summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/namespace.c5
-rw-r--r--include/linux/security.h14
-rw-r--r--security/capability.c6
-rw-r--r--security/security.c5
4 files changed, 0 insertions, 30 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 8174c8ab5c70..c1d0d877bab7 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1435,11 +1435,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path)
if (IS_DEADDIR(path->dentry->d_inode))
goto out_unlock;
- err = security_sb_check_sb(mnt, path);
- if (err)
- goto out_unlock;
-
- err = -ENOENT;
if (!d_unlinked(path->dentry))
err = attach_recursive_mnt(mnt, path, NULL);
out_unlock:
diff --git a/include/linux/security.h b/include/linux/security.h
index 233d20b52c1b..9ebd2e411d2d 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -267,12 +267,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
* @orig the original mount data copied from userspace.
* @copy copied data which will be passed to the security module.
* Returns 0 if the copy was successful.
- * @sb_check_sb:
- * Check permission before the device with superblock @mnt->sb is mounted
- * on the mount point named by @nd.
- * @mnt contains the vfsmount for device being mounted.
- * @path contains the path for the mount point.
- * Return 0 if permission is granted.
* @sb_umount:
* Check permission before the @mnt file system is unmounted.
* @mnt contains the mounted file system.
@@ -1484,7 +1478,6 @@ struct security_operations {
int (*sb_statfs) (struct dentry *dentry);
int (*sb_mount) (char *dev_name, struct path *path,
char *type, unsigned long flags, void *data);
- int (*sb_check_sb) (struct vfsmount *mnt, struct path *path);
int (*sb_umount) (struct vfsmount *mnt, int flags);
void (*sb_umount_close) (struct vfsmount *mnt);
void (*sb_umount_busy) (struct vfsmount *mnt);
@@ -1783,7 +1776,6 @@ int security_sb_show_options(struct seq_file *m, struct super_block *sb);
int security_sb_statfs(struct dentry *dentry);
int security_sb_mount(char *dev_name, struct path *path,
char *type, unsigned long flags, void *data);
-int security_sb_check_sb(struct vfsmount *mnt, struct path *path);
int security_sb_umount(struct vfsmount *mnt, int flags);
void security_sb_umount_close(struct vfsmount *mnt);
void security_sb_umount_busy(struct vfsmount *mnt);
@@ -2099,12 +2091,6 @@ static inline int security_sb_mount(char *dev_name, struct path *path,
return 0;
}
-static inline int security_sb_check_sb(struct vfsmount *mnt,
- struct path *path)
-{
- return 0;
-}
-
static inline int security_sb_umount(struct vfsmount *mnt, int flags)
{
return 0;
diff --git a/security/capability.c b/security/capability.c
index 4875142b858d..a7e905d8f1d3 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -80,11 +80,6 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type,
return 0;
}
-static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path)
-{
- return 0;
-}
-
static int cap_sb_umount(struct vfsmount *mnt, int flags)
{
return 0;
@@ -941,7 +936,6 @@ void security_fixup_ops(struct security_operations *ops)
set_to_cap_if_null(ops, sb_show_options);
set_to_cap_if_null(ops, sb_statfs);
set_to_cap_if_null(ops, sb_mount);
- set_to_cap_if_null(ops, sb_check_sb);
set_to_cap_if_null(ops, sb_umount);
set_to_cap_if_null(ops, sb_umount_close);
set_to_cap_if_null(ops, sb_umount_busy);
diff --git a/security/security.c b/security/security.c
index b98334b0a576..a0bee70ed4b6 100644
--- a/security/security.c
+++ b/security/security.c
@@ -306,11 +306,6 @@ int security_sb_mount(char *dev_name, struct path *path,
return security_ops->sb_mount(dev_name, path, type, flags, data);
}
-int security_sb_check_sb(struct vfsmount *mnt, struct path *path)
-{
- return security_ops->sb_check_sb(mnt, path);
-}
-
int security_sb_umount(struct vfsmount *mnt, int flags)
{
return security_ops->sb_umount(mnt, flags);