Commit 35b372b7 authored by Kees Cook's avatar Kees Cook

smack: Remove redundant pdeath_signal clearing

This removes the redundant pdeath_signal clearing in Smack: the check in
smack_bprm_committing_creds() matches the check in smack_bprm_set_creds()
(which used to be in the now-removed smack_bprm_securexec() hook) and
since secureexec is now being checked for clearing pdeath_signal, this
is redundant to the common exec code.
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
Reviewed-by: default avatarJames Morris <james.l.morris@oracle.com>
Reviewed-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
parent a70423df
...@@ -957,20 +957,6 @@ static int smack_bprm_set_creds(struct linux_binprm *bprm) ...@@ -957,20 +957,6 @@ static int smack_bprm_set_creds(struct linux_binprm *bprm)
return 0; return 0;
} }
/**
* smack_bprm_committing_creds - Prepare to install the new credentials
* from bprm.
*
* @bprm: binprm for exec
*/
static void smack_bprm_committing_creds(struct linux_binprm *bprm)
{
struct task_smack *bsp = bprm->cred->security;
if (bsp->smk_task != bsp->smk_forked)
current->pdeath_signal = 0;
}
/* /*
* Inode hooks * Inode hooks
*/ */
...@@ -4633,7 +4619,6 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = { ...@@ -4633,7 +4619,6 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(sb_parse_opts_str, smack_parse_opts_str), LSM_HOOK_INIT(sb_parse_opts_str, smack_parse_opts_str),
LSM_HOOK_INIT(bprm_set_creds, smack_bprm_set_creds), LSM_HOOK_INIT(bprm_set_creds, smack_bprm_set_creds),
LSM_HOOK_INIT(bprm_committing_creds, smack_bprm_committing_creds),
LSM_HOOK_INIT(inode_alloc_security, smack_inode_alloc_security), LSM_HOOK_INIT(inode_alloc_security, smack_inode_alloc_security),
LSM_HOOK_INIT(inode_free_security, smack_inode_free_security), LSM_HOOK_INIT(inode_free_security, smack_inode_free_security),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment