Revert "selinux: add a skb_owned_by() hook" (d3593b5c) · Commits · e / devices / android_kernel_fairphone_FP3

include/linux/security.h

+0 −8

Original line number	Diff line number	Diff line
		@@ -1716,7 +1716,6 @@ struct security_operations {
		int (tun_dev_attach_queue) (void security);
		int (tun_dev_attach) (struct sock sk, void *security);
		int (tun_dev_open) (void security);
		void (skb_owned_by) (struct sk_buff skb, struct sock *sk);
		#endif /* CONFIG_SECURITY_NETWORK */

		#ifdef CONFIG_SECURITY_NETWORK_XFRM
		@@ -2735,8 +2734,6 @@ int security_tun_dev_attach_queue(void *security);
		int security_tun_dev_attach(struct sock sk, void security);
		int security_tun_dev_open(void *security);

		void security_skb_owned_by(struct sk_buff skb, struct sock sk);

		#else /* CONFIG_SECURITY_NETWORK */
		static inline int security_unix_stream_connect(struct sock *sock,
		struct sock *other,
		@@ -2928,11 +2925,6 @@ static inline int security_tun_dev_open(void *security)
		{
		return 0;
		}

		static inline void security_skb_owned_by(struct sk_buff skb, struct sock sk)
		{
		}

		#endif /* CONFIG_SECURITY_NETWORK */

		#ifdef CONFIG_SECURITY_NETWORK_XFRM

+0 −1

Original line number	Diff line number	Diff line
		@@ -2926,7 +2926,6 @@ struct sk_buff tcp_make_synack(struct sock sk, struct dst_entry *dst,
		skb_reserve(skb, MAX_TCP_HEADER);

		skb_dst_set(skb, dst);
		security_skb_owned_by(skb, sk);

		mss = dst_metric_advmss(dst);
		if (tp->rx_opt.user_mss && tp->rx_opt.user_mss < mss)

+0 −6

Original line number	Diff line number	Diff line
		@@ -776,11 +776,6 @@ static int cap_tun_dev_open(void *security)
		{
		return 0;
		}

		static void cap_skb_owned_by(struct sk_buff skb, struct sock sk)
		{
		}

		#endif /* CONFIG_SECURITY_NETWORK */

		#ifdef CONFIG_SECURITY_NETWORK_XFRM
		@@ -1134,7 +1129,6 @@ void __init security_fixup_ops(struct security_operations *ops)
		set_to_cap_if_null(ops, tun_dev_open);
		set_to_cap_if_null(ops, tun_dev_attach_queue);
		set_to_cap_if_null(ops, tun_dev_attach);
		set_to_cap_if_null(ops, skb_owned_by);
		#endif /* CONFIG_SECURITY_NETWORK */
		#ifdef CONFIG_SECURITY_NETWORK_XFRM
		set_to_cap_if_null(ops, xfrm_policy_alloc_security);

+0 −5

Original line number	Diff line number	Diff line
		@@ -1359,11 +1359,6 @@ int security_tun_dev_open(void *security)
		}
		EXPORT_SYMBOL(security_tun_dev_open);

		void security_skb_owned_by(struct sk_buff skb, struct sock sk)
		{
		security_ops->skb_owned_by(skb, sk);
		}

		#endif /* CONFIG_SECURITY_NETWORK */

		#ifdef CONFIG_SECURITY_NETWORK_XFRM

+0 −7

Original line number	Diff line number	Diff line
		@@ -51,7 +51,6 @@
		#include <linux/tty.h>
		#include <net/icmp.h>
		#include <net/ip.h> /* for local_port_range[] */
		#include <net/sock.h>
		#include <net/tcp.h> /* struct or_callable used in sock_rcv_skb */
		#include <net/inet_connection_sock.h>
		#include <net/net_namespace.h>
		@@ -4652,11 +4651,6 @@ static void selinux_inet_conn_established(struct sock sk, struct sk_buff skb)
		selinux_skb_peerlbl_sid(skb, family, &sksec->peer_sid);
		}

		static void selinux_skb_owned_by(struct sk_buff skb, struct sock sk)
		{
		skb_set_owner_w(skb, sk);
		}

		static int selinux_secmark_relabel_packet(u32 sid)
		{
		const struct task_security_struct *__tsec;
		@@ -6041,7 +6035,6 @@ static struct security_operations selinux_ops = {
		.tun_dev_attach_queue = selinux_tun_dev_attach_queue,
		.tun_dev_attach = selinux_tun_dev_attach,
		.tun_dev_open = selinux_tun_dev_open,
		.skb_owned_by = selinux_skb_owned_by,

		#ifdef CONFIG_SECURITY_NETWORK_XFRM
		.xfrm_policy_alloc_security = selinux_xfrm_policy_alloc,