security: remove sb_check_sb hooks

Unused hook.  Remove it.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>

fs/namespace.c

@@ -1435,11 +1435,6 @@ static int graft_tree(struct vfsmount *mnt, struct path *path)
 	if (IS_DEADDIR(path->dentry->d_inode))
 		goto out_unlock;
 
-	err = security_sb_check_sb(mnt, path);
-	if (err)
-		goto out_unlock;
-
-	err = -ENOENT;
 	if (!d_unlinked(path->dentry))
 		err = attach_recursive_mnt(mnt, path, NULL);
 out_unlock:

include/linux/security.h

@@ -267,12 +267,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@orig the original mount data copied from userspace.
  *	@copy copied data which will be passed to the security module.
  *	Returns 0 if the copy was successful.
- * @sb_check_sb:
- *	Check permission before the device with superblock @mnt->sb is mounted
- *	on the mount point named by @nd.
- *	@mnt contains the vfsmount for device being mounted.
- *	@path contains the path for the mount point.
- *	Return 0 if permission is granted.
  * @sb_umount:
  *	Check permission before the @mnt file system is unmounted.
  *	@mnt contains the mounted file system.
@@ -1484,7 +1478,6 @@ struct security_operations {
 	int (*sb_statfs) (struct dentry *dentry);
 	int (*sb_mount) (char *dev_name, struct path *path,
 			 char *type, unsigned long flags, void *data);
-	int (*sb_check_sb) (struct vfsmount *mnt, struct path *path);
 	int (*sb_umount) (struct vfsmount *mnt, int flags);
 	void (*sb_umount_close) (struct vfsmount *mnt);
 	void (*sb_umount_busy) (struct vfsmount *mnt);
@@ -1783,7 +1776,6 @@ int security_sb_show_options(struct seq_file *m, struct super_block *sb);
 int security_sb_statfs(struct dentry *dentry);
 int security_sb_mount(char *dev_name, struct path *path,
 		      char *type, unsigned long flags, void *data);
-int security_sb_check_sb(struct vfsmount *mnt, struct path *path);
 int security_sb_umount(struct vfsmount *mnt, int flags);
 void security_sb_umount_close(struct vfsmount *mnt);
 void security_sb_umount_busy(struct vfsmount *mnt);
@@ -2099,12 +2091,6 @@ static inline int security_sb_mount(char *dev_name, struct path *path,
 	return 0;
 }
 
-static inline int security_sb_check_sb(struct vfsmount *mnt,
-				       struct path *path)
-{
-	return 0;
-}
-
 static inline int security_sb_umount(struct vfsmount *mnt, int flags)
 {
 	return 0;

security/capability.c

@@ -80,11 +80,6 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type,
 	return 0;
 }
 
-static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path)
-{
-	return 0;
-}
-
 static int cap_sb_umount(struct vfsmount *mnt, int flags)
 {
 	return 0;
@@ -941,7 +936,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sb_show_options);
 	set_to_cap_if_null(ops, sb_statfs);
 	set_to_cap_if_null(ops, sb_mount);
-	set_to_cap_if_null(ops, sb_check_sb);
 	set_to_cap_if_null(ops, sb_umount);
 	set_to_cap_if_null(ops, sb_umount_close);
 	set_to_cap_if_null(ops, sb_umount_busy);

security/security.c

@@ -306,11 +306,6 @@ int security_sb_mount(char *dev_name, struct path *path,
 	return security_ops->sb_mount(dev_name, path, type, flags, data);
 }
 
-int security_sb_check_sb(struct vfsmount *mnt, struct path *path)
-{
-	return security_ops->sb_check_sb(mnt, path);
-}
-
 int security_sb_umount(struct vfsmount *mnt, int flags)
 {
 	return security_ops->sb_umount(mnt, flags);