The functions `role_set_get_role`, `sepol_validate_transition` and `sepol_sidtab_remove` seem to be unused since the initial import. Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> --- libsepol/src/policydb.c | 18 ---------------- libsepol/src/services.c | 47 ----------------------------------------- libsepol/src/sidtab.c | 31 --------------------------- 3 files changed, 96 deletions(-) diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index 3f7ddb11..fc1d0711 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -1791,24 +1791,6 @@ int type_set_or_eq(type_set_t * dst, type_set_t * other) return ret; } -int role_set_get_role(role_set_t * x, uint32_t role) -{ - if (x->flags & ROLE_STAR) - return 1; - - if (ebitmap_get_bit(&x->roles, role - 1)) { - if (x->flags & ROLE_COMP) - return 0; - else - return 1; - } else { - if (x->flags & ROLE_COMP) - return 1; - else - return 0; - } -} - /***********************************************************************/ /* everything below is for policy reads */ diff --git a/libsepol/src/services.c b/libsepol/src/services.c index 39fbd979..ff91f7d2 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -1024,53 +1024,6 @@ static int context_struct_compute_av(context_struct_t * scontext, return 0; } -static int sepol_validate_transition(sepol_security_id_t oldsid, - sepol_security_id_t newsid, - sepol_security_id_t tasksid, - sepol_security_class_t tclass) -{ - context_struct_t *ocontext; - context_struct_t *ncontext; - context_struct_t *tcontext; - class_datum_t *tclass_datum; - constraint_node_t *constraint; - - if (!tclass || tclass > policydb->p_classes.nprim) { - ERR(NULL, "unrecognized class %d", tclass); - return -EINVAL; - } - tclass_datum = policydb->class_val_to_struct[tclass - 1]; - - ocontext = sepol_sidtab_search(sidtab, oldsid); - if (!ocontext) { - ERR(NULL, "unrecognized SID %d", oldsid); - return -EINVAL; - } - - ncontext = sepol_sidtab_search(sidtab, newsid); - if (!ncontext) { - ERR(NULL, "unrecognized SID %d", newsid); - return -EINVAL; - } - - tcontext = sepol_sidtab_search(sidtab, tasksid); - if (!tcontext) { - ERR(NULL, "unrecognized SID %d", tasksid); - return -EINVAL; - } - - constraint = tclass_datum->validatetrans; - while (constraint) { - if (!constraint_expr_eval_reason(ocontext, ncontext, tcontext, - 0, constraint, NULL, 0)) { - return -EPERM; - } - constraint = constraint->next; - } - - return 0; -} - /* * sepol_validate_transition_reason_buffer - the reason buffer is realloc'd * in the constraint_expr_eval_reason() function. diff --git a/libsepol/src/sidtab.c b/libsepol/src/sidtab.c index e6bf5716..255e0725 100644 --- a/libsepol/src/sidtab.c +++ b/libsepol/src/sidtab.c @@ -84,37 +84,6 @@ int sepol_sidtab_insert(sidtab_t * s, sepol_security_id_t sid, return 0; } -int sepol_sidtab_remove(sidtab_t * s, sepol_security_id_t sid) -{ - int hvalue; - sidtab_node_t *cur, *last; - - if (!s || !s->htable) - return -ENOENT; - - hvalue = SIDTAB_HASH(sid); - last = NULL; - cur = s->htable[hvalue]; - while (cur != NULL && sid > cur->sid) { - last = cur; - cur = cur->next; - } - - if (cur == NULL || sid != cur->sid) - return -ENOENT; - - if (last == NULL) - s->htable[hvalue] = cur->next; - else - last->next = cur->next; - - context_destroy(&cur->context); - - free(cur); - s->nel--; - return 0; -} - context_struct_t *sepol_sidtab_search(sidtab_t * s, sepol_security_id_t sid) { int hvalue; -- 2.32.0