From 353633100d8d684ac0acae4ce93fb833f92881f4 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Wed, 7 Apr 2010 15:14:15 -0400
Subject: security: remove sb_check_sb hooks

Unused hook.  Remove it.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 fs/namespace.c | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'fs/namespace.c')

diff --git a/fs/namespace.c b/fs/namespace.c
index 8174c8ab5c70..c1d0d877bab7 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1435,11 +1435,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path)
 	if (IS_DEADDIR(path->dentry->d_inode))
 		goto out_unlock;
 
-	err = security_sb_check_sb(mnt, path);
-	if (err)
-		goto out_unlock;
-
-	err = -ENOENT;
 	if (!d_unlinked(path->dentry))
 		err = attach_recursive_mnt(mnt, path, NULL);
 out_unlock:
-- 
cgit v1.2.3


From 231923bd0e06cba69f7c2028f4a68602b8d22160 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Wed, 7 Apr 2010 15:14:21 -0400
Subject: security: remove dead hook sb_umount_close

Unused hook.  Remove.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 fs/namespace.c           |  1 -
 include/linux/security.h | 10 ----------
 security/capability.c    |  5 -----
 security/security.c      |  5 -----
 4 files changed, 21 deletions(-)

(limited to 'fs/namespace.c')

diff --git a/fs/namespace.c b/fs/namespace.c
index c1d0d877bab7..8aea78c8e760 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -628,7 +628,6 @@ repeat:
 		mnt->mnt_pinned = 0;
 		spin_unlock(&vfsmount_lock);
 		acct_auto_close_mnt(mnt);
-		security_sb_umount_close(mnt);
 		goto repeat;
 	}
 }
diff --git a/include/linux/security.h b/include/linux/security.h
index 9ebd2e411d2d..354b0ceefc87 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -272,11 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@mnt contains the mounted file system.
  *	@flags contains the unmount flags, e.g. MNT_FORCE.
  *	Return 0 if permission is granted.
- * @sb_umount_close:
- *	Close any files in the @mnt mounted filesystem that are held open by
- *	the security module.  This hook is called during an umount operation
- *	prior to checking whether the filesystem is still busy.
- *	@mnt contains the mounted filesystem.
  * @sb_umount_busy:
  *	Handle a failed umount of the @mnt mounted filesystem, e.g.  re-opening
  *	any files that were closed by umount_close.  This hook is called during
@@ -1479,7 +1474,6 @@ struct security_operations {
 	int (*sb_mount) (char *dev_name, struct path *path,
 			 char *type, unsigned long flags, void *data);
 	int (*sb_umount) (struct vfsmount *mnt, int flags);
-	void (*sb_umount_close) (struct vfsmount *mnt);
 	void (*sb_umount_busy) (struct vfsmount *mnt);
 	void (*sb_post_remount) (struct vfsmount *mnt,
 				 unsigned long flags, void *data);
@@ -1777,7 +1771,6 @@ int security_sb_statfs(struct dentry *dentry);
 int security_sb_mount(char *dev_name, struct path *path,
 		      char *type, unsigned long flags, void *data);
 int security_sb_umount(struct vfsmount *mnt, int flags);
-void security_sb_umount_close(struct vfsmount *mnt);
 void security_sb_umount_busy(struct vfsmount *mnt);
 void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data);
 void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint);
@@ -2096,9 +2089,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static inline void security_sb_umount_close(struct vfsmount *mnt)
-{ }
-
 static inline void security_sb_umount_busy(struct vfsmount *mnt)
 { }
 
diff --git a/security/capability.c b/security/capability.c
index a7e905d8f1d3..db72f4f5a9e1 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -85,10 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static void cap_sb_umount_close(struct vfsmount *mnt)
-{
-}
-
 static void cap_sb_umount_busy(struct vfsmount *mnt)
 {
 }
@@ -937,7 +933,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sb_statfs);
 	set_to_cap_if_null(ops, sb_mount);
 	set_to_cap_if_null(ops, sb_umount);
-	set_to_cap_if_null(ops, sb_umount_close);
 	set_to_cap_if_null(ops, sb_umount_busy);
 	set_to_cap_if_null(ops, sb_post_remount);
 	set_to_cap_if_null(ops, sb_post_addmount);
diff --git a/security/security.c b/security/security.c
index a0bee70ed4b6..591c25fd430f 100644
--- a/security/security.c
+++ b/security/security.c
@@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags)
 	return security_ops->sb_umount(mnt, flags);
 }
 
