hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

LSM: Remove security_task_create() hook. 

Since commit a79be23860 ("selinux: Use task_alloc hook rather than
task_create hook") changed to use task_alloc hook, task_create hook is
no longer used.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
This commit is contained in:
Tetsuo Handa 2017-07-14 19:38:36 +09:00 committed by James Morris
parent c4758fa592
commit 3cf2993145
4 changed files with 0 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/linux/lsm_hooks.h
View File

@ -529,11 +529,6 @@
* *
* Security hooks for task operations. * Security hooks for task operations.
* *
* @task_create:
* Check permission before creating a child process. See the clone(2)
* manual page for definitions of the @clone_flags.
* @clone_flags contains the flags indicating what should be shared.
* Return 0 if permission is granted.
* @task_alloc: * @task_alloc:
* @task task being allocated. * @task task being allocated.
* @clone_flags contains the flags indicating what should be shared. * @clone_flags contains the flags indicating what should be shared.
@ -1509,7 +1504,6 @@ union security_list_options {
int (*file_receive)(struct file *file); int (*file_receive)(struct file *file);
int (*file_open)(struct file *file, const struct cred *cred); int (*file_open)(struct file *file, const struct cred *cred);
int (*task_create)(unsigned long clone_flags);
int (*task_alloc)(struct task_struct *task, unsigned long clone_flags); int (*task_alloc)(struct task_struct *task, unsigned long clone_flags);
void (*task_free)(struct task_struct *task); void (*task_free)(struct task_struct *task);
int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp); int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp);
@ -1784,7 +1778,6 @@ struct security_hook_heads {
struct list_head file_send_sigiotask; struct list_head file_send_sigiotask;
struct list_head file_receive; struct list_head file_receive;
struct list_head file_open; struct list_head file_open;
struct list_head task_create;
struct list_head task_alloc; struct list_head task_alloc;
struct list_head task_free; struct list_head task_free;
struct list_head cred_alloc_blank; struct list_head cred_alloc_blank;

6
include/linux/security.h
View File

@ -318,7 +318,6 @@ int security_file_send_sigiotask(struct task_struct *tsk,
struct fown_struct *fown, int sig); struct fown_struct *fown, int sig);
int security_file_receive(struct file *file); int security_file_receive(struct file *file);
int security_file_open(struct file *file, const struct cred *cred); int security_file_open(struct file *file, const struct cred *cred);
int security_task_create(unsigned long clone_flags);
int security_task_alloc(struct task_struct *task, unsigned long clone_flags); int security_task_alloc(struct task_struct *task, unsigned long clone_flags);
void security_task_free(struct task_struct *task); void security_task_free(struct task_struct *task);
int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
@ -885,11 +884,6 @@ static inline int security_file_open(struct file *file,
return 0; return 0;
} }
static inline int security_task_create(unsigned long clone_flags)
{
return 0;
}
static inline int security_task_alloc(struct task_struct *task, static inline int security_task_alloc(struct task_struct *task,
unsigned long clone_flags) unsigned long clone_flags)
{ {

4
kernel/fork.c
View File

@ -1568,10 +1568,6 @@ static __latent_entropy struct task_struct *copy_process(
return ERR_PTR(-EINVAL); return ERR_PTR(-EINVAL);
} }
retval = security_task_create(clone_flags);
if (retval)
goto fork_out;
retval = -ENOMEM; retval = -ENOMEM;
p = dup_task_struct(current, node); p = dup_task_struct(current, node);
if (!p) if (!p)

5
security/security.c
View File

@ -979,11 +979,6 @@ int security_file_open(struct file *file, const struct cred *cred)
return fsnotify_perm(file, MAY_OPEN); return fsnotify_perm(file, MAY_OPEN);
} }
int security_task_create(unsigned long clone_flags)
{
return call_int_hook(task_create, 0, clone_flags);
}
int security_task_alloc(struct task_struct *task, unsigned long clone_flags) int security_task_alloc(struct task_struct *task, unsigned long clone_flags)
{ {
return call_int_hook(task_alloc, 0, task, clone_flags); return call_int_hook(task_alloc, 0, task, clone_flags);