sb_pivotroot) (struct path *old_path, struct path *new_path); - void (*sb_post_pivotroot) (struct path *old_path, - struct path *new_path); int (*sb_set_mnt_opts) (struct super_block *sb, struct security_mnt_opts *opts); void (*sb_clone_mnt_opts) (const struct super_block *oldsb, @@ -1749,7 +1743,6 @@ int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int security_sb_umount(struct vfsmount *mnt, int flags); int security_sb_pivotroot(struct path *old_path, struct path *new_path); -void security_sb_post_pivotroot(struct path *old_path, struct path *new_path); int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts); void security_sb_clone_mnt_opts(const struct super_block *oldsb, struct super_block *newsb); @@ -2069,10 +2062,6 @@ static inline int security_sb_pivotroot(struct path *old_path, return 0; } -static inline void security_sb_post_pivotroot(struct path *old_path, - struct path *new_path) -{ } - static inline int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) { diff --git a/security/capability.c b/security/capability.c index 38752ddf69d..b64b50105a0 100644 --- a/security/capability.c +++ b/security/capability.c @@ -90,10 +90,6 @@ static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) return 0; } -static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path) -{ -} - static int cap_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) { @@ -921,7 +917,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_mount); set_to_cap_if_null(ops, sb_umount); set_to_cap_if_null(ops, sb_pivotroot); - set_to_cap_if_null(ops, sb_post_pivotroot); set_to_cap_if_null(ops, sb_set_mnt_opts); set_to_cap_if_null(ops, sb_clone_mnt_opts); set_to_cap_if_null(ops, sb_parse_opts_str); diff --git a/security/security.c b/security/security.c index 6a8e5411d7a..5223fa40827 100644 --- a/security/security.c +++ b/security/security.c @@ -316,11 +316,6 @@ int security_sb_pivotroot(struct path *old_path, struct path *new_path) return security_ops->sb_pivotroot(old_path, new_path); } -void security_sb_post_pivotroot(struct path *old_path, struct path *new_path) -{ - security_ops->sb_post_pivotroot(old_path, new_path); -} - int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) { -- cgit v1.2.3-18-g5258 From 9d5ed77dadc66a72b40419c91df942adfa55a102 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 7 Apr 2010 15:14:50 -0400 Subject: security: remove dead hook inode_delete Unused hook. Remove. Signed-off-by: Eric Paris Signed-off-by: James Morris --- fs/inode.c | 2 -- include/linux/security.h | 11 ----------- security/capability.c | 5 ----- security/security.c | 7 ------- 4 files changed, 25 deletions(-) diff --git a/fs/inode.c b/fs/inode.c index 407bf392e20..258ec22bb29 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -1205,8 +1205,6 @@ void generic_delete_inode(struct inode *inode) inodes_stat.nr_inodes--; spin_unlock(&inode_lock); - security_inode_delete(inode); - if (op->delete_inode) { void (*delete)(struct inode *) = op->delete_inode; /* Filesystems implementing their own diff --git a/include/linux/security.h b/include/linux/security.h index 4de5bbb3905..ef6edc75989 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -478,12 +478,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @mnt is the vfsmount where the dentry was looked up * @dentry contains the dentry structure for the file. * Return 0 if permission is granted. - * @inode_delete: - * @inode contains the inode structure for deleted inode. - * This hook is called when a deleted inode is released (i.e. an inode - * with no hard links has its use count drop to zero). A security module - * can use this hook to release any persistent label associated with the - * inode. * @inode_setxattr: * Check permission before setting the extended attributes * @value identified by @name for @dentry. @@ -1502,7 +1496,6 @@ struct security_operations { int (*inode_permission) (struct inode *inode, int mask); int (*inode_setattr) (struct dentry *dentry, struct iattr *attr); int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry); - void (*inode_delete) (struct inode *inode); int (*inode_setxattr) (struct dentry *dentry, const char *name, const void *value, size_t size, int flags); void (*inode_post_setxattr) (struct dentry *dentry, const char *name, @@ -1768,7 +1761,6 @@ int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd); int security_inode_permission(struct inode *inode, int mask); int security_inode_setattr(struct dentry *dentry, struct iattr *attr); int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry); -void security_inode_delete(struct inode *inode); int secur