security: remove dead hook key_session_to_parent

Unused hook. Remove. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
2010-04-07 15:15:19 -04:00 · 2010-04-07 15:15:19 -04:00 · 3011a344cd
--- a/include/linux/security.h
+++ b/include/linux/security.h
@ -1067,13 +1067,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
 *	Return the length of the string (including terminating NUL) or -ve if
 *      an error.
 *	May also return 0 (and a NULL buffer pointer) if there is no label.
- * @key_session_to_parent:
- *	Forcibly assign the session keyring from a process to its parent
- *	process.
- *	@cred: Pointer to process's credentials
- *	@parent_cred: Pointer to parent process's credentials
- *	@keyring: Proposed new session keyring
- *	Return 0 if permission is granted, -ve error otherwise.
 *
 * Security hooks affecting all System V IPC operations.
 *
@ -1642,9 +1635,6 @@ struct security_operations {
 			       const struct cred *cred,
 			       key_perm_t perm);
 	int (*key_getsecurity)(struct key *key, char **_buffer);
-	int (*key_session_to_parent)(const struct cred *cred,
-				     const struct cred *parent_cred,
-				     struct key *key);
 #endif	/* CONFIG_KEYS */

 #ifdef CONFIG_AUDIT
@ -2918,9 +2908,6 @@ void security_key_free(struct key *key);
 int security_key_permission(key_ref_t key_ref,
 			    const struct cred *cred, key_perm_t perm);
 int security_key_getsecurity(struct key *key, char **_buffer);
-int security_key_session_to_parent(const struct cred *cred,
-				   const struct cred *parent_cred,
-				   struct key *key);

 #else

@ -2948,13 +2935,6 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer)
 	return 0;
 }

-static inline int security_key_session_to_parent(const struct cred *cred,
-						 const struct cred *parent_cred,
-						 struct key *key)
-{
-	return 0;
-}
-
 #endif
 #endif /* CONFIG_KEYS */

--- a/security/capability.c
+++ b/security/capability.c
@ -826,13 +826,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer)
 	return 0;
 }

-static int cap_key_session_to_parent(const struct cred *cred,
-				     const struct cred *parent_cred,
-				     struct key *key)
-{
-	return 0;
-}
-
 #endif /* CONFIG_KEYS */

 #ifdef CONFIG_AUDIT
@ -1053,7 +1046,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, key_free);
 	set_to_cap_if_null(ops, key_permission);
 	set_to_cap_if_null(ops, key_getsecurity);
-	set_to_cap_if_null(ops, key_session_to_parent);
 #endif	/* CONFIG_KEYS */
 #ifdef CONFIG_AUDIT
 	set_to_cap_if_null(ops, audit_rule_init);
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@ -1295,13 +1295,6 @@ long keyctl_session_to_parent(void)
 	    mycred->tgcred->session_keyring->uid != mycred->euid)
 		goto not_permitted;

-	/* the LSM must permit the replacement of the parent's keyring with the
-	 * keyring from this process */
-	ret = security_key_session_to_parent(mycred, pcred,
-					     key_ref_to_ptr(keyring_r));
-	if (ret < 0)
-		goto not_permitted;
-
 	/* if there's an already pending keyring replacement, then we replace
 	 * that */
 	oldcred = parent->replacement_session_keyring;
--- a/security/security.c
+++ b/security/security.c
@ -1262,13 +1262,6 @@ int security_key_getsecurity(struct key *key, char **_buffer)
 	return security_ops->key_getsecurity(key, _buffer);
 }

-int security_key_session_to_parent(const struct cred *cred,
-				   const struct cred *parent_cred,
-				   struct key *key)
-{
-	return security_ops->key_session_to_parent(cred, parent_cred, key);
-}
-
 #endif	/* CONFIG_KEYS */

 #ifdef CONFIG_AUDIT