-void security_sb_umount_close(struct vfsmount *mnt)
-{
-	security_ops->sb_umount_close(mnt);
-}
-
 void security_sb_umount_busy(struct vfsmount *mnt)
 {
 	security_ops->sb_umount_busy(mnt);
-- 
cgit v1.2.3


From 4b61d12c84293ac061909f27f567c1905e4d90e3 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Wed, 7 Apr 2010 15:14:27 -0400
Subject: security: remove dead hook sb_umount_busy

Unused hook.  Remove.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 fs/namespace.c           |  2 --
 include/linux/security.h | 11 -----------
 security/capability.c    |  5 -----
 security/security.c      |  5 -----
 4 files changed, 23 deletions(-)

(limited to 'fs/namespace.c')

diff --git a/fs/namespace.c b/fs/namespace.c
index 8aea78c8e760..6c9ca7358aad 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1116,8 +1116,6 @@ static int do_umount(struct vfsmount *mnt, int flags)
 		retval = 0;
 	}
 	spin_unlock(&vfsmount_lock);
-	if (retval)
-		security_sb_umount_busy(mnt);
 	up_write(&namespace_sem);
 	release_mounts(&umount_list);
 	return retval;
diff --git a/include/linux/security.h b/include/linux/security.h
index 354b0ceefc87..b206795c09f7 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -272,12 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@mnt contains the mounted file system.
  *	@flags contains the unmount flags, e.g. MNT_FORCE.
  *	Return 0 if permission is granted.
- * @sb_umount_busy:
- *	Handle a failed umount of the @mnt mounted filesystem, e.g.  re-opening
- *	any files that were closed by umount_close.  This hook is called during
- *	an umount operation if the umount fails after a call to the
- *	umount_close hook.
- *	@mnt contains the mounted filesystem.
  * @sb_post_remount:
  *	Update the security module's state when a filesystem is remounted.
  *	This hook is only called if the remount was successful.
@@ -1474,7 +1468,6 @@ struct security_operations {
 	int (*sb_mount) (char *dev_name, struct path *path,
 			 char *type, unsigned long flags, void *data);
 	int (*sb_umount) (struct vfsmount *mnt, int flags);
-	void (*sb_umount_busy) (struct vfsmount *mnt);
 	void (*sb_post_remount) (struct vfsmount *mnt,
 				 unsigned long flags, void *data);
 	void (*sb_post_addmount) (struct vfsmount *mnt,
@@ -1771,7 +1764,6 @@ int security_sb_statfs(struct dentry *dentry);
 int security_sb_mount(char *dev_name, struct path *path,
 		      char *type, unsigned long flags, void *data);
 int security_sb_umount(struct vfsmount *mnt, int flags);
-void security_sb_umount_busy(struct vfsmount *mnt);
 void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data);
 void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint);
 int security_sb_pivotroot(struct path *old_path, struct path *new_path);
@@ -2089,9 +2081,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static inline void security_sb_umount_busy(struct vfsmount *mnt)
-{ }
-
 static inline void security_sb_post_remount(struct vfsmount *mnt,
 					     unsigned long flags, void *data)
 { }
diff --git a/security/capability.c b/security/capability.c
index db72f4f5a9e1..476d43030906 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -85,10 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static void cap_sb_umount_busy(struct vfsmount *mnt)
-{
-}
-
 static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags,
 				void *data)
 {
@@ -933,7 +929,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sb_statfs);
 	set_to_cap_if_null(ops, sb_mount);
 	set_to_cap_if_null(ops, sb_umount);
-	set_to_cap_if_null(ops, sb_umount_busy);
 	set_to_cap_if_null(ops, sb_post_remount);
 	set_to_cap_if_null(ops, sb_post_addmount);
 	set_to_cap_if_null(ops, sb_pivotroot);
diff --git a/security/security.c b/security/security.c
index 591c25fd430f..c1341fbe98ca 100644
--- a/security/security.c
+++ b/security/security.c
@@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags)
 	return security_ops->sb_umount(mnt, flags);
 }
 
