Commit 3011a344 authored by Eric Paris's avatar Eric Paris Committed by James Morris

security: remove dead hook key_session_to_parent

Unused hook.  Remove.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 6307f8fe
...@@ -1067,13 +1067,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) ...@@ -1067,13 +1067,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
* Return the length of the string (including terminating NUL) or -ve if * Return the length of the string (including terminating NUL) or -ve if
* an error. * an error.
* May also return 0 (and a NULL buffer pointer) if there is no label. * May also return 0 (and a NULL buffer pointer) if there is no label.
* @key_session_to_parent:
* Forcibly assign the session keyring from a process to its parent
* process.
* @cred: Pointer to process's credentials
* @parent_cred: Pointer to parent process's credentials
* @keyring: Proposed new session keyring
* Return 0 if permission is granted, -ve error otherwise.
* *
* Security hooks affecting all System V IPC operations. * Security hooks affecting all System V IPC operations.
* *
...@@ -1642,9 +1635,6 @@ struct security_operations { ...@@ -1642,9 +1635,6 @@ struct security_operations {
const struct cred *cred, const struct cred *cred,
key_perm_t perm); key_perm_t perm);
int (*key_getsecurity)(struct key *key, char **_buffer); int (*key_getsecurity)(struct key *key, char **_buffer);
int (*key_session_to_parent)(const struct cred *cred,
const struct cred *parent_cred,
struct key *key);
#endif /* CONFIG_KEYS */ #endif /* CONFIG_KEYS */
#ifdef CONFIG_AUDIT #ifdef CONFIG_AUDIT
...@@ -2918,9 +2908,6 @@ void security_key_free(struct key *key); ...@@ -2918,9 +2908,6 @@ void security_key_free(struct key *key);
int security_key_permission(key_ref_t key_ref, int security_key_permission(key_ref_t key_ref,
const struct cred *cred, key_perm_t perm); const struct cred *cred, key_perm_t perm);
int security_key_getsecurity(struct key *key, char **_buffer); int security_key_getsecurity(struct key *key, char **_buffer);
int security_key_session_to_parent(const struct cred *cred,
const struct cred *parent_cred,
struct key *key);
#else #else
...@@ -2948,13 +2935,6 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) ...@@ -2948,13 +2935,6 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer)
return 0; return 0;
} }
static inline int security_key_session_to_parent(const struct cred *cred,
const struct cred *parent_cred,
struct key *key)
{
return 0;
}
#endif #endif
#endif /* CONFIG_KEYS */ #endif /* CONFIG_KEYS */
......
...@@ -826,13 +826,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer) ...@@ -826,13 +826,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer)
return 0; return 0;
} }
static int cap_key_session_to_parent(const struct cred *cred,
const struct cred *parent_cred,
struct key *key)
{
return 0;
}
#endif /* CONFIG_KEYS */ #endif /* CONFIG_KEYS */
#ifdef CONFIG_AUDIT #ifdef CONFIG_AUDIT
...@@ -1053,7 +1046,6 @@ void security_fixup_ops(struct security_operations *ops) ...@@ -1053,7 +1046,6 @@ void security_fixup_ops(struct security_operations *ops)
set_to_cap_if_null(ops, key_free); set_to_cap_if_null(ops, key_free);
set_to_cap_if_null(ops, key_permission); set_to_cap_if_null(ops, key_permission);
set_to_cap_if_null(ops, key_getsecurity); set_to_cap_if_null(ops, key_getsecurity);
set_to_cap_if_null(ops, key_session_to_parent);
#endif /* CONFIG_KEYS */ #endif /* CONFIG_KEYS */
#ifdef CONFIG_AUDIT #ifdef CONFIG_AUDIT
set_to_cap_if_null(ops, audit_rule_init); set_to_cap_if_null(ops, audit_rule_init);
......
...@@ -1295,13 +1295,6 @@ long keyctl_session_to_parent(void) ...@@ -1295,13 +1295,6 @@ long keyctl_session_to_parent(void)
mycred->tgcred->session_keyring->uid != mycred->euid) mycred->tgcred->session_keyring->uid != mycred->euid)
goto not_permitted; goto not_permitted;
/* the LSM must permit the replacement of the parent's keyring with the
* keyring from this process */
ret = security_key_session_to_parent(mycred, pcred,
key_ref_to_ptr(keyring_r));
if (ret < 0)
goto not_permitted;
/* if there's an already pending keyring replacement, then we replace /* if there's an already pending keyring replacement, then we replace
* that */ * that */
oldcred = parent->replacement_session_keyring; oldcred = parent->replacement_session_keyring;
......
...@@ -1262,13 +1262,6 @@ int security_key_getsecurity(struct key *key, char **_buffer) ...@@ -1262,13 +1262,6 @@ int security_key_getsecurity(struct key *key, char **_buffer)
return security_ops->key_getsecurity(key, _buffer); return security_ops->key_getsecurity(key, _buffer);
} }
int security_key_session_to_parent(const struct cred *cred,
const struct cred *parent_cred,
struct key *key)
{
return security_ops->key_session_to_parent(cred, parent_cred, key);
}
#endif /* CONFIG_KEYS */ #endif /* CONFIG_KEYS */
#ifdef CONFIG_AUDIT #ifdef CONFIG_AUDIT
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment