[PATCH] remove the inode_post_link and inode_post_rename LSM hooks

This patch removes the inode_post_link and inode_post_rename LSM hooks as
they are unused (and likely useless).

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/fs/namei.c b/fs/namei.c
index 993a65a7d57075b75bb10494625ac512cfca3bbe..21d85f1ac8395f82376e2dd5073494d568080e78 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2012,10 +2012,8 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de
        DQUOT_INIT(dir);
        error = dir->i_op->link(old_dentry, dir, new_dentry);
        up(&old_dentry->d_inode->i_sem);
-       if (!error) {
+       if (!error)
                fsnotify_create(dir, new_dentry->d_name.name);
-               security_inode_post_link(old_dentry, dir, new_dentry);
-       }
        return error;
 }
 
@@ -2134,11 +2132,8 @@ static int vfs_rename_dir(struct inode *old_dir, struct dentry *old_dentry,
                        d_rehash(new_dentry);
                dput(new_dentry);
        }
-       if (!error) {
+       if (!error)
                d_move(old_dentry,new_dentry);
-               security_inode_post_rename(old_dir, old_dentry,
-                                          new_dir, new_dentry);
-       }
        return error;
 }
 
@@ -2164,7 +2159,6 @@ static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry,
                /* The following d_move() should become unconditional */
                if (!(old_dir->i_sb->s_type->fs_flags & FS_ODD_RENAME))
                        d_move(old_dentry, new_dentry);
-               security_inode_post_rename(old_dir, old_dentry, new_dir, new_dentry);
        }
        if (target)
                up(&target->i_sem);

diff --git a/include/linux/security.h b/include/linux/security.h
index 875225bf8986e8288d85745f0f1f3f2a5684ed5f..55b02e1c73f418696cdbe49f5080985133934e55 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -281,11 +281,6 @@ struct swap_info_struct;
  *     @dir contains the inode structure of the parent directory of the new link.
  *     @new_dentry contains the dentry structure for the new link.
  *     Return 0 if permission is granted.
- * @inode_post_link:
- *     Set security attributes for a new hard link to a file.
- *     @old_dentry contains the dentry structure for the existing link.
- *     @dir contains the inode structure of the parent directory of the new file.
- *     @new_dentry contains the dentry structure for the new file link.
  * @inode_unlink:
  *     Check the permission to remove a hard link to a file. 
  *     @dir contains the inode structure of parent directory of the file.
@@ -326,12 +321,6 @@ struct swap_info_struct;
  *     @new_dir contains the inode structure for parent of the new link.
  *     @new_dentry contains the dentry structure of the new link.
  *     Return 0 if permission is granted.
- * @inode_post_rename:
- *     Set security attributes on a renamed file or directory.
- *     @old_dir contains the inode structure for parent of the old link.
- *     @old_dentry contains the dentry structure of the old link.
- *     @new_dir contains the inode structure for parent of the new link.
- *     @new_dentry contains the dentry structure of the new link.
  * @inode_readlink:
  *     Check the permission to read the symbolic link.
  *     @dentry contains the dentry structure for the file link.
@@ -1080,8 +1069,6 @@ struct security_operations {
                             struct dentry *dentry, int mode);
        int (*inode_link) (struct dentry *old_dentry,
                           struct inode *dir, struct dentry *new_dentry);
-       void (*inode_post_link) (struct dentry *old_dentry,
-                                struct inode *dir, struct dentry *new_dentry);
        int (*inode_unlink) (struct inode *dir, struct dentry *dentry);
        int (*inode_symlink) (struct inode *dir,
                              struct dentry *dentry, const char *old_name);
@@ -1091,10 +1078,6 @@ struct security_operations {
                            int mode, dev_t dev);
        int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry,
                             struct inode *new_dir, struct dentry *new_dentry);
-       void (*inode_post_rename) (struct inode *old_dir,
-                                  struct dentry *old_dentry,
-                                  struct inode *new_dir,
-                                  struct dentry *new_dentry);
        int (*inode_readlink) (struct dentry *dentry);
        int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
        int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd);
@@ -1459,15 +1442,6 @@ static inline int security_inode_link (struct dentry *old_dentry,
        return security_ops->inode_link (old_dentry, dir, new_dentry);
 }
 
-static inline void security_inode_post_link (struct dentry *old_dentry,
-                                            struct inode *dir,
-                                            struct dentry *new_dentry)
-{
-       if (new_dentry->d_inode && unlikely (IS_PRIVATE (new_dentry->d_inode)))
-               return;
-       security_ops->inode_post_link (old_dentry, dir, new_dentry);
-}
-
 static inline int security_inode_unlink (struct inode *dir,
                                         struct dentry *dentry)
 {
@@ -1523,18 +1497,6 @@ static inline int security_inode_rename (struct inode *old_dir,
                                           new_dir, new_dentry);
 }
 
