security: remove dead hook cred_commit

Unused hook.  Remove.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/include/linux/security.h b/include/linux/security.h
index ef6edc759891d806afdac651e1e7baf92be43873..33b0c1b27f82c2b0b79cdb95ed8d62018c165e81 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -652,10 +652,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *     @old points to the original credentials.
  *     @gfp indicates the atomicity of any memory allocations.
  *     Prepare a new set of credentials by copying the data from the old set.
- * @cred_commit:
- *     @new points to the new credentials.
- *     @old points to the original credentials.
- *     Install a new set of credentials.
  * @cred_transfer:
  *     @new points to the new credentials.
  *     @old points to the original credentials.
@@ -1536,7 +1532,6 @@ struct security_operations {
        void (*cred_free) (struct cred *cred);
        int (*cred_prepare)(struct cred *new, const struct cred *old,
                            gfp_t gfp);
-       void (*cred_commit)(struct cred *new, const struct cred *old);
        void (*cred_transfer)(struct cred *new, const struct cred *old);
        int (*kernel_act_as)(struct cred *new, u32 secid);
        int (*kernel_create_files_as)(struct cred *new, struct inode *inode);
@@ -1794,7 +1789,6 @@ int security_task_create(unsigned long clone_flags);
 int security_cred_alloc_blank(struct cred *cred, gfp_t gfp);
 void security_cred_free(struct cred *cred);
 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp);
-void security_commit_creds(struct cred *new, const struct cred *old);
 void security_transfer_creds(struct cred *new, const struct cred *old);
 int security_kernel_act_as(struct cred *new, u32 secid);
 int security_kernel_create_files_as(struct cred *new, struct inode *inode);
@@ -2315,11 +2309,6 @@ static inline int security_prepare_creds(struct cred *new,
        return 0;
 }
 
-static inline void security_commit_creds(struct cred *new,
-                                        const struct cred *old)
-{
-}
-
 static inline void security_transfer_creds(struct cred *new,
                                           const struct cred *old)
 {

diff --git a/kernel/cred.c b/kernel/cred.c
index 1b1129d0cce87077055704c78d4ae364d8fb4cc8..fecb346404826ae3d9791650f1534ccbccc8541f 100644 (file)
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -520,8 +520,6 @@ int commit_creds(struct cred *new)
 #endif
        BUG_ON(atomic_read(&new->usage) < 1);
 
-       security_commit_creds(new, old);
-
        get_cred(new); /* we will require a ref for the subj creds too */
 
        /* dumpability changes */

diff --git a/security/capability.c b/security/capability.c
index b855e9f27f0e626b1300e675b993cc6cddf24567..a927bdea1816c50bc76f01115e8bc1bf8d17de37 100644 (file)
--- a/security/capability.c
+++ b/security/capability.c
@@ -373,10 +373,6 @@ static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp)
        return 0;
 }
 
-static void cap_cred_commit(struct cred *new, const struct cred *old)
-{
-}
-
 static void cap_cred_transfer(struct cred *new, const struct cred *old)
 {
 }
@@ -972,7 +968,6 @@ void security_fixup_ops(struct security_operations *ops)
        set_to_cap_if_null(ops, cred_alloc_blank);
        set_to_cap_if_null(ops, cred_free);
        set_to_cap_if_null(ops, cred_prepare);
-       set_to_cap_if_null(ops, cred_commit);
        set_to_cap_if_null(ops, cred_transfer);
        set_to_cap_if_null(ops, kernel_act_as);
        set_to_cap_if_null(ops, kernel_create_files_as);

diff --git a/security/security.c b/security/security.c
index c65b0bca05bb46a0f25891b5f8093b7705f6c8ad..6e5942653d4fa108a7691642926a29615c158b8c 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -712,11 +712,6 @@ int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
        return security_ops->cred_prepare(new, old, gfp);
 }
 
-void security_commit_creds(struct cred *new, const struct cred *old)
-{
-       security_ops->cred_commit(new, old);
-}
-
 void security_transfer_creds(struct cred *new, const struct cred *old)
 {
        security_ops->cred_transfer(new, old);