Commit 8afd8c8f authored by Casey Schaufler's avatar Casey Schaufler Committed by Paul Moore
Browse files

lsm: remove lsm_prop scaffolding 



Remove the scaffold member from the lsm_prop. Remove the
remaining places it is being set.

Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
[PM: subj line tweak]
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 05a344e5

include/linux/security.h

+0 −6
Original line number Diff line number Diff line
@@ -156,11 +156,6 @@ enum lockdown_reason { 
	LOCKDOWN_CONFIDENTIALITY_MAX,

};



/* scaffolding */

struct lsm_prop_scaffold {

	u32 secid;

};



/*

 * Data exported by the security modules

 */
@@ -169,7 +164,6 @@ struct lsm_prop { 
	struct lsm_prop_smack smack;

	struct lsm_prop_apparmor apparmor;

	struct lsm_prop_bpf bpf;

	struct lsm_prop_scaffold scaffold;

};



extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];

security/apparmor/audit.c

+1 −5
Original line number Diff line number Diff line
@@ -270,10 +270,6 @@ int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) 
	struct aa_label *label;

	int found = 0;



	/* scaffolding */

	if (!prop->apparmor.label && prop->scaffold.secid)

		label = aa_secid_to_label(prop->scaffold.secid);

	else

	label = prop->apparmor.label;



	if (!label)

security/apparmor/lsm.c

+0 −4
Original line number Diff line number Diff line
@@ -987,8 +987,6 @@ static void apparmor_current_getlsmprop_subj(struct lsm_prop *prop) 
	struct aa_label *label = __begin_current_label_crit_section();



	prop->apparmor.label = label;

	/* scaffolding */

	prop->scaffold.secid = label->secid;

	__end_current_label_crit_section(label);

}
@@ -998,8 +996,6 @@ static void apparmor_task_getlsmprop_obj(struct task_struct *p, 
	struct aa_label *label = aa_get_task_label(p);



	prop->apparmor.label = label;

	/* scaffolding */

	prop->scaffold.secid = label->secid;

	aa_put_label(label);

}

security/apparmor/secid.c

+1 −5
Original line number Diff line number Diff line
@@ -102,10 +102,6 @@ int apparmor_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata, 
{

	struct aa_label *label;



	/* scaffolding */

	if (!prop->apparmor.label && prop->scaffold.secid)

		label = aa_secid_to_label(prop->scaffold.secid);

	else

	label = prop->apparmor.label;



	return apparmor_label_to_secctx(label, secdata, seclen);

security/selinux/hooks.c

+1 −17
Original line number Diff line number Diff line
@@ -3508,8 +3508,6 @@ static void selinux_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop) 
	struct inode_security_struct *isec = inode_security_novalidate(inode);



	prop->selinux.secid = isec->sid;

	/* scaffolding */

	prop->scaffold.secid = isec->sid;

}



static int selinux_inode_copy_up(struct dentry *src, struct cred **new)
@@ -4040,8 +4038,6 @@ static void selinux_cred_getsecid(const struct cred *c, u32 *secid) 
static void selinux_cred_getlsmprop(const struct cred *c, struct lsm_prop *prop)

{

	prop->selinux.secid = cred_sid(c);

	/* scaffolding */

	prop->scaffold.secid = prop->selinux.secid;

}



/*
@@ -4182,16 +4178,12 @@ static int selinux_task_getsid(struct task_struct *p) 
static void selinux_current_getlsmprop_subj(struct lsm_prop *prop)

{

	prop->selinux.secid = current_sid();

	/* scaffolding */

	prop->scaffold.secid = prop->selinux.secid;

}



static void selinux_task_getlsmprop_obj(struct task_struct *p,

					struct lsm_prop *prop)

{

	prop->selinux.secid = task_sid_obj(p);

	/* scaffolding */

	prop->scaffold.secid = prop->selinux.secid;

}



static int selinux_task_setnice(struct task_struct *p, int nice)
@@ -6339,8 +6331,6 @@ static void selinux_ipc_getlsmprop(struct kern_ipc_perm *ipcp, 
{

	struct ipc_security_struct *isec = selinux_ipc(ipcp);

	prop->selinux.secid = isec->sid;

	/* scaffolding */

	prop->scaffold.secid = isec->sid;

}



static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode)
@@ -6625,13 +6615,7 @@ static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) 
static int selinux_lsmprop_to_secctx(struct lsm_prop *prop, char **secdata,

				     u32 *seclen)

{

	u32 secid = prop->selinux.secid;



	/* scaffolding */

	if (!secid)

		secid = prop->scaffold.secid;



	return selinux_secid_to_secctx(secid, secdata, seclen);

	return selinux_secid_to_secctx(prop->selinux.secid, secdata, seclen);

}



static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)