summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/kern/init_main.c4
-rw-r--r--sys/security/mac/mac_vfs.c8
-rw-r--r--sys/security/mac_biba/mac_biba.c14
-rw-r--r--sys/security/mac_lomac/mac_lomac.c14
-rw-r--r--sys/security/mac_mls/mac_mls.c14
-rw-r--r--sys/security/mac_stub/mac_stub.c8
-rw-r--r--sys/security/mac_test/mac_test.c11
7 files changed, 0 insertions, 73 deletions
diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c
index fd8ae7a..7e2396d 100644
--- a/sys/kern/init_main.c
+++ b/sys/kern/init_main.c
@@ -533,10 +533,6 @@ start_init(void *dummy)
vfs_mountroot();
-#ifdef MAC
- mac_create_root_mount(td->td_ucred, TAILQ_FIRST(&mountlist));
-#endif
-
/*
* Need just enough stack to hold the faked-up "execve()" arguments.
*/
diff --git a/sys/security/mac/mac_vfs.c b/sys/security/mac/mac_vfs.c
index 647697b..59aa61b 100644
--- a/sys/security/mac/mac_vfs.c
+++ b/sys/security/mac/mac_vfs.c
@@ -921,14 +921,6 @@ mac_create_mount(struct ucred *cred, struct mount *mp)
mp->mnt_fslabel);
}
-void
-mac_create_root_mount(struct ucred *cred, struct mount *mp)
-{
-
- MAC_PERFORM(create_root_mount, cred, mp, mp->mnt_mntlabel,
- mp->mnt_fslabel);
-}
-
int
mac_check_mount_stat(struct ucred *cred, struct mount *mount)
{
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 8d5e9db..946ec90 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -838,19 +838,6 @@ mac_biba_create_mount(struct ucred *cred, struct mount *mp,
}
static void
-mac_biba_create_root_mount(struct ucred *cred, struct mount *mp,
- struct label *mntlabel, struct label *fslabel)
-{
- struct mac_biba *mac_biba;
-
- /* Always mount root as high integrity. */
- mac_biba = SLOT(fslabel);
- mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL);
- mac_biba = SLOT(mntlabel);
- mac_biba_set_effective(mac_biba, MAC_BIBA_TYPE_HIGH, 0, NULL);
-}
-
-static void
mac_biba_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
{
@@ -3086,7 +3073,6 @@ static struct mac_policy_ops mac_biba_ops =
.mpo_create_devfs_directory = mac_biba_create_devfs_directory,
.mpo_create_devfs_symlink = mac_biba_create_devfs_symlink,
.mpo_create_mount = mac_biba_create_mount,
- .mpo_create_root_mount = mac_biba_create_root_mount,
.mpo_relabel_vnode = mac_biba_relabel_vnode,
.mpo_update_devfsdirent = mac_biba_update_devfsdirent,
.mpo_associate_vnode_devfs = mac_biba_associate_vnode_devfs,
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index cb2ebdf..6808257 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -959,19 +959,6 @@ mac_lomac_create_mount(struct ucred *cred, struct mount *mp,
}
static void
-mac_lomac_create_root_mount(struct ucred *cred, struct mount *mp,
- struct label *mntlabel, struct label *fslabel)
-{
- struct mac_lomac *mac_lomac;
-
- /* Always mount root as high integrity. */
- mac_lomac = SLOT(fslabel);
- mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0);
- mac_lomac = SLOT(mntlabel);
- mac_lomac_set_single(mac_lomac, MAC_LOMAC_TYPE_HIGH, 0);
-}
-
-static void
mac_lomac_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
{
@@ -2617,7 +2604,6 @@ static struct mac_policy_ops mac_lomac_ops =
.mpo_create_devfs_directory = mac_lomac_create_devfs_directory,
.mpo_create_devfs_symlink = mac_lomac_create_devfs_symlink,
.mpo_create_mount = mac_lomac_create_mount,
- .mpo_create_root_mount = mac_lomac_create_root_mount,
