On Tue, Jun 8, 2021 at 12:00 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> The functions `role_set_get_role`, `sepol_validate_transition` and
> `sepol_sidtab_remove` seem to be unused since the initial import.
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libsepol/src/policydb.c | 18 ----------------
> libsepol/src/services.c | 47 -----------------------------------------
> libsepol/src/sidtab.c | 31 ---------------------------
> 3 files changed, 96 deletions(-)
>
> diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
> index 3f7ddb11..fc1d0711 100644
> --- a/libsepol/src/policydb.c
> +++ b/libsepol/src/policydb.c
> @@ -1791,24 +1791,6 @@ int type_set_or_eq(type_set_t * dst, type_set_t * other)
> return ret;
> }
>
> -int role_set_get_role(role_set_t * x, uint32_t role)
> -{
> - if (x->flags & ROLE_STAR)
> - return 1;
> -
> - if (ebitmap_get_bit(&x->roles, role - 1)) {
> - if (x->flags & ROLE_COMP)
> - return 0;
> - else
> - return 1;
> - } else {
> - if (x->flags & ROLE_COMP)
> - return 1;
> - else
> - return 0;
> - }
> -}
> -
> /***********************************************************************/
> /* everything below is for policy reads */
>
> diff --git a/libsepol/src/services.c b/libsepol/src/services.c
> index 39fbd979..ff91f7d2 100644
> --- a/libsepol/src/services.c
> +++ b/libsepol/src/services.c
> @@ -1024,53 +1024,6 @@ static int context_struct_compute_av(context_struct_t * scontext,
> return 0;
> }
>
> -static int sepol_validate_transition(sepol_security_id_t oldsid,
> - sepol_security_id_t newsid,
> - sepol_security_id_t tasksid,
> - sepol_security_class_t tclass)
> -{
> - context_struct_t *ocontext;
> - context_struct_t *ncontext;
> - context_struct_t *tcontext;
> - class_datum_t *tclass_datum;
> - constraint_node_t *constraint;
> -
> - if (!tclass || tclass > policydb->p_classes.nprim) {
> - ERR(NULL, "unrecognized class %d", tclass);
> - return -EINVAL;
> - }
> - tclass_datum = policydb->class_val_to_struct[tclass - 1];
> -
> - ocontext = sepol_sidtab_search(sidtab, oldsid);
> - if (!ocontext) {
> - ERR(NULL, "unrecognized SID %d", oldsid);
> - return -EINVAL;
> - }
> -
> - ncontext = sepol_sidtab_search(sidtab, newsid);
> - if (!ncontext) {
> - ERR(NULL, "unrecognized SID %d", newsid);
> - return -EINVAL;
> - }
> -
> - tcontext = sepol_sidtab_search(sidtab, tasksid);
> - if (!tcontext) {
> - ERR(NULL, "unrecognized SID %d", tasksid);
> - return -EINVAL;
> - }
> -
> - constraint = tclass_datum->validatetrans;
> - while (constraint) {
> - if (!constraint_expr_eval_reason(ocontext, ncontext, tcontext,
> - 0, constraint, NULL, 0)) {
> - return -EPERM;
> - }
> - constraint = constraint->next;
> - }
> -
> - return 0;
> -}
> -
> /*
> * sepol_validate_transition_reason_buffer - the reason buffer is realloc'd
> * in the constraint_expr_eval_reason() function.
> diff --git a/libsepol/src/sidtab.c b/libsepol/src/sidtab.c
> index e6bf5716..255e0725 100644
> --- a/libsepol/src/sidtab.c
> +++ b/libsepol/src/sidtab.c
> @@ -84,37 +84,6 @@ int sepol_sidtab_insert(sidtab_t * s, sepol_security_id_t sid,
> return 0;
> }
>
> -int sepol_sidtab_remove(sidtab_t * s, sepol_security_id_t sid)
> -{
> - int hvalue;
> - sidtab_node_t *cur, *last;
> -
> - if (!s || !s->htable)
> - return -ENOENT;
> -
> - hvalue = SIDTAB_HASH(sid);
> - last = NULL;
> - cur = s->htable[hvalue];
> - while (cur != NULL && sid > cur->sid) {
> - last = cur;
> - cur = cur->next;
> - }
> -
> - if (cur == NULL || sid != cur->sid)
> - return -ENOENT;
> -
> - if (last == NULL)
> - s->htable[hvalue] = cur->next;
> - else
> - last->next = cur->next;
> -
> - context_destroy(&cur->context);
> -
> - free(cur);
> - s->nel--;
> - return 0;
> -}
> -
> context_struct_t *sepol_sidtab_search(sidtab_t * s, sepol_security_id_t sid)
> {
> int hvalue;
> --
> 2.32.0
>
