Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3011a344 authored by Eric Paris's avatar Eric Paris Committed by James Morris
Browse files

security: remove dead hook key_session_to_parent 



Unused hook.  Remove.

Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 6307f8fe

include/linux/security.h

+0 −20
Original line number Diff line number Diff line
@@ -1067,13 +1067,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) 
 *	Return the length of the string (including terminating NUL) or -ve if

 *      an error.

 *	May also return 0 (and a NULL buffer pointer) if there is no label.

 * @key_session_to_parent:

 *	Forcibly assign the session keyring from a process to its parent

 *	process.

 *	@cred: Pointer to process's credentials

 *	@parent_cred: Pointer to parent process's credentials

 *	@keyring: Proposed new session keyring

 *	Return 0 if permission is granted, -ve error otherwise.

 *

 * Security hooks affecting all System V IPC operations.

 *
@@ -1642,9 +1635,6 @@ struct security_operations { 
			       const struct cred *cred,

			       key_perm_t perm);

	int (*key_getsecurity)(struct key *key, char **_buffer);

	int (*key_session_to_parent)(const struct cred *cred,

				     const struct cred *parent_cred,

				     struct key *key);

#endif	/* CONFIG_KEYS */



#ifdef CONFIG_AUDIT
@@ -2918,9 +2908,6 @@ void security_key_free(struct key *key); 
int security_key_permission(key_ref_t key_ref,

			    const struct cred *cred, key_perm_t perm);

int security_key_getsecurity(struct key *key, char **_buffer);

int security_key_session_to_parent(const struct cred *cred,

				   const struct cred *parent_cred,

				   struct key *key);



#else
@@ -2948,13 +2935,6 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) 
	return 0;

}



static inline int security_key_session_to_parent(const struct cred *cred,

						 const struct cred *parent_cred,

						 struct key *key)

{

	return 0;

}



#endif

#endif /* CONFIG_KEYS */

security/capability.c

+0 −8
Original line number Diff line number Diff line
@@ -826,13 +826,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer) 
	return 0;

}



static int cap_key_session_to_parent(const struct cred *cred,

				     const struct cred *parent_cred,

				     struct key *key)

{

	return 0;

}



#endif /* CONFIG_KEYS */



#ifdef CONFIG_AUDIT
@@ -1053,7 +1046,6 @@ void security_fixup_ops(struct security_operations *ops) 
	set_to_cap_if_null(ops, key_free);

	set_to_cap_if_null(ops, key_permission);

	set_to_cap_if_null(ops, key_getsecurity);

	set_to_cap_if_null(ops, key_session_to_parent);

#endif	/* CONFIG_KEYS */

#ifdef CONFIG_AUDIT

	set_to_cap_if_null(ops, audit_rule_init);

security/keys/keyctl.c

+0 −7
Original line number Diff line number Diff line
@@ -1295,13 +1295,6 @@ long keyctl_session_to_parent(void) 
	    mycred->tgcred->session_keyring->uid != mycred->euid)

		goto not_permitted;



	/* the LSM must permit the replacement of the parent's keyring with the

	 * keyring from this process */

	ret = security_key_session_to_parent(mycred, pcred,

					     key_ref_to_ptr(keyring_r));

	if (ret < 0)

		goto not_permitted;



	/* if there's an already pending keyring replacement, then we replace

	 * that */

	oldcred = parent->replacement_session_keyring;

security/security.c

+0 −7
Original line number Diff line number Diff line
@@ -1262,13 +1262,6 @@ int security_key_getsecurity(struct key *key, char **_buffer) 
	return security_ops->key_getsecurity(key, _buffer);

}



int security_key_session_to_parent(const struct cred *cred,

				   const struct cred *parent_cred,

				   struct key *key)

{

	return security_ops->key_session_to_parent(cred, parent_cred, key);

}



#endif	/* CONFIG_KEYS */



#ifdef CONFIG_AUDIT