.mpo_relabel_vnode = mac_lomac_relabel_vnode,
.mpo_update_devfsdirent = mac_lomac_update_devfsdirent,
.mpo_associate_vnode_devfs = mac_lomac_associate_vnode_devfs,
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c
index 1599cc0..ffd97f8 100644
--- a/sys/security/mac_mls/mac_mls.c
+++ b/sys/security/mac_mls/mac_mls.c
@@ -807,19 +807,6 @@ mac_mls_create_mount(struct ucred *cred, struct mount *mp,
}
static void
-mac_mls_create_root_mount(struct ucred *cred, struct mount *mp,
- struct label *mntlabel, struct label *fslabel)
-{
- struct mac_mls *mac_mls;
-
- /* Always mount root as high integrity. */
- mac_mls = SLOT(fslabel);
- mac_mls_set_effective(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
- mac_mls = SLOT(mntlabel);
- mac_mls_set_effective(mac_mls, MAC_MLS_TYPE_LOW, 0, NULL);
-}
-
-static void
mac_mls_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
{
@@ -2860,7 +2847,6 @@ static struct mac_policy_ops mac_mls_ops =
.mpo_create_devfs_directory = mac_mls_create_devfs_directory,
.mpo_create_devfs_symlink = mac_mls_create_devfs_symlink,
.mpo_create_mount = mac_mls_create_mount,
- .mpo_create_root_mount = mac_mls_create_root_mount,
.mpo_relabel_vnode = mac_mls_relabel_vnode,
.mpo_update_devfsdirent = mac_mls_update_devfsdirent,
.mpo_associate_vnode_devfs = mac_mls_associate_vnode_devfs,
diff --git a/sys/security/mac_stub/mac_stub.c b/sys/security/mac_stub/mac_stub.c
index 8ab11e9..3be11ba 100644
--- a/sys/security/mac_stub/mac_stub.c
+++ b/sys/security/mac_stub/mac_stub.c
@@ -225,13 +225,6 @@ stub_create_mount(struct ucred *cred, struct mount *mp,
}
static void
-stub_create_root_mount(struct ucred *cred, struct mount *mp,
- struct label *mntlabel, struct label *fslabel)
-{
-
-}
-
-static void
stub_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
{
@@ -1438,7 +1431,6 @@ static struct mac_policy_ops mac_stub_ops =
.mpo_create_sysv_shm = stub_create_sysv_shm,
.mpo_create_vnode_extattr = stub_create_vnode_extattr,
.mpo_create_mount = stub_create_mount,
- .mpo_create_root_mount = stub_create_root_mount,
.mpo_relabel_vnode = stub_relabel_vnode,
.mpo_setlabel_vnode_extattr = stub_setlabel_vnode_extattr,
.mpo_update_devfsdirent = stub_update_devfsdirent,
diff --git a/sys/security/mac_test/mac_test.c b/sys/security/mac_test/mac_test.c
index 3c51215..a744186 100644
--- a/sys/security/mac_test/mac_test.c
+++ b/sys/security/mac_test/mac_test.c
@@ -918,16 +918,6 @@ mac_test_create_mount(struct ucred *cred, struct mount *mp,
}
static void
-mac_test_create_root_mount(struct ucred *cred, struct mount *mp,
- struct label *mntlabel, struct label *fslabel)
-{
-
- ASSERT_CRED_LABEL(cred->cr_label);
- ASSERT_MOUNT_LABEL(mntlabel);
- ASSERT_MOUNT_LABEL(fslabel);
-}
-
-static void
mac_test_relabel_vnode(struct ucred *cred, struct vnode *vp,
struct label *vnodelabel, struct label *label)
{
@@ -2472,7 +2462,6 @@ static struct mac_policy_ops mac_test_ops =
.mpo_create_devfs_symlink = mac_test_create_devfs_symlink,
.mpo_create_vnode_extattr = mac_test_create_vnode_extattr,
.mpo_create_mount = mac_test_create_mount,
- .mpo_create_root_mount = mac_test_create_root_mount,
.mpo_relabel_vnode = mac_test_relabel_vnode,
.mpo_setlabel_vnode_extattr = mac_test_setlabel_vnode_extattr,
.mpo_update_devfsdirent = mac_test_update_devfsdirent,
OpenPOWER on IntegriCloud