Re: [RFC] No more module_* hooks

From: Greg KH (gregat_private)
Date: Thu Sep 26 2002 - 16:42:17 PDT

  • Next message: Greg KH: "Re: [RFC] No more module_* hooks"

    # This is a BitKeeper generated patch for the following project:
    # Project Name: Linux Security Module
    # This patch format is intended for GNU patch command version 2.5 or higher.
    # This patch includes the following deltas:
    #	           ChangeSet	1.507   -> 1.508  
    #	    security/owlsm.c	1.29    -> 1.30   
    #	security/lids/lids_lsm.c	1.27    -> 1.28   
    #	include/linux/security.h	1.10    -> 1.11   
    #	    security/dummy.c	1.11    -> 1.12   
    #	  security/dte/dte.c	1.29    -> 1.30   
    #	     kernel/module.c	1.22    -> 1.23   
    #	security/selinux/hooks.c	1.56    -> 1.57   
    #	security/capability.c	1.11    -> 1.12   
    #
    # The following is the BitKeeper ChangeSet Log
    # --------------------------------------------
    # 02/09/26	gregat_private	1.508
    # removed module_initialize hook, as no one uses it.
    # --------------------------------------------
    #
    diff -Nru a/include/linux/security.h b/include/linux/security.h
    --- a/include/linux/security.h	Thu Sep 26 16:39:35 2002
    +++ b/include/linux/security.h	Thu Sep 26 16:39:35 2002
    @@ -800,10 +800,6 @@
      *
      * Security hooks for kernel module operations.
      *
    - * @module_initialize:
    - * 	Check permission before initializing a module.
    - * 	@mod contains a pointer to the module being initialized.
    - *	Return 0 if permission is granted.
      * @module_delete:
      *	Check permission before removing a module.
      *	@mod contains a pointer to the module being deleted.
    diff -Nru a/kernel/module.c b/kernel/module.c
    --- a/kernel/module.c	Thu Sep 26 16:39:35 2002
    +++ b/kernel/module.c	Thu Sep 26 16:39:35 2002
    @@ -502,10 +502,6 @@
     		goto err3;
     	}
     
    -	/* check that we have permission to do this */
    -	error = security_ops->module_initialize(mod);
    -	if (error)
    -		goto err3;
     	error = -EINVAL;
     
     	if (module_arch_init(mod))
    diff -Nru a/security/capability.c b/security/capability.c
    --- a/security/capability.c	Thu Sep 26 16:39:35 2002
    +++ b/security/capability.c	Thu Sep 26 16:39:35 2002
    @@ -892,11 +892,6 @@
     	return 0;
     }
     
    -static int cap_module_initialize (struct module *mod_user)
    -{
    -	return 0;
    -}
    -
     static int cap_module_delete (const struct module *mod)
     {
     	return 0;
    @@ -1193,7 +1188,6 @@
     
     	.netdev_unregister =		cap_netdev_unregister,
     
    -	.module_initialize =		cap_module_initialize,
     	.module_delete =		cap_module_delete,
     
     	.ipc_permission =		cap_ipc_permission,
    diff -Nru a/security/dte/dte.c b/security/dte/dte.c
    --- a/security/dte/dte.c	Thu Sep 26 16:39:35 2002
    +++ b/security/dte/dte.c	Thu Sep 26 16:39:35 2002
    @@ -729,11 +729,6 @@
     	return 0;
     }
     
    -static int dte_module_init_module (struct module *mod_user)
    -{
    -	return 0;
    -}
    -
     static int dte_module_delete_module (const struct module *mod)
     {
     	if (strcmp(mod->name,"dte_plug")==0) {
    @@ -1057,7 +1052,6 @@
     	
     	netdev_unregister:		dte_netdev_unregister,
     	
    -	module_initialize:		dte_module_init_module,
     	module_delete:			dte_module_delete_module,
     	
     	ipc_permission:			dte_ipc_permission,
    diff -Nru a/security/dummy.c b/security/dummy.c
    --- a/security/dummy.c	Thu Sep 26 16:39:35 2002
    +++ b/security/dummy.c	Thu Sep 26 16:39:35 2002
    @@ -710,11 +710,6 @@
     	return 0;
     }
     
    -static int dummy_module_initialize (struct module *mod_user)
    -{
    -	return 0;
    -}
    -
     static int dummy_module_delete (const struct module *mod)
     {
     	return 0;
    @@ -1016,7 +1011,6 @@
     
     	.netdev_unregister =		dummy_netdev_unregister,
     
    -	.module_initialize =		dummy_module_initialize,
     	.module_delete =		dummy_module_delete,
     
     	.msg_msg_alloc_security =	dummy_msg_msg_alloc_security,
    diff -Nru a/security/lids/lids_lsm.c b/security/lids/lids_lsm.c
    --- a/security/lids/lids_lsm.c	Thu Sep 26 16:39:35 2002
    +++ b/security/lids/lids_lsm.c	Thu Sep 26 16:39:35 2002
    @@ -888,11 +888,6 @@
     	return 0;
     }
     
    -static int lids_module_init_module (struct module *mod_user)
    -{
    -	return 0;
    -}
    -
     static int lids_module_delete_module (const struct module *mod)
     {
     	return 0;
    @@ -1215,7 +1210,6 @@
     	
     	netdev_unregister:		lids_netdev_unregister,
     	
    -	module_initialize:		lids_module_init_module,
     	module_delete:			lids_module_delete_module,
     	
     	msg_msg_alloc_security:		lids_msg_msg_alloc_security,
    diff -Nru a/security/owlsm.c b/security/owlsm.c
    --- a/security/owlsm.c	Thu Sep 26 16:39:35 2002
    +++ b/security/owlsm.c	Thu Sep 26 16:39:35 2002
    @@ -710,11 +710,6 @@
     	return 0;
     }
     
    -static int owlsm_module_init_module (struct module *mod)
    -{
    -	return 0;
    -}
    -
     static int owlsm_module_delete_module (const struct module *mod)	
     {
     	return 0;
    @@ -1010,7 +1005,6 @@
     
     	netdev_unregister:		owlsm_netdev_unregister,
     	
    -	module_initialize:		owlsm_module_init_module,
     	module_delete:			owlsm_module_delete_module,
     	
     	ipc_permission:			owlsm_ipc_permission,
    diff -Nru a/security/selinux/hooks.c b/security/selinux/hooks.c
    --- a/security/selinux/hooks.c	Thu Sep 26 16:39:35 2002
    +++ b/security/selinux/hooks.c	Thu Sep 26 16:39:35 2002
    @@ -3815,12 +3815,6 @@
     
     /* module security operations */
     
    -static int selinux_module_init_module(struct module *mod)
    -{
    -	/* Controlled via the capable hook - CAP_SYS_MODULE */
    -	return 0;
    -}
    -
     static int selinux_module_delete_module(const struct module *mod)
     {
     	/* Controlled via the capable hook - CAP_SYS_MODULE */
    @@ -4755,7 +4749,6 @@
     	
     	netdev_unregister:		selinux_netdev_unregister,
     	
    -	module_initialize:		selinux_module_init_module,
     	module_delete:			selinux_module_delete_module,
     	
     	ipc_permission:			selinux_ipc_permission,
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Sep 26 2002 - 16:45:39 PDT