diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-20 17:55:50 +0200 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-20 17:55:50 +0200 |
| commit | 96b5b7f4f2d59b37c1fc2fba1ae25999accd6dcd (patch) | |
| tree | cda421c6cd7533940b35504660a05a366a3ece0c /security/capability.c | |
| parent | Merge branch 'for-2.6.35' of git://linux-nfs.org/~bfields/linux (diff) | |
| parent | Merge branch 'next' into for-linus (diff) | |
| download | linux-96b5b7f4f2d59b37c1fc2fba1ae25999accd6dcd.tar.xz linux-96b5b7f4f2d59b37c1fc2fba1ae25999accd6dcd.zip | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (61 commits)
KEYS: Return more accurate error codes
LSM: Add __init to fixup function.
TOMOYO: Add pathname grouping support.
ima: remove ACPI dependency
TPM: ACPI/PNP dependency removal
security/selinux/ss: Use kstrdup
TOMOYO: Use stack memory for pending entry.
Revert "ima: remove ACPI dependency"
Revert "TPM: ACPI/PNP dependency removal"
KEYS: Do preallocation for __key_link()
TOMOYO: Use mutex_lock_interruptible.
KEYS: Better handling of errors from construct_alloc_key()
KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links
TOMOYO: Use GFP_NOFS rather than GFP_KERNEL.
ima: remove ACPI dependency
TPM: ACPI/PNP dependency removal
selinux: generalize disabling of execmem for plt-in-heap archs
LSM Audit: rename LSM_AUDIT_NO_AUDIT to LSM_AUDIT_DATA_NONE
CRED: Holding a spinlock does not imply the holding of RCU read lock
SMACK: Don't #include Ext2 headers
...
Diffstat (limited to 'security/capability.c')
| -rw-r--r-- | security/capability.c | 76 |
1 files changed, 1 insertions, 75 deletions
diff --git a/security/capability.c b/security/capability.c index 4875142b858d..8168e3ecd5bf 100644 --- a/security/capability.c +++ b/security/capability.c @@ -12,11 +12,6 @@ #include <linux/security.h> -static int cap_acct(struct file *file) -{ - return 0; -} - static int cap_sysctl(ctl_table *table, int op) { return 0; @@ -80,42 +75,16 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type, return 0; } -static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path) -{ - return 0; -} - static int cap_sb_umount(struct vfsmount *mnt, int flags) { return 0; } -static void cap_sb_umount_close(struct vfsmount *mnt) -{ -} - -static void cap_sb_umount_busy(struct vfsmount *mnt) -{ -} - -static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags, - void *data) -{ -} - -static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path) -{ -} - static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) { return 0; } -static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path) -{ -} - static int cap_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) { @@ -221,10 +190,6 @@ static int cap_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) return 0; } -static void cap_inode_delete(struct inode *ino) -{ -} - static void cap_inode_post_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) { @@ -403,10 +368,6 @@ static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) return 0; } -static void cap_cred_commit(struct cred *new, const struct cred *old) -{ -} - static void cap_cred_transfer(struct cred *new, const struct cred *old) { } @@ -426,16 +387,6 @@ static int cap_kernel_module_request(char *kmod_name) return 0; } -static int cap_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) -{ - return 0; -} - -static int cap_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags) -{ - return 0; -} - static int cap_task_setpgid(struct task_struct *p, pid_t pgid) { return 0; @@ -456,11 +407,6 @@ static void cap_task_getsecid(struct task_struct *p, u32 *secid) *secid = 0; } -static int cap_task_setgroups(struct group_info *group_info) -{ - return 0; -} - static int cap_task_getioprio(struct task_struct *p) { return 0; @@ -875,13 +821,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer) return 0; } -static int cap_key_session_to_parent(const struct cred *cred, - const struct cred *parent_cred, - struct key *key) -{ - return 0; -} - #endif /* CONFIG_KEYS */ #ifdef CONFIG_AUDIT @@ -915,13 +854,12 @@ static void cap_audit_rule_free(void *lsmrule) } \ } while (0) -void security_fixup_ops(struct security_operations *ops) +void __init security_fixup_ops(struct security_operations *ops) { set_to_cap_if_null(ops, ptrace_access_check); set_to_cap_if_null(ops, ptrace_traceme); set_to_cap_if_null(ops, capget); set_to_cap_if_null(ops, capset); - set_to_cap_if_null(ops, acct); set_to_cap_if_null(ops, capable); set_to_cap_if_null(ops, quotactl); set_to_cap_if_null(ops, quota_on); @@ -941,14 +879,8 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_show_options); set_to_cap_if_null(ops, sb_statfs); set_to_cap_if_null(ops, sb_mount); - set_to_cap_if_null(ops, sb_check_sb); set_to_cap_if_null(ops, sb_umount); - set_to_cap_if_null(ops, sb_umount_close); - set_to_cap_if_null(ops, sb_umount_busy); - set_to_cap_if_null(ops, sb_post_remount); - set_to_cap_if_null(ops, sb_post_addmount); set_to_cap_if_null(ops, sb_pivotroot); - set_to_cap_if_null(ops, sb_post_pivotroot); set_to_cap_if_null(ops, sb_set_mnt_opts); set_to_cap_if_null(ops, sb_clone_mnt_opts); set_to_cap_if_null(ops, sb_parse_opts_str); @@ -968,7 +900,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, inode_permission); set_to_cap_if_null(ops, inode_setattr); set_to_cap_if_null(ops, inode_getattr); - set_to_cap_if_null(ops, inode_delete); set_to_cap_if_null(ops, inode_setxattr); set_to_cap_if_null(ops, inode_post_setxattr); set_to_cap_if_null(ops, inode_getxattr); @@ -1009,19 +940,15 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, cred_alloc_blank); set_to_cap_if_null(ops, cred_free); set_to_cap_if_null(ops, cred_prepare); - set_to_cap_if_null(ops, cred_commit); set_to_cap_if_null(ops, cred_transfer); set_to_cap_if_null(ops, kernel_act_as); set_to_cap_if_null(ops, kernel_create_files_as); set_to_cap_if_null(ops, kernel_module_request); - set_to_cap_if_null(ops, task_setuid); set_to_cap_if_null(ops, task_fix_setuid); - set_to_cap_if_null(ops, task_setgid); set_to_cap_if_null(ops, task_setpgid); set_to_cap_if_null(ops, task_getpgid); set_to_cap_if_null(ops, task_getsid); set_to_cap_if_null(ops, task_getsecid); - set_to_cap_if_null(ops, task_setgroups); set_to_cap_if_null(ops, task_setnice); set_to_cap_if_null(ops, task_setioprio); set_to_cap_if_null(ops, task_getioprio); @@ -1113,7 +1040,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, key_free); set_to_cap_if_null(ops, key_permission); set_to_cap_if_null(ops, key_getsecurity); - set_to_cap_if_null(ops, key_session_to_parent); #endif /* CONFIG_KEYS */ #ifdef CONFIG_AUDIT set_to_cap_if_null(ops, audit_rule_init); |