diff options
| -rw-r--r-- | fs/exec.c | 5 | ||||
| -rw-r--r-- | fs/namei.c | 10 | ||||
| -rw-r--r-- | fs/readdir.c | 15 | ||||
| -rw-r--r-- | include/linux/dcache.h | 6 | ||||
| -rw-r--r-- | include/linux/fs.h | 1 | ||||
| -rw-r--r-- | include/linux/sched.h | 8 | ||||
| -rw-r--r-- | include/linux/uidgid.h | 3 | ||||
| -rw-r--r-- | kernel/exit.c | 4 | ||||
| -rw-r--r-- | kernel/fork.c | 1 | ||||
| -rw-r--r-- | kernel/sched/core.c | 32 |
10 files changed, 0 insertions, 85 deletions
diff --git a/fs/exec.c b/fs/exec.c index ebf8c18f6d56..341b872d758f 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1640,11 +1640,6 @@ static int do_execveat_common(int fd, struct filename *filename, if (retval < 0) goto out; - if (d_is_su(file->f_path.dentry) && capable(CAP_SYS_ADMIN)) { - current->flags |= PF_SU; - su_exec(); - } - /* execve succeeded */ current->fs->in_exec = 0; current->in_execve = 0; diff --git a/fs/namei.c b/fs/namei.c index e1d54d342ad5..8f350e39be96 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2292,16 +2292,6 @@ static int path_lookupat(struct nameidata *nd, unsigned flags, struct path *path err = -ENOTDIR; if (!err) { - struct super_block *sb = nd->inode->i_sb; - if (sb->s_flags & MS_RDONLY) { - if (d_is_su(nd->path.dentry) && !su_visible()) { - path_put(&nd->path); - err = -ENOENT; - } - } - } - - if (!err) { *path = nd->path; nd->path.mnt = NULL; nd->path.dentry = NULL; diff --git a/fs/readdir.c b/fs/readdir.c index 27807505fc4a..3494d7a8ff65 100644 --- a/fs/readdir.c +++ b/fs/readdir.c @@ -39,7 +39,6 @@ int iterate_dir(struct file *file, struct dir_context *ctx) res = -ENOENT; if (!IS_DEADDIR(inode)) { ctx->pos = file->f_pos; - ctx->romnt = (inode->i_sb->s_flags & MS_RDONLY); res = file->f_op->iterate(file, ctx); file->f_pos = ctx->pos; fsnotify_access(file); @@ -51,14 +50,6 @@ out: } EXPORT_SYMBOL(iterate_dir); -static bool hide_name(const char *name, int namlen) -{ - if (namlen == 2 && !memcmp(name, "su", 2)) - if (!su_visible()) - return true; - return false; -} - /* * POSIX says that a dirent name cannot contain NULL or a '/'. * @@ -132,8 +123,6 @@ static int fillonedir(struct dir_context *ctx, const char *name, int namlen, buf->result = -EOVERFLOW; return -EOVERFLOW; } - if (hide_name(name, namlen) && buf->ctx.romnt) - return 0; buf->result++; dirent = buf->dirent; if (!access_ok(VERIFY_WRITE, dirent, @@ -215,8 +204,6 @@ static int filldir(struct dir_context *ctx, const char *name, int namlen, buf->error = -EOVERFLOW; return -EOVERFLOW; } - if (hide_name(name, namlen) && buf->ctx.romnt) - return 0; dirent = buf->previous; if (dirent) { if (__put_user(offset, &dirent->d_off)) @@ -299,8 +286,6 @@ static int filldir64(struct dir_context *ctx, const char *name, int namlen, buf->error = -EINVAL; /* only used if we fail.. */ if (reclen > buf->count) return -EINVAL; - if (hide_name(name, namlen) && buf->ctx.romnt) - return 0; dirent = buf->previous; if (dirent) { if (__put_user(offset, &dirent->d_off)) diff --git a/include/linux/dcache.h b/include/linux/dcache.h index d57e8a6c2f2c..c066f6b56e58 100644 --- a/include/linux/dcache.h +++ b/include/linux/dcache.h @@ -522,12 +522,6 @@ static inline bool d_is_fallthru(const struct dentry *dentry) return dentry->d_flags & DCACHE_FALLTHRU; } -static inline bool d_is_su(const struct