diff options
author | Karol Lewandowski <k.lewandowsk@samsung.com> | 2016-06-23 15:02:50 +0200 |
---|---|---|
committer | Seung-Woo Kim <sw0312.kim@samsung.com> | 2016-12-14 13:52:20 +0900 |
commit | 6d83e3d703f7464ccd12b78c5b3e9041be24ea8c (patch) | |
tree | 091ce555339a4dac9a7acfc14c618a27d338a478 /include | |
parent | c170bbb6cff411fb98f5624bde8e227fa32fcdc5 (diff) |
kdbus: Remove kdbus Linux Security Module hooks
This commit removes support for kdbus-LSM hooks as policy decisions
are handled solely by userspace (libdbuspolicy library). This commit
reverts following:
- 802de9506 ("lsm: smack: smack callbacks for kdbus security hooks")
- f13b7e7bd ("kdbus: use LSM hooks in kdbus code")
- 067afa709 ("lsm: smack: Make ipc/kdbus includes visible so smack callbacks could see them")
- 442f047fd ("lsm: make security_file_receive available for external modules")
- 3b556db4b ("lsm: kdbus security hooks")
Change-Id: Iae90cdb9577a9e706288b28d70bd57574398276e
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/security.h | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index f089395fa18a..5d45b4fd91d2 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -53,7 +53,6 @@ struct msg_queue; struct xattr; struct xfrm_sec_ctx; struct mm_struct; -struct kdbus_conn; /* Maximum number of letters for an LSM name string */ #define SECURITY_NAME_MAX 10 @@ -1456,20 +1455,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @inode we wish to get the security context of. * @ctx is a pointer in which to place the allocated security context. * @ctxlen points to the place to put the length of @ctx. - * - * Security hooks for kdbus - * - * @kdbus_conn_alloc: - * Allocate and initialize security related part of kdbus connection. - * Return 0 on success. - * - * @kdbus_conn_free: - * Deallocate security related part of kdbus connection. - * - * @kdbus_talk: - * Check if peers can talk to each other. - * Return 0 if permission is granted. - * * This is the main security structure. */ struct security_operations { @@ -1687,13 +1672,6 @@ struct security_operations { int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen); int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen); -#ifdef CONFIG_KDBUS - int (*kdbus_conn_alloc)(struct kdbus_conn *conn); - void (*kdbus_conn_free)(struct kdbus_conn *conn); - int (*kdbus_talk)(const struct kdbus_conn *src, - const struct kdbus_conn *dst); -#endif /* CONFIG_KDBUS */ - #ifdef CONFIG_SECURITY_NETWORK int (*unix_stream_connect) (struct sock *sock, struct sock *other, struct sock *newsk); int (*unix_may_send) (struct socket *sock, struct socket *other); @@ -3116,34 +3094,6 @@ static inline int security_path_chroot(struct path *path) } #endif /* CONFIG_SECURITY_PATH */ -#ifdef CONFIG_KDBUS -#ifdef CONFIG_SECURITY - -int security_kdbus_conn_alloc(struct kdbus_conn *conn); -void security_kdbus_conn_free(struct kdbus_conn *conn); -int security_kdbus_talk(const struct kdbus_conn *src, - const struct kdbus_conn *dst); - -#else /* CONFIG_SECURITY */ - -static inline int security_kdbus_conn_alloc(struct kdbus_conn *conn) -{ - return 0; -} - -static inline void security_kdbus_conn_free(struct kdbus_conn *conn) -{ -} - -static inline int security_kdbus_talk(const struct kdbus_conn *src, - const struct kdbus_conn *dst) -{ - return 0; -} - -#endif /* CONFIG_SECURITY */ -#endif /* CONFIG_KDBUS */ - #ifdef CONFIG_KEYS #ifdef CONFIG_SECURITY |