From c656ae95d1c5c8ed5763356263ace2d03087efec Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Fri, 20 Nov 2009 09:24:19 -0800 Subject: security/tomoyo: Remove now unnecessary handling of security_sysctl. Now that sys_sysctl is an emulation on top of proc sys all sysctl operations look like normal filesystem operations and we don't need to use the special sysctl hook to authenticate them. Acked-by: Tetsuo Handa Signed-off-by: Eric W. Biederman --- security/tomoyo/file.c | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'security/tomoyo/file.c') diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 5ae3a571559..8346938809b 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c @@ -1095,27 +1095,6 @@ static int tomoyo_check_single_path_permission2(struct tomoyo_domain_info * return error; } -/** - * tomoyo_check_file_perm - Check permission for sysctl()'s "read" and "write". - * - * @domain: Pointer to "struct tomoyo_domain_info". - * @filename: Filename to check. - * @perm: Mode ("read" or "write" or "read/write"). - * Returns 0 on success, negative value otherwise. - */ -int tomoyo_check_file_perm(struct tomoyo_domain_info *domain, - const char *filename, const u8 perm) -{ - struct tomoyo_path_info name; - const u8 mode = tomoyo_check_flags(domain, TOMOYO_MAC_FOR_FILE); - - if (!mode) - return 0; - name.name = filename; - tomoyo_fill_path_info(&name); - return tomoyo_check_file_perm2(domain, &name, perm, "sysctl", mode); -} - /** * tomoyo_check_exec_perm - Check permission for "execute". * -- cgit v1.2.3-70-g09d2