diff --git a/fs/namespace.c b/fs/namespace.c index 7a0c9ce62bed..c36785a2fd86 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -2265,7 +2265,6 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root, touch_mnt_namespace(current->nsproxy->mnt_ns); spin_unlock(&vfsmount_lock); chroot_fs_refs(&root, &new); - security_sb_post_pivotroot(&root, &new); error = 0; path_put(&root_parent); path_put(&parent_path); diff --git a/include/linux/security.h b/include/linux/security.h index a42d733086a1..4de5bbb39052 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -277,10 +277,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @old_path contains the path for the new location of the current root (put_old). * @new_path contains the path for the new root (new_root). * Return 0 if permission is granted. - * @sb_post_pivotroot: - * Update module state after a successful pivot. - * @old_path contains the path for the old root. - * @new_path contains the path for the new root. * @sb_set_mnt_opts: * Set the security relevant mount options used for a superblock * @sb the superblock to set security mount options for @@ -1458,8 +1454,6 @@ struct security_operations { int (*sb_umount) (struct vfsmount *mnt, int flags); int (*sb_pivotroot) (struct path *old_path, struct path *new_path); - void (*sb_post_pivotroot) (struct path *old_path, - struct path *new_path); int (*sb_set_mnt_opts) (struct super_block *sb, struct security_mnt_opts *opts); void (*sb_clone_mnt_opts) (const struct super_block *oldsb, @@ -1749,7 +1743,6 @@ int security_sb_mount(char *dev_name, struct path *path, char *type, unsigned long flags, void *data); int security_sb_umount(struct vfsmount *mnt, int flags); int security_sb_pivotroot(struct path *old_path, struct path *new_path); -void security_sb_post_pivotroot(struct path *old_path, struct path *new_path); int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts); void security_sb_clone_mnt_opts(const struct super_block *oldsb, struct super_block *newsb); @@ -2069,10 +2062,6 @@ static inline int security_sb_pivotroot(struct path *old_path, return 0; } -static inline void security_sb_post_pivotroot(struct path *old_path, - struct path *new_path) -{ } - static inline int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) { diff --git a/security/capability.c b/security/capability.c index 38752ddf69d7..b64b50105a04 100644 --- a/security/capability.c +++ b/security/capability.c @@ -90,10 +90,6 @@ static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) return 0; } -static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path) -{ -} - static int cap_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) { @@ -921,7 +917,6 @@ void security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, sb_mount); set_to_cap_if_null(ops, sb_umount); set_to_cap_if_null(ops, sb_pivotroot); - set_to_cap_if_null(ops, sb_post_pivotroot); set_to_cap_if_null(ops, sb_set_mnt_opts); set_to_cap_if_null(ops, sb_clone_mnt_opts); set_to_cap_if_null(ops, sb_parse_opts_str); diff --git a/security/security.c b/security/security.c index 6a8e5411d7a0..5223fa408271 100644 --- a/security/security.c +++ b/security/security.c @@ -316,11 +316,6 @@ int security_sb_pivotroot(struct path *old_path, struct path *new_path) return security_ops->sb_pivotroot(old_path, new_path); } -void security_sb_post_pivotroot(struct path *old_path, struct path *new_path) -{ - security_ops->sb_post_pivotroot(old_path, new_path); -} - int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts) {