diff options
author | H. Peter Anvin <hpa@zytor.com> | 2007-12-29 16:20:25 -0800 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-01-25 11:29:50 +1100 |
commit | bced95283e9434611cbad8f2ff903cd396eaea72 (patch) | |
tree | 5d56afc7a5f239ebc53a1800a508f16b8d8701b0 /security | |
parent | 42d7896ebc5f7268b1fe6bbd20f2282e20ae7895 (diff) | |
download | kernel_goldelico_gta04-bced95283e9434611cbad8f2ff903cd396eaea72.zip kernel_goldelico_gta04-bced95283e9434611cbad8f2ff903cd396eaea72.tar.gz kernel_goldelico_gta04-bced95283e9434611cbad8f2ff903cd396eaea72.tar.bz2 |
security: remove security_sb_post_mountroot hook
The security_sb_post_mountroot() hook is long-since obsolete, and is
fundamentally broken: it is never invoked if someone uses initramfs.
This is particularly damaging, because the existence of this hook has
been used as motivation for not using initramfs.
Stephen Smalley confirmed on 2007-07-19 that this hook was originally
used by SELinux but can now be safely removed:
http://marc.info/?l=linux-kernel&m=118485683612916&w=2
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: James Morris <jmorris@namei.org>
Cc: Eric Paris <eparis@parisplace.org>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/dummy.c | 6 | ||||
-rw-r--r-- | security/security.c | 5 |
2 files changed, 0 insertions, 11 deletions
diff --git a/security/dummy.c b/security/dummy.c index a3b29d0..8e34e03 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -225,11 +225,6 @@ static void dummy_sb_post_remount (struct vfsmount *mnt, unsigned long flags, } -static void dummy_sb_post_mountroot (void) -{ - return; -} - static void dummy_sb_post_addmount (struct vfsmount *mnt, struct nameidata *nd) { return; @@ -1017,7 +1012,6 @@ void security_fixup_ops (struct security_operations *ops) set_to_dummy_if_null(ops, sb_umount_close); set_to_dummy_if_null(ops, sb_umount_busy); set_to_dummy_if_null(ops, sb_post_remount); - set_to_dummy_if_null(ops, sb_post_mountroot); set_to_dummy_if_null(ops, sb_post_addmount); set_to_dummy_if_null(ops, sb_pivotroot); set_to_dummy_if_null(ops, sb_post_pivotroot); diff --git a/security/security.c b/security/security.c index b13b54f..5068808 100644 --- a/security/security.c +++ b/security/security.c @@ -288,11 +288,6 @@ void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *d security_ops->sb_post_remount(mnt, flags, data); } -void security_sb_post_mountroot(void) -{ - security_ops->sb_post_mountroot(); -} - void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd) { security_ops->sb_post_addmount(mnt, mountpoint_nd); |