security,selinux: remove security_add_mnt_opt()

Its last user has been removed in commit f2aedb713c28 ("NFS: Add
fs_context support.").

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index ae2228f..a5a724c 100644 (file)
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -78,8 +78,6 @@ LSM_HOOK(int, 0, sb_set_mnt_opts, struct super_block *sb, void *mnt_opts,
 LSM_HOOK(int, 0, sb_clone_mnt_opts, const struct super_block *oldsb,
         struct super_block *newsb, unsigned long kern_flags,
         unsigned long *set_kern_flags)
-LSM_HOOK(int, 0, sb_add_mnt_opt, const char *option, const char *val,
-        int len, void **mnt_opts)
 LSM_HOOK(int, 0, move_mount, const struct path *from_path,
         const struct path *to_path)
 LSM_HOOK(int, 0, dentry_init_security, struct dentry *dentry,

diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 52c1990..3bf5c65 100644 (file)
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -180,8 +180,6 @@
  *     Copy all security options from a given superblock to another
  *     @oldsb old superblock which contain information to clone
  *     @newsb new superblock which needs filled in
- * @sb_add_mnt_opt:
- *     Add one mount @option to @mnt_opts.
  * @sb_parse_opts_str:
  *     Parse a string of security data filling in the opts structure
  *     @options string containing all mount options known by the LSM

diff --git a/include/linux/security.h b/include/linux/security.h
index bb30196..6d72772 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -313,8 +313,6 @@ int security_sb_clone_mnt_opts(const struct super_block *oldsb,
                                struct super_block *newsb,
                                unsigned long kern_flags,
                                unsigned long *set_kern_flags);
-int security_add_mnt_opt(const char *option, const char *val,
-                               int len, void **mnt_opts);
 int security_move_mount(const struct path *from_path, const struct path *to_path);
 int security_dentry_init_security(struct dentry *dentry, int mode,
                                  const struct qstr *name,
@@ -711,12 +709,6 @@ static inline int security_sb_clone_mnt_opts(const struct super_block *oldsb,
        return 0;
 }
 
-static inline int security_add_mnt_opt(const char *option, const char *val,
-                                       int len, void **mnt_opts)
-{
-       return 0;
-}
-
 static inline int security_move_mount(const struct path *from_path,
                                      const struct path *to_path)
 {

diff --git a/security/security.c b/security/security.c
index edb922b..3d4eb47 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -994,14 +994,6 @@ int security_sb_clone_mnt_opts(const struct super_block *oldsb,
 }
 EXPORT_SYMBOL(security_sb_clone_mnt_opts);
 
-int security_add_mnt_opt(const char *option, const char *val, int len,
-                        void **mnt_opts)
-{
-       return call_int_hook(sb_add_mnt_opt, -EINVAL,
-                                       option, val, len, mnt_opts);
-}
-EXPORT_SYMBOL(security_add_mnt_opt);
-
 int security_move_mount(const struct path *from_path, const struct path *to_path)
 {
        return call_int_hook(move_mount, 0, from_path, to_path);

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 7261752..818ce97 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1010,44 +1010,6 @@ Einval:
        return -EINVAL;
 }
 
-static int selinux_add_mnt_opt(const char *option, const char *val, int len,
-                              void **mnt_opts)
-{
-       int token = Opt_error;
-       int rc, i;
-
-       for (i = 0; i < ARRAY_SIZE(tokens); i++) {
-               if (strcmp(option, tokens[i].name) == 0) {
-                       token = tokens[i].opt;
-                       break;
-               }
-       }
-
-       if (token == Opt_error)
-               return -EINVAL;
-
-       if (token != Opt_seclabel) {
-               val = kmemdup_nul(val, len, GFP_KERNEL);
-               if (!val) {
-                       rc = -ENOMEM;
-                       goto free_opt;
-               }
-       }
-       rc = selinux_add_opt(token, val, mnt_opts);
-       if (unlikely(rc)) {
-               kfree(val);
-               goto free_opt;
-       }
-       return rc;
-
-free_opt:
-       if (*mnt_opts) {
-               selinux_free_mnt_opts(*mnt_opts);
-               *mnt_opts = NULL;
-       }
-       return rc;
-}
-
 static int show_sid(struct seq_file *m, u32 sid)
 {
        char *context = NULL;
@@ -7285,7 +7247,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
        LSM_HOOK_INIT(fs_context_dup, selinux_fs_context_dup),
        LSM_HOOK_INIT(fs_context_parse_param, selinux_fs_context_parse_param),
        LSM_HOOK_INIT(sb_eat_lsm_opts, selinux_sb_eat_lsm_opts),
-       LSM_HOOK_INIT(sb_add_mnt_opt, selinux_add_mnt_opt),
 #ifdef CONFIG_SECURITY_NETWORK_XFRM
        LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone),
 #endif