Commit 34013331 authored by Lukas Bulwahn's avatar Lukas Bulwahn Committed by Paul Moore
Browse files

selinux: clean up dead code after removing runtime disable 



Commit f22f9aaf ("selinux: remove the runtime disable functionality")
removes the config SECURITY_SELINUX_DISABLE. This results in some dead code
in lsm_hooks.h.

Remove this dead code.

Signed-off-by: default avatarLukas Bulwahn <lukas.bulwahn@gmail.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 79781fe4

include/linux/lsm_hooks.h

+0 −23
Original line number Diff line number Diff line
@@ -1740,29 +1740,6 @@ extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; 
		__used __section(".early_lsm_info.init")		\

		__aligned(sizeof(unsigned long))



#ifdef CONFIG_SECURITY_SELINUX_DISABLE

/*

 * Assuring the safety of deleting a security module is up to

 * the security module involved. This may entail ordering the

 * module's hook list in a particular way, refusing to disable

 * the module once a policy is loaded or any number of other

 * actions better imagined than described.

 *

 * The name of the configuration option reflects the only module

 * that currently uses the mechanism. Any developer who thinks

 * disabling their module is a good idea needs to be at least as

 * careful as the SELinux team.

 */

static inline void security_delete_hooks(struct security_hook_list *hooks,

						int count)

{

	int i;



	for (i = 0; i < count; i++)

		hlist_del_rcu(&hooks[i].list);

}

#endif /* CONFIG_SECURITY_SELINUX_DISABLE */



extern int lsm_inode_alloc(struct inode *inode);



#endif /* ! __LINUX_LSM_HOOKS_H */