dentry *dentry) -{ - return dentry && - dentry->d_name.len == 2 && - !memcmp(dentry->d_name.name, "su", 2); -} extern int sysctl_vfs_cache_pressure; diff --git a/include/linux/fs.h b/include/linux/fs.h index d06b2af25514..42ac99e898a4 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1668,7 +1668,6 @@ typedef int (*filldir_t)(struct dir_context *, const char *, int, loff_t, u64, struct dir_context { const filldir_t actor; loff_t pos; - bool romnt; }; struct block_device_operations; diff --git a/include/linux/sched.h b/include/linux/sched.h index c00e7ccd1e89..70c1f7f9e4fa 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -63,12 +63,6 @@ struct sched_param { #include <asm/processor.h> -int su_instances(void); -bool su_running(void); -bool su_visible(void); -void su_exec(void); -void su_exit(void); - #define SCHED_ATTR_SIZE_VER0 48 /* sizeof first published struct */ /* @@ -2413,8 +2407,6 @@ extern void thread_group_cputime_adjusted(struct task_struct *p, cputime_t *ut, #define PF_FREEZER_SKIP 0x40000000 /* Freezer should not count it as freezable */ #define PF_SUSPEND_TASK 0x80000000 /* this thread called freeze_processes and should not be frozen */ -#define PF_SU 0x10000000 /* task is su */ - /* * Only the _current_ task can read/write to tsk->flags, but other * tasks can access tsk->flags in readonly mode for example diff --git a/include/linux/uidgid.h b/include/linux/uidgid.h index 83504b1be16e..03835522dfcb 100644 --- a/include/linux/uidgid.h +++ b/include/linux/uidgid.h @@ -54,9 +54,6 @@ static inline gid_t __kgid_val(kgid_t gid) #define GLOBAL_ROOT_UID KUIDT_INIT(0) #define GLOBAL_ROOT_GID KGIDT_INIT(0) -#define GLOBAL_SYSTEM_UID KUIDT_INIT(1000) -#define GLOBAL_SYSTEM_GID KGIDT_INIT(1000) - #define INVALID_UID KUIDT_INIT(-1) #define INVALID_GID KGIDT_INIT(-1) diff --git a/kernel/exit.c b/kernel/exit.c index 4a8dbc4bf4f6..babbc3c0a181 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -719,10 +719,6 @@ void do_exit(long code) sched_exit(tsk); schedtune_exit_task(tsk); - if (tsk->flags & PF_SU) { - su_exit(); - } - if (unlikely(in_atomic())) { pr_info("note: %s[%d] exited with preempt_count %d\n", current->comm, task_pid_nr(current), diff --git a/kernel/fork.c b/kernel/fork.c index dcdbb9f7216f..92a0df862115 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -360,7 +360,6 @@ static struct task_struct *dup_task_struct(struct task_struct *orig, int node) if (err) goto free_stack; - tsk->flags &= ~PF_SU; tsk->stack = stack; err = kaiser_map_thread_stack(tsk->stack); diff --git a/kernel/sched/core.c b/kernel/sched/core.c index d199741b4e7f..40a44876c74c 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -98,38 +98,6 @@ #define CREATE_TRACE_POINTS #include <trace/events/sched.h> -static atomic_t __su_instances; - -int su_instances(void) -{ - return atomic_read(&__su_instances); -} - -bool su_running(void) -{ - return su_instances() > 0; -} - -bool su_visible(void) -{ - kuid_t uid = current_uid(); - if (su_running()) - return true; - if (uid_eq(uid, GLOBAL_ROOT_UID) || uid_eq(uid, GLOBAL_SYSTEM_UID)) - return true; - return false; -} - -void su_exec(void) -{ - atomic_inc(&__su_instances); -} - -void su_exit(void) -{ - atomic_dec(&__su_instances); -} - ATOMIC_NOTIFIER_HEAD(load_alert_notifier_head); DEFINE_MUTEX(sched_domains_mutex); |