-void security_sb_umount_busy(struct vfsmount *mnt)
-{
-	security_ops->sb_umount_busy(mnt);
-}
-
 void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data)
 {
 	security_ops->sb_post_remount(mnt, flags, data);
-- 
cgit v1.2.3


From 82dab10453d65ad9ca551de5b8925673ca05c7e9 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Wed, 7 Apr 2010 15:14:33 -0400
Subject: security: remove dead hook sb_post_remount

Unused hook.  Remove.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 fs/namespace.c           |  2 --
 include/linux/security.h | 13 -------------
 security/capability.c    |  6 ------
 security/security.c      |  5 -----
 4 files changed, 26 deletions(-)

(limited to 'fs/namespace.c')

diff --git a/fs/namespace.c b/fs/namespace.c
index 6c9ca7358aad..f87f56e348fd 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1573,8 +1573,6 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
 	}
 	up_write(&sb->s_umount);
 	if (!err) {
-		security_sb_post_remount(path->mnt, flags, data);
-
 		spin_lock(&vfsmount_lock);
 		touch_mnt_namespace(path->mnt->mnt_ns);
 		spin_unlock(&vfsmount_lock);
diff --git a/include/linux/security.h b/include/linux/security.h
index b206795c09f7..338617a50fa3 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -272,12 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@mnt contains the mounted file system.
  *	@flags contains the unmount flags, e.g. MNT_FORCE.
  *	Return 0 if permission is granted.
- * @sb_post_remount:
- *	Update the security module's state when a filesystem is remounted.
- *	This hook is only called if the remount was successful.
- *	@mnt contains the mounted file system.
- *	@flags contains the new filesystem flags.
- *	@data contains the filesystem-specific data.
  * @sb_post_addmount:
  *	Update the security module's state when a filesystem is mounted.
  *	This hook is called any time a mount is successfully grafetd to
@@ -1468,8 +1462,6 @@ struct security_operations {
 	int (*sb_mount) (char *dev_name, struct path *path,
 			 char *type, unsigned long flags, void *data);
 	int (*sb_umount) (struct vfsmount *mnt, int flags);
-	void (*sb_post_remount) (struct vfsmount *mnt,
-				 unsigned long flags, void *data);
 	void (*sb_post_addmount) (struct vfsmount *mnt,
 				  struct path *mountpoint);
 	int (*sb_pivotroot) (struct path *old_path,
@@ -1764,7 +1756,6 @@ int security_sb_statfs(struct dentry *dentry);
 int security_sb_mount(char *dev_name, struct path *path,
 		      char *type, unsigned long flags, void *data);
 int security_sb_umount(struct vfsmount *mnt, int flags);
-void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data);
 void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint);
 int security_sb_pivotroot(struct path *old_path, struct path *new_path);
 void security_sb_post_pivotroot(struct path *old_path, struct path *new_path);
@@ -2081,10 +2072,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static inline void security_sb_post_remount(struct vfsmount *mnt,
-					     unsigned long flags, void *data)
-{ }
-
 static inline void security_sb_post_addmount(struct vfsmount *mnt,
 					     struct path *mountpoint)
 { }
diff --git a/security/capability.c b/security/capability.c
index 476d43030906..26fc92caa339 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -85,11 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags,
-				void *data)
-{
-}
-
 static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path)
 {
 }
@@ -929,7 +924,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sb_statfs);
 	set_to_cap_if_null(ops, sb_mount);
 	set_to_cap_if_null(ops, sb_umount);
-	set_to_cap_if_null(ops, sb_post_remount);
 	set_to_cap_if_null(ops, sb_post_addmount);
 	set_to_cap_if_null(ops, sb_pivotroot);
 	set_to_cap_if_null(ops, sb_post_pivotroot);
diff --git a/security/security.c b/security/security.c
index c1341fbe98ca..d9538d98736b 100644
--- a/security/security.c
+++ b/security/security.c
@@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags)
 	return security_ops->sb_umount(mnt, flags);
 }
 
-void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data)
-{
-	security_ops->sb_post_remount(mnt, flags, data);
-}
-
 void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint)
 {
 	security_ops->sb_post_addmount(mnt, mountpoint);
-- 
cgit v1.2.3


From 3db291017753e539af64c8bab373785f34e43ed2 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Wed, 7 Apr 2010 15:14:39 -0400
Subject: security: remove dead hook sb_post_addmount

