Permalink
Browse files

Merge "Remove HAVE_SELINUX guards"

  • Loading branch information...
2 parents 44f4f8a + b5982bf commit 7b88a90da2a27e347fc16c14fa577f4ae1ef07fd @kruton kruton committed with Gerrit Code Review Oct 17, 2012
Showing with 18 additions and 102 deletions.
  1. +5 −7 debuggerd/Android.mk
  2. +0 −4 debuggerd/tombstone.c
  3. +5 −7 init/Android.mk
  4. +1 −8 init/builtins.c
  5. +5 −12 init/devices.c
  6. +1 −26 init/init.c
  7. +0 −4 init/init.h
  8. +0 −2 init/init_parser.c
  9. +0 −18 init/property_service.c
  10. +1 −14 init/util.c
View
12 debuggerd/Android.mk
@@ -23,13 +23,11 @@ ifeq ($(ARCH_ARM_HAVE_VFP_D32),true)
LOCAL_CFLAGS += -DWITH_VFP_D32
endif # ARCH_ARM_HAVE_VFP_D32
-LOCAL_SHARED_LIBRARIES := libcutils libc libcorkscrew
-
-ifeq ($(HAVE_SELINUX),true)
-LOCAL_SHARED_LIBRARIES += libselinux
-LOCAL_C_INCLUDES += external/libselinux/include
-LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
+LOCAL_SHARED_LIBRARIES := \
+ libcutils \
+ libc \
+ libcorkscrew \
+ libselinux
include $(BUILD_EXECUTABLE)
View
4 debuggerd/tombstone.c
@@ -35,9 +35,7 @@
#include <corkscrew/demangle.h>
#include <corkscrew/backtrace.h>
-#ifdef HAVE_SELINUX
#include <selinux/android.h>
-#endif
#include "machine.h"
#include "tombstone.h"
@@ -686,12 +684,10 @@ char* engrave_tombstone(pid_t pid, pid_t tid, int signal,
mkdir(TOMBSTONE_DIR, 0755);
chown(TOMBSTONE_DIR, AID_SYSTEM, AID_SYSTEM);
-#ifdef HAVE_SELINUX
if (selinux_android_restorecon(TOMBSTONE_DIR) == -1) {
*detach_failed = false;
return NULL;
}
-#endif
int fd;
char* path = find_and_open_tombstone(&fd);
View
12 init/Android.mk
@@ -32,13 +32,11 @@ LOCAL_FORCE_STATIC_EXECUTABLE := true
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)
-LOCAL_STATIC_LIBRARIES := libfs_mgr libcutils libc
-
-ifeq ($(HAVE_SELINUX),true)
-LOCAL_STATIC_LIBRARIES += libselinux
-LOCAL_C_INCLUDES += external/libselinux/include
-LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
+LOCAL_STATIC_LIBRARIES := \
+ libfs_mgr \
+ libcutils \
+ libc \
+ libselinux
include $(BUILD_EXECUTABLE)
View
9 init/builtins.c
@@ -35,10 +35,8 @@
#include <sys/system_properties.h>
#include <fs_mgr.h>
-#ifdef HAVE_SELINUX
#include <selinux/selinux.h>
#include <selinux/label.h>
-#endif
#include "init.h"
#include "keywords.h"
@@ -501,24 +499,20 @@ int do_mount_all(int nargs, char **args)
}
int do_setcon(int nargs, char **args) {
-#ifdef HAVE_SELINUX
if (is_selinux_enabled() <= 0)
return 0;
if (setcon(args[1]) < 0) {
return -errno;
}
-#endif
return 0;
}
int do_setenforce(int nargs, char **args) {
-#ifdef HAVE_SELINUX
if (is_selinux_enabled() <= 0)
return 0;
if (security_setenforce(atoi(args[1])) < 0) {
return -errno;
}
-#endif
return 0;
}
@@ -746,7 +740,6 @@ int do_restorecon(int nargs, char **args) {
}
int do_setsebool(int nargs, char **args) {
-#ifdef HAVE_SELINUX
SELboolean *b = alloca(nargs * sizeof(SELboolean));
char *v;
int i;
@@ -775,7 +768,7 @@ int do_setsebool(int nargs, char **args) {
if (security_set_boolean_list(nargs - 1, b, 0) < 0)
return -errno;
-#endif
+
return 0;
}
View
17 init/devices.c
@@ -30,11 +30,9 @@
#include <sys/un.h>
#include <linux/netlink.h>
-#ifdef HAVE_SELINUX
#include <selinux/selinux.h>
#include <selinux/label.h>
#include <selinux/android.h>
-#endif
