kernel: Purge remanents of DEFEX

Roynas-Android-Playground · Oct 12, 2023 · bd7a1b3 · bd7a1b3
1 parent 0d36fd5
commit bd7a1b3
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 57 deletions.
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
@@ -941,29 +941,6 @@ el0_svc_naked:					// compat entry point
 	b.ne	__sys_trace
 	cmp     wscno, wsc_nr			// check upper syscall limit
 	b.hs	ni_sys
-#ifdef CONFIG_SECURITY_DEFEX
-/*
- * Defex enter hook
- */
-
-	ldr	x16, =defex_syscall_catch_enter
-	ldr	x16, [x16]
-	cmp	x16, xzr
-	b.eq	2f
-	uxtw	x0, wscno  //  it will copy wscno to low bits of x0 and fill high bits with 0
-	mov	x1, sp
-	blr	x16
-
-	cbnz	w0, ret_fast_syscall		// block this syscall?
-#	adr	lr, ret_fast_syscall		// return address (not needed here)
-
-	ldp	x0, x1, [sp]			// restore the syscall args
-	ldp	x2, x3, [sp, #S_X2]
-	ldp	x4, x5, [sp, #S_X4]
-	ldp	x6, x7, [sp, #S_X6]
-
-2:
-#endif
 	mask_nospec64 xscno, xsc_nr, x19	// enforce bounds for syscall number
 	ldr	x16, [stbl, xscno, lsl #3]	// address in the syscall table
 	blr	x16				// call sys_* routine
@@ -991,23 +968,6 @@ __sys_trace:
 	mov	x1, sp				// pointer to regs
 	cmp	wscno, wsc_nr			// check upper syscall limit
 	b.hs	__ni_sys_trace
-#ifdef CONFIG_SECURITY_DEFEX
-/*
- * Defex enter hook
- */
-
-	ldr	x16, =defex_syscall_catch_enter
-	ldr	x16, [x16]
-	cmp	x16, xzr
-	b.eq	3f
-	uxtw	x0, wscno  //  it will copy wscno to low bits of x0 and fill high bits with 0
-	mov	x1, sp
-	blr	x16
-
-	cbnz	w0, __sys_trace_return		// block this syscall?
-#	adr	lr, __sys_trace_return		// return address (not neede here)
-3:
-#endif
 	ldp	x0, x1, [sp]			// restore the syscall args
 	ldp	x2, x3, [sp, #S_X2]
 	ldp	x4, x5, [sp, #S_X4]

diff --git a/kernel/exit.c b/kernel/exit.c
@@ -70,10 +70,6 @@
 #include <asm/pgtable.h>
 #include <asm/mmu_context.h>
 
-#ifdef CONFIG_SECURITY_DEFEX
-#include <linux/defex.h>
-#endif
-
 static void __unhash_process(struct task_struct *p, bool group_dead)
 {
 	nr_threads--;

diff --git a/kernel/sys.c b/kernel/sys.c
@@ -73,9 +73,6 @@
 #include <asm/io.h>
 #include <asm/unistd.h>
 
-#ifdef CONFIG_SECURITY_DEFEX
-#include <linux/defex.h>
-#endif
 #ifndef SET_UNALIGN_CTL
 # define SET_UNALIGN_CTL(a, b)	(-EINVAL)
 #endif
@@ -772,11 +769,6 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid)
 	if (!uid_valid(kuid))
 		return old_fsuid;
 
-#ifdef CONFIG_SECURITY_DEFEX
-	if (task_defex_enforce(current, NULL, -__NR_setfsuid))
-		return old_fsuid;
-#endif
-
 	new = prepare_creds();
 	if (!new)
 		return old_fsuid;
@@ -816,11 +808,6 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid)
 	if (!gid_valid(kgid))
 		return old_fsgid;
 
-#ifdef CONFIG_SECURITY_DEFEX
-	if (task_defex_enforce(current, NULL, -__NR_setfsgid))
-		return old_fsgid;
-#endif
-
 	new = prepare_creds();
 	if (!new)
 		return old_fsgid;