Unused hook.  Remove.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 fs/namespace.c           |  2 --
 include/linux/security.h | 13 -------------
 security/capability.c    |  5 -----
 security/security.c      |  5 -----
 4 files changed, 25 deletions(-)

(limited to 'fs/namespace.c')

diff --git a/fs/namespace.c b/fs/namespace.c
index f87f56e348fd..7a0c9ce62bed 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1436,8 +1436,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path)
 		err = attach_recursive_mnt(mnt, path, NULL);
 out_unlock:
 	mutex_unlock(&path->dentry->d_inode->i_mutex);
-	if (!err)
-		security_sb_post_addmount(mnt, path);
 	return err;
 }
 
diff --git a/include/linux/security.h b/include/linux/security.h
index 338617a50fa3..a42d733086a1 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -272,12 +272,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@mnt contains the mounted file system.
  *	@flags contains the unmount flags, e.g. MNT_FORCE.
  *	Return 0 if permission is granted.
- * @sb_post_addmount:
- *	Update the security module's state when a filesystem is mounted.
- *	This hook is called any time a mount is successfully grafetd to
- *	the tree.
- *	@mnt contains the mounted filesystem.
- *	@mountpoint contains the path for the mount point.
  * @sb_pivotroot:
  *	Check permission before pivoting the root filesystem.
  *	@old_path contains the path for the new location of the current root (put_old).
@@ -1462,8 +1456,6 @@ struct security_operations {
 	int (*sb_mount) (char *dev_name, struct path *path,
 			 char *type, unsigned long flags, void *data);
 	int (*sb_umount) (struct vfsmount *mnt, int flags);
-	void (*sb_post_addmount) (struct vfsmount *mnt,
-				  struct path *mountpoint);
 	int (*sb_pivotroot) (struct path *old_path,
 			     struct path *new_path);
 	void (*sb_post_pivotroot) (struct path *old_path,
@@ -1756,7 +1748,6 @@ int security_sb_statfs(struct dentry *dentry);
 int security_sb_mount(char *dev_name, struct path *path,
 		      char *type, unsigned long flags, void *data);
 int security_sb_umount(struct vfsmount *mnt, int flags);
-void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint);
 int security_sb_pivotroot(struct path *old_path, struct path *new_path);
 void security_sb_post_pivotroot(struct path *old_path, struct path *new_path);
 int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts);
@@ -2072,10 +2063,6 @@ static inline int security_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static inline void security_sb_post_addmount(struct vfsmount *mnt,
-					     struct path *mountpoint)
-{ }
-
 static inline int security_sb_pivotroot(struct path *old_path,
 					struct path *new_path)
 {
diff --git a/security/capability.c b/security/capability.c
index 26fc92caa339..38752ddf69d7 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -85,10 +85,6 @@ static int cap_sb_umount(struct vfsmount *mnt, int flags)
 	return 0;
 }
 
-static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path)
-{
-}
-
 static int cap_sb_pivotroot(struct path *old_path, struct path *new_path)
 {
 	return 0;
@@ -924,7 +920,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sb_statfs);
 	set_to_cap_if_null(ops, sb_mount);
 	set_to_cap_if_null(ops, sb_umount);
-	set_to_cap_if_null(ops, sb_post_addmount);
 	set_to_cap_if_null(ops, sb_pivotroot);
 	set_to_cap_if_null(ops, sb_post_pivotroot);
 	set_to_cap_if_null(ops, sb_set_mnt_opts);
diff --git a/security/security.c b/security/security.c
index d9538d98736b..6a8e5411d7a0 100644
--- a/security/security.c
+++ b/security/security.c
@@ -311,11 +311,6 @@ int security_sb_umount(struct vfsmount *mnt, int flags)
 	return security_ops->sb_umount(mnt, flags);
 }
 
-void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint)
-{
-	security_ops->sb_post_addmount(mnt, mountpoint);
-}
-
 int security_sb_pivotroot(struct path *old_path, struct path *new_path)
 {
 	return security_ops->sb_pivotroot(old_path, new_path);
-- 
cgit v1.2.3


From 91a9420f5826db482030c21eca8c507271bbc441 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Wed, 7 Apr 2010 15:14:45 -0400
Subject: security: remove dead hook sb_post_pivotroot

