From: linux@treblig.org
To: serge@hallyn.com, linux-security-module@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
"Dr. David Alan Gilbert" <linux@treblig.org>
Subject: [PATCH] capability: Remove unused has_capability
Date: Sun, 15 Dec 2024 16:53:52 +0000 [thread overview]
Message-ID: <20241215165352.186692-1-linux@treblig.org> (raw)
From: "Dr. David Alan Gilbert" <linux@treblig.org>
The vanilla has_capability() function has been unused since 2018's
commit dcb569cf6ac9 ("Smack: ptrace capability use fixes")
Remove it.
(There is still mention in a comment in security/commoncap.c
but I suspect rather than removing the entry it might be better
to expand the comment to talk about the other
has_[ns_]capability[_noaudit] variants).
Signed-off-by: Dr. David Alan Gilbert <linux@treblig.org>
---
include/linux/capability.h | 5 -----
kernel/capability.c | 16 ----------------
2 files changed, 21 deletions(-)
diff --git a/include/linux/capability.h b/include/linux/capability.h
index 0c356a517991..1fb08922552c 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -139,7 +139,6 @@ static inline kernel_cap_t cap_raise_nfsd_set(const kernel_cap_t a,
}
#ifdef CONFIG_MULTIUSER
-extern bool has_capability(struct task_struct *t, int cap);
extern bool has_ns_capability(struct task_struct *t,
struct user_namespace *ns, int cap);
extern bool has_capability_noaudit(struct task_struct *t, int cap);
@@ -150,10 +149,6 @@ extern bool ns_capable(struct user_namespace *ns, int cap);
extern bool ns_capable_noaudit(struct user_namespace *ns, int cap);
extern bool ns_capable_setid(struct user_namespace *ns, int cap);
#else
-static inline bool has_capability(struct task_struct *t, int cap)
-{
- return true;
-}
static inline bool has_ns_capability(struct task_struct *t,
struct user_namespace *ns, int cap)
{
diff --git a/kernel/capability.c b/kernel/capability.c
index dac4df77e376..67094b628ea9 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -289,22 +289,6 @@ bool has_ns_capability(struct task_struct *t,
return (ret == 0);
}
-/**
- * has_capability - Does a task have a capability in init_user_ns
- * @t: The task in question
- * @cap: The capability to be tested for
- *
- * Return true if the specified task has the given superior capability
- * currently in effect to the initial user namespace, false if not.
- *
- * Note that this does not set PF_SUPERPRIV on the task.
- */
-bool has_capability(struct task_struct *t, int cap)
-{
- return has_ns_capability(t, &init_user_ns, cap);
-}
-EXPORT_SYMBOL(has_capability);
-
/**
* has_ns_capability_noaudit - Does a task have a capability (unaudited)
* in a specific user ns.
--
2.47.1
next reply other threads:[~2024-12-15 16:53 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-15 16:53 linux [this message]
2024-12-18 21:31 ` [PATCH] capability: Remove unused has_capability Paul Moore
2024-12-18 22:11 ` Dr. David Alan Gilbert
2024-12-19 2:24 ` Paul Moore
2024-12-19 14:19 ` Dr. David Alan Gilbert
2024-12-19 14:55 ` Paul Moore
2024-12-19 17:29 ` Dr. David Alan Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241215165352.186692-1-linux@treblig.org \
--to=linux@treblig.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).