diff options
Diffstat (limited to 'security/apparmor/lsm.c')
-rw-r--r-- | security/apparmor/lsm.c | 112 |
1 files changed, 0 insertions, 112 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 4512cc6efb0..4ef02112ee1 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -32,7 +32,6 @@ #include "include/context.h" #include "include/file.h" #include "include/ipc.h" -#include "include/net.h" #include "include/path.h" #include "include/policy.h" #include "include/procattr.h" @@ -678,104 +677,6 @@ static int apparmor_task_setrlimit(struct task_struct *task, return error; } -static int apparmor_socket_create(int family, int type, int protocol, int kern) -{ - struct aa_profile *profile; - int error = 0; - - if (kern) - return 0; - - profile = __aa_current_profile(); - if (!unconfined(profile)) - error = aa_net_perm(OP_CREATE, profile, family, type, protocol, - NULL); - return error; -} - -static int apparmor_socket_bind(struct socket *sock, - struct sockaddr *address, int addrlen) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_BIND, sk); -} - -static int apparmor_socket_connect(struct socket *sock, - struct sockaddr *address, int addrlen) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_CONNECT, sk); -} - -static int apparmor_socket_listen(struct socket *sock, int backlog) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_LISTEN, sk); -} - -static int apparmor_socket_accept(struct socket *sock, struct socket *newsock) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_ACCEPT, sk); -} - -static int apparmor_socket_sendmsg(struct socket *sock, - struct msghdr *msg, int size) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_SENDMSG, sk); -} - -static int apparmor_socket_recvmsg(struct socket *sock, - struct msghdr *msg, int size, int flags) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_RECVMSG, sk); -} - -static int apparmor_socket_getsockname(struct socket *sock) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_GETSOCKNAME, sk); -} - -static int apparmor_socket_getpeername(struct socket *sock) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_GETPEERNAME, sk); -} - -static int apparmor_socket_getsockopt(struct socket *sock, int level, - int optname) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_GETSOCKOPT, sk); -} - -static int apparmor_socket_setsockopt(struct socket *sock, int level, - int optname) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_SETSOCKOPT, sk); -} - -static int apparmor_socket_shutdown(struct socket *sock, int how) -{ - struct sock *sk = sock->sk; - - return aa_revalidate_sk(OP_SOCK_SHUTDOWN, sk); -} - static struct security_operations apparmor_ops = { .name = "apparmor", @@ -811,19 +712,6 @@ static struct security_operations apparmor_ops = { .getprocattr = apparmor_getprocattr, .setprocattr = apparmor_setprocattr, - .socket_create = apparmor_socket_create, - .socket_bind = apparmor_socket_bind, - .socket_connect = apparmor_socket_connect, - .socket_listen = apparmor_socket_listen, - .socket_accept = apparmor_socket_accept, - .socket_sendmsg = apparmor_socket_sendmsg, - .socket_recvmsg = apparmor_socket_recvmsg, - .socket_getsockname = apparmor_socket_getsockname, - .socket_getpeername = apparmor_socket_getpeername, - .socket_getsockopt = apparmor_socket_getsockopt, - .socket_setsockopt = apparmor_socket_setsockopt, - .socket_shutdown = apparmor_socket_shutdown, - .cred_alloc_blank = apparmor_cred_alloc_blank, .cred_free = apparmor_cred_free, .cred_prepare = apparmor_cred_prepare, |