Unused hook.  Remove.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 fs/namespace.c           |  1 -
 include/linux/security.h | 11 -----------
 security/capability.c    |  5 -----
 security/security.c      |  5 -----
 4 files changed, 22 deletions(-)

(limited to 'fs/namespace.c')

diff --git a/fs/namespace.c b/fs/namespace.c
index 7a0c9ce62bed..c36785a2fd86 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2265,7 +2265,6 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
 	touch_mnt_namespace(current->nsproxy->mnt_ns);
 	spin_unlock(&vfsmount_lock);
 	chroot_fs_refs(&root, &new);
-	security_sb_post_pivotroot(&root, &new);
 	error = 0;
 	path_put(&root_parent);
 	path_put(&parent_path);
diff --git a/include/linux/security.h b/include/linux/security.h
index a42d733086a1..4de5bbb39052 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -277,10 +277,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@old_path contains the path for the new location of the current root (put_old).
  *	@new_path contains the path for the new root (new_root).
  *	Return 0 if permission is granted.
- * @sb_post_pivotroot:
- *	Update module state after a successful pivot.
- *	@old_path contains the path for the old root.
- *	@new_path contains the path for the new root.
  * @sb_set_mnt_opts:
  *	Set the security relevant mount options used for a superblock
  *	@sb the superblock to set security mount options for
@@ -1458,8 +1454,6 @@ struct security_operations {
 	int (*sb_umount) (struct vfsmount *mnt, int flags);
 	int (*sb_pivotroot) (struct path *old_path,
 			     struct path *new_path);
-	void (*sb_post_pivotroot) (struct path *old_path,
-				   struct path *new_path);
 	int (*sb_set_mnt_opts) (struct super_block *sb,
 				struct security_mnt_opts *opts);
 	void (*sb_clone_mnt_opts) (const struct super_block *oldsb,
@@ -1749,7 +1743,6 @@ int security_sb_mount(char *dev_name, struct path *path,
 		      char *type, unsigned long flags, void *data);
 int security_sb_umount(struct vfsmount *mnt, int flags);
 int security_sb_pivotroot(struct path *old_path, struct path *new_path);
-void security_sb_post_pivotroot(struct path *old_path, struct path *new_path);
 int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts);
 void security_sb_clone_mnt_opts(const struct super_block *oldsb,
 				struct super_block *newsb);
@@ -2069,10 +2062,6 @@ static inline int security_sb_pivotroot(struct path *old_path,
 	return 0;
 }
 
-static inline void security_sb_post_pivotroot(struct path *old_path,
-					      struct path *new_path)
-{ }
-
 static inline int security_sb_set_mnt_opts(struct super_block *sb,
 					   struct security_mnt_opts *opts)
 {
diff --git a/security/capability.c b/security/capability.c
index 38752ddf69d7..b64b50105a04 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -90,10 +90,6 @@ static int cap_sb_pivotroot(struct path *old_path, struct path *new_path)
 	return 0;
 }
 
-static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path)
-{
-}
-
 static int cap_sb_set_mnt_opts(struct super_block *sb,
 			       struct security_mnt_opts *opts)
 {
@@ -921,7 +917,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sb_mount);
 	set_to_cap_if_null(ops, sb_umount);
 	set_to_cap_if_null(ops, sb_pivotroot);
-	set_to_cap_if_null(ops, sb_post_pivotroot);
 	set_to_cap_if_null(ops, sb_set_mnt_opts);
 	set_to_cap_if_null(ops, sb_clone_mnt_opts);
 	set_to_cap_if_null(ops, sb_parse_opts_str);
diff --git a/security/security.c b/security/security.c
index 6a8e5411d7a0..5223fa408271 100644
--- a/security/security.c
+++ b/security/security.c
@@ -316,11 +316,6 @@ int security_sb_pivotroot(struct path *old_path, struct path *new_path)
 	return security_ops->sb_pivotroot(old_path, new_path);
 }
 
-void security_sb_post_pivotroot(struct path *old_path, struct path *new_path)
-{
-	security_ops->sb_post_pivotroot(old_path, new_path);
-}
-
 int security_sb_set_mnt_opts(struct super_block *sb,
 				struct security_mnt_opts *opts)
 {
-- 
cgit v1.2.3