-static inline void security_inode_post_rename (struct inode *old_dir,
-                                              struct dentry *old_dentry,
-                                              struct inode *new_dir,
-                                              struct dentry *new_dentry)
-{
-       if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
-           (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
-               return;
-       security_ops->inode_post_rename (old_dir, old_dentry,
-                                               new_dir, new_dentry);
-}
-
 static inline int security_inode_readlink (struct dentry *dentry)
 {
        if (unlikely (IS_PRIVATE (dentry->d_inode)))
@@ -2157,11 +2119,6 @@ static inline int security_inode_link (struct dentry *old_dentry,
        return 0;
 }
 
-static inline void security_inode_post_link (struct dentry *old_dentry,
-                                            struct inode *dir,
-                                            struct dentry *new_dentry)
-{ }
-
 static inline int security_inode_unlink (struct inode *dir,
                                         struct dentry *dentry)
 {
@@ -2203,12 +2160,6 @@ static inline int security_inode_rename (struct inode *old_dir,
        return 0;
 }
 
-static inline void security_inode_post_rename (struct inode *old_dir,
-                                              struct dentry *old_dentry,
-                                              struct inode *new_dir,
-                                              struct dentry *new_dentry)
-{ }
-
 static inline int security_inode_readlink (struct dentry *dentry)
 {
        return 0;

diff --git a/security/dummy.c b/security/dummy.c
index 5083314e14b1d8c09a77a0e10f5590515d77f2aa..9623a61dfc763df8511c6d515aac2705454ce64c 100644 (file)
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -276,13 +276,6 @@ static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode,
        return 0;
 }
 
-static void dummy_inode_post_link (struct dentry *old_dentry,
-                                  struct inode *inode,
-                                  struct dentry *new_dentry)
-{
-       return;
-}
-
 static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry)
 {
        return 0;
@@ -319,14 +312,6 @@ static int dummy_inode_rename (struct inode *old_inode,
        return 0;
 }
 
-static void dummy_inode_post_rename (struct inode *old_inode,
-                                    struct dentry *old_dentry,
-                                    struct inode *new_inode,
-                                    struct dentry *new_dentry)
-{
-       return;
-}
-
 static int dummy_inode_readlink (struct dentry *dentry)
 {
        return 0;
@@ -871,14 +856,12 @@ void security_fixup_ops (struct security_operations *ops)
        set_to_dummy_if_null(ops, inode_init_security);
        set_to_dummy_if_null(ops, inode_create);
        set_to_dummy_if_null(ops, inode_link);
-       set_to_dummy_if_null(ops, inode_post_link);
        set_to_dummy_if_null(ops, inode_unlink);
        set_to_dummy_if_null(ops, inode_symlink);
        set_to_dummy_if_null(ops, inode_mkdir);
        set_to_dummy_if_null(ops, inode_rmdir);
        set_to_dummy_if_null(ops, inode_mknod);
        set_to_dummy_if_null(ops, inode_rename);
-       set_to_dummy_if_null(ops, inode_post_rename);
        set_to_dummy_if_null(ops, inode_readlink);
        set_to_dummy_if_null(ops, inode_follow_link);
        set_to_dummy_if_null(ops, inode_permission);

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c9c20828be7983c82030f6b50bc63b2f71be3731..3f0b533be92c7b8f0ca29c7bcbea3e1b27dbca80 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2009,11 +2009,6 @@ static int selinux_inode_link(struct dentry *old_dentry, struct inode *dir, stru
        return may_link(dir, old_dentry, MAY_LINK);
 }
 
-static void selinux_inode_post_link(struct dentry *old_dentry, struct inode *inode, struct dentry *new_dentry)
-{
-       return;
-}
-
 static int selinux_inode_unlink(struct inode *dir, struct dentry *dentry)
 {
        int rc;
@@ -2056,12 +2051,6 @@ static int selinux_inode_rename(struct inode *old_inode, struct dentry *old_dent
        return may_rename(old_inode, old_dentry, new_inode, new_dentry);
 }
 
-static void selinux_inode_post_rename(struct inode *old_inode, struct dentry *old_dentry,
-                                      struct inode *new_inode, struct dentry *new_dentry)
-{
-       return;
-}
-
 static int selinux_inode_readlink(struct dentry *dentry)
 {
        return dentry_has_perm(current, NULL, dentry, FILE__READ);
@@ -4257,14 +4246,12 @@ static struct security_operations selinux_ops = {
        .inode_init_security =          selinux_inode_init_security,
        .inode_create =                 selinux_inode_create,
        .inode_link =                   selinux_inode_link,
-       .inode_post_link =              selinux_inode_post_link,
        .inode_unlink =                 selinux_inode_unlink,
        .inode_symlink =                selinux_inode_symlink,
        .inode_mkdir =                  selinux_inode_mkdir,
        .inode_rmdir =                  selinux_inode_rmdir,
        .inode_mknod =                  selinux_inode_mknod,
        .inode_rename =                 selinux_inode_rename,
-       .inode_post_rename =            selinux_inode_post_rename,
        .inode_readlink =               selinux_inode_readlink,
        .inode_follow_link =            selinux_inode_follow_link,
        .inode_permission =             selinux_inode_permission,