Remove secondary ops call to inode_follow_link, which is
a noop in capabilities.
Signed-off-by: James Morris <jmorris@xxxxxxxxx>
---
security/selinux/hooks.c | 6 +-----
1 files changed, 1 insertions(+), 5 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 0362192..e96cce3 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2674,11 +2674,7 @@ static int selinux_inode_readlink(struct dentry *dentry)
static int selinux_inode_follow_link(struct dentry *dentry, struct nameidata *nameidata)
{
const struct cred *cred = current_cred();
- int rc;
-
- rc = secondary_ops->inode_follow_link(dentry, nameidata);
- if (rc)
- return rc;
+
return dentry_has_perm(cred, NULL, dentry, FILE__READ);
}
--
1.6.1
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
