summaryrefslogtreecommitdiffstats
path: root/fs/cachefiles/security.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2021-10-31 13:58:05 +0100
committerDavid Howells <dhowells@redhat.com>2022-01-07 10:22:19 +0100
commit850cba069c266d6f31b81c5a199052a3482a63fc (patch)
tree9fa268c3d0607be533d62df8286402f89c79bac6 /fs/cachefiles/security.c
parentfscache, cachefiles: Disable configuration (diff)
downloadlinux-850cba069c266d6f31b81c5a199052a3482a63fc.tar.xz
linux-850cba069c266d6f31b81c5a199052a3482a63fc.zip
cachefiles: Delete the cachefiles driver pending rewrite
Delete the code from the cachefiles driver to make it easier to rewrite and resubmit in a logical manner. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Jeff Layton <jlayton@kernel.org> cc: linux-cachefs@redhat.com Link: https://lore.kernel.org/r/163819577641.215744.12718114397770666596.stgit@warthog.procyon.org.uk/ # v1 Link: https://lore.kernel.org/r/163906883770.143852.4149714614981373410.stgit@warthog.procyon.org.uk/ # v2 Link: https://lore.kernel.org/r/163967076066.1823006.7175712134577687753.stgit@warthog.procyon.org.uk/ # v3 Link: https://lore.kernel.org/r/164021483619.640689.7586546280515844702.stgit@warthog.procyon.org.uk/ # v4
Diffstat (limited to 'fs/cachefiles/security.c')
-rw-r--r--fs/cachefiles/security.c112
1 files changed, 0 insertions, 112 deletions
diff --git a/fs/cachefiles/security.c b/fs/cachefiles/security.c
deleted file mode 100644
index aec13fd94692..000000000000
--- a/fs/cachefiles/security.c
+++ /dev/null
@@ -1,112 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0-or-later
-/* CacheFiles security management
- *
- * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
- * Written by David Howells (dhowells@redhat.com)
- */
-
-#include <linux/fs.h>
-#include <linux/cred.h>
-#include "internal.h"
-
-/*
- * determine the security context within which we access the cache from within
- * the kernel
- */
-int cachefiles_get_security_ID(struct cachefiles_cache *cache)
-{
- struct cred *new;
- int ret;
-
- _enter("{%s}", cache->secctx);
-
- new = prepare_kernel_cred(current);
- if (!new) {
- ret = -ENOMEM;
- goto error;
- }
-
- if (cache->secctx) {
- ret = set_security_override_from_ctx(new, cache->secctx);
- if (ret < 0) {
- put_cred(new);
- pr_err("Security denies permission to nominate security context: error %d\n",
- ret);
- goto error;
- }
- }
-
- cache->cache_cred = new;
- ret = 0;
-error:
- _leave(" = %d", ret);
- return ret;
-}
-
-/*
- * see if mkdir and create can be performed in the root directory
- */
-static int cachefiles_check_cache_dir(struct cachefiles_cache *cache,
- struct dentry *root)
-{
- int ret;
-
- ret = security_inode_mkdir(d_backing_inode(root), root, 0);
- if (ret < 0) {
- pr_err("Security denies permission to make dirs: error %d",
- ret);
- return ret;
- }
-
- ret = security_inode_create(d_backing_inode(root), root, 0);
- if (ret < 0)
- pr_err("Security denies permission to create files: error %d",
- ret);
-
- return ret;
-}
-
-/*
- * check the security details of the on-disk cache
- * - must be called with security override in force
- * - must return with a security override in force - even in the case of an
- * error
- */
-int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
- struct dentry *root,
- const struct cred **_saved_cred)
-{
- struct cred *new;
- int ret;
-
- _enter("");
-
- /* duplicate the cache creds for COW (the override is currently in
- * force, so we can use prepare_creds() to do this) */
- new = prepare_creds();
- if (!new)
- return -ENOMEM;
-
- cachefiles_end_secure(cache, *_saved_cred);
-
- /* use the cache root dir's security context as the basis with
- * which create files */
- ret = set_create_files_as(new, d_backing_inode(root));
- if (ret < 0) {
- abort_creds(new);
- cachefiles_begin_secure(cache, _saved_cred);
- _leave(" = %d [cfa]", ret);
- return ret;
- }
-
- put_cred(cache->cache_cred);
- cache->cache_cred = new;
-
- cachefiles_begin_secure(cache, _saved_cred);
- ret = cachefiles_check_cache_dir(cache, root);
-
- if (ret == -EOPNOTSUPP)
- ret = 0;
- _leave(" = %d", ret);
- return ret;
-}