| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20231018105033.13669-3-michael.weiss@aisec.fraunhofer.de>
Date: Wed, 18 Oct 2023 12:50:21 +0200
From: Michael Weiß <michael.weiss@...ec.fraunhofer.de>
To: Alexander Mikhalitsyn <alexander@...alicyn.com>,
Christian Brauner <brauner@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Paul Moore <paul@...l-moore.com>
Cc: Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...gle.com>,
Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>,
Quentin Monnet <quentin@...valent.com>,
Alexander Viro <viro@...iv.linux.org.uk>,
Miklos Szeredi <miklos@...redi.hu>,
Amir Goldstein <amir73il@...il.com>,
"Serge E. Hallyn" <serge@...lyn.com>, bpf@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
gyroidos@...ec.fraunhofer.de,
Michael Weiß <michael.weiss@...ec.fraunhofer.de>
Subject: [RFC PATCH v2 02/14] vfs: Remove explicit devcgroup_inode calls
Since the new lsm-based cgroup device access control is settled,
the explicit calls to devcgroup_inode_permission and
devcgroup_inode_mknod in fs/namei.c are redundant and can safely
be dropped. The corresponding security_inode_permission and
security_inode_mknod hooks are taking over.
Signed-off-by: Michael Weiß <michael.weiss@...ec.fraunhofer.de>
---
fs/namei.c | 8 --------
1 file changed, 8 deletions(-)
diff --git a/fs/namei.c b/fs/namei.c
index 567ee547492b..f601fcbdc4d2 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -34,7 +34,6 @@
#include <linux/capability.h>
#include <linux/file.h>
#include <linux/fcntl.h>
-#include <linux/device_cgroup.h>
#include <linux/fs_struct.h>
#include <linux/posix_acl.h>
#include <linux/hash.h>
@@ -529,10 +528,6 @@ int inode_permission(struct mnt_idmap *idmap,
if (retval)
return retval;
- retval = devcgroup_inode_permission(inode, mask);
- if (retval)
- return retval;
-
return security_inode_permission(inode, mask);
}
EXPORT_SYMBOL(inode_permission);
@@ -3987,9 +3982,6 @@ int vfs_mknod(struct mnt_idmap *idmap, struct inode *dir,
return -EPERM;
mode = vfs_prepare_mode(idmap, dir, mode, mode, mode);
- error = devcgroup_inode_mknod(mode, dev);
- if (error)
- return error;
error = security_inode_mknod(dir, dentry, mode, dev);
if (error)
--
2.30.2
Powered by blists - more mailing lists