aboutsummaryrefslogtreecommitdiff
path: root/security/apparmor/lsm.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/apparmor/lsm.c')
-rw-r--r--security/apparmor/lsm.c112
1 files changed, 0 insertions, 112 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 4512cc6efb0..4ef02112ee1 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -32,7 +32,6 @@
#include "include/context.h"
#include "include/file.h"
#include "include/ipc.h"
-#include "include/net.h"
#include "include/path.h"
#include "include/policy.h"
#include "include/procattr.h"
@@ -678,104 +677,6 @@ static int apparmor_task_setrlimit(struct task_struct *task,
return error;
}
-static int apparmor_socket_create(int family, int type, int protocol, int kern)
-{
- struct aa_profile *profile;
- int error = 0;
-
- if (kern)
- return 0;
-
- profile = __aa_current_profile();
- if (!unconfined(profile))
- error = aa_net_perm(OP_CREATE, profile, family, type, protocol,
- NULL);
- return error;
-}
-
-static int apparmor_socket_bind(struct socket *sock,
- struct sockaddr *address, int addrlen)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_BIND, sk);
-}
-
-static int apparmor_socket_connect(struct socket *sock,
- struct sockaddr *address, int addrlen)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_CONNECT, sk);
-}
-
-static int apparmor_socket_listen(struct socket *sock, int backlog)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_LISTEN, sk);
-}
-
-static int apparmor_socket_accept(struct socket *sock, struct socket *newsock)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_ACCEPT, sk);
-}
-
-static int apparmor_socket_sendmsg(struct socket *sock,
- struct msghdr *msg, int size)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_SENDMSG, sk);
-}
-
-static int apparmor_socket_recvmsg(struct socket *sock,
- struct msghdr *msg, int size, int flags)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_RECVMSG, sk);
-}
-
-static int apparmor_socket_getsockname(struct socket *sock)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_GETSOCKNAME, sk);
-}
-
-static int apparmor_socket_getpeername(struct socket *sock)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_GETPEERNAME, sk);
-}
-
-static int apparmor_socket_getsockopt(struct socket *sock, int level,
- int optname)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_GETSOCKOPT, sk);
-}
-
-static int apparmor_socket_setsockopt(struct socket *sock, int level,
- int optname)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_SETSOCKOPT, sk);
-}
-
-static int apparmor_socket_shutdown(struct socket *sock, int how)
-{
- struct sock *sk = sock->sk;
-
- return aa_revalidate_sk(OP_SOCK_SHUTDOWN, sk);
-}
-
static struct security_operations apparmor_ops = {
.name = "apparmor",
@@ -811,19 +712,6 @@ static struct security_operations apparmor_ops = {
.getprocattr = apparmor_getprocattr,
.setprocattr = apparmor_setprocattr,
- .socket_create = apparmor_socket_create,
- .socket_bind = apparmor_socket_bind,
- .socket_connect = apparmor_socket_connect,
- .socket_listen = apparmor_socket_listen,
- .socket_accept = apparmor_socket_accept,
- .socket_sendmsg = apparmor_socket_sendmsg,
- .socket_recvmsg = apparmor_socket_recvmsg,
- .socket_getsockname = apparmor_socket_getsockname,
- .socket_getpeername = apparmor_socket_getpeername,
- .socket_getsockopt = apparmor_socket_getsockopt,
- .socket_setsockopt = apparmor_socket_setsockopt,
- .socket_shutdown = apparmor_socket_shutdown,
-
.cred_alloc_blank = apparmor_cred_alloc_blank,
.cred_free = apparmor_cred_free,
.cred_prepare = apparmor_cred_prepare,
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 07:21:08 +0000