#include <private/android_filesystem_config.h>
#include <sys/time.h>
@@ -52,9 +50,7 @@
#define FIRMWARE_DIR1 "/etc/firmware"
#define FIRMWARE_DIR2 "/vendor/firmware"
-#ifdef HAVE_SELINUX
extern struct selabel_handle *sehandle;
-#endif
static int device_fd = -1;
@@ -192,17 +188,15 @@ static void make_device(const char *path,
unsigned gid;
mode_t mode;
dev_t dev;
-#ifdef HAVE_SELINUX
char *secontext = NULL;
-#endif
mode = get_device_perm(path, &uid, &gid) | (block ? S_IFBLK : S_IFCHR);
-#ifdef HAVE_SELINUX
+
if (sehandle) {
selabel_lookup(sehandle, &secontext, path, mode);
setfscreatecon(secontext);
}
-#endif
+
dev = makedev(major, minor);
/* Temporarily change egid to avoid race condition setting the gid of the
* device node. Unforunately changing the euid would prevent creation of
@@ -213,12 +207,11 @@ static void make_device(const char *path,
mknod(path, mode, dev);
chown(path, uid, -1);
setegid(AID_ROOT);
-#ifdef HAVE_SELINUX
+
if (secontext) {
freecon(secontext);
setfscreatecon(NULL);
}
-#endif
}
static void add_platform_device(const char *name)
@@ -874,12 +867,12 @@ void device_init(void)
suseconds_t t0, t1;
struct stat info;
int fd;
-#ifdef HAVE_SELINUX
+
sehandle = NULL;
if (is_selinux_enabled() > 0) {
sehandle = selinux_android_file_context_handle();
}
-#endif
+
/* is 64K enough? udev uses 16MB! */
device_fd = uevent_open_socket(64*1024, true);
if(device_fd < 0)
View
27 init/init.c
@@ -32,11 +32,9 @@
#include <sys/socket.h>
#include <sys/un.h>
-#ifdef HAVE_SELINUX
#include <selinux/selinux.h>
#include <selinux/label.h>
#include <selinux/android.h>
-#endif
#include <libgen.h>
@@ -59,10 +57,8 @@
#include "util.h"
#include "ueventd.h"
-#ifdef HAVE_SELINUX
struct selabel_handle *sehandle;
struct selabel_handle *sehandle_prop;
-#endif
static int property_triggers_enabled = 0;
@@ -76,9 +72,7 @@ static char hardware[32];
static unsigned revision = 0;
static char qemu[32];
-#ifdef HAVE_SELINUX
static int selinux_enabled = 1;
-#endif
static struct action *cur_action = NULL;
static struct command *cur_command = NULL;
@@ -162,10 +156,9 @@ void service_start(struct service *svc, const char *dynamic_args)
pid_t pid;
int needs_console;
int n;
-#ifdef HAVE_SELINUX
char *scon = NULL;
int rc;
-#endif
+
/* starting a service removes it from the disabled or reset
* state and immediately takes it out of the restarting
* state if it was in there
@@ -202,7 +195,6 @@ void service_start(struct service *svc, const char *dynamic_args)
return;
}
-#ifdef HAVE_SELINUX
if (is_selinux_enabled() > 0) {
char *mycon = NULL, *fcon = NULL;
@@ -228,7 +220,6 @@ void service_start(struct service *svc, const char *dynamic_args)
return;
}
}
-#endif
NOTICE("starting '%s'\n", svc->name);
@@ -250,9 +241,7 @@ void service_start(struct service *svc, const char *dynamic_args)
for (ei = svc->envvars; ei; ei = ei->next)
add_environment(ei->name, ei->value);
-#ifdef HAVE_SELINUX
setsockcreatecon(scon);
-#endif
for (si = svc->sockets; si; si = si->next) {
int socket_type = (
@@ -265,11 +254,9 @@ void service_start(struct service *svc, const char *dynamic_args)
}
}
-#ifdef HAVE_SELINUX
freecon(scon);
scon = NULL;
setsockcreatecon(NULL);
-#endif
if (svc->ioprio_class != IoSchedClass_NONE) {
if (android_set_ioprio(getpid(), svc->ioprio_class, svc->ioprio_pri)) {
@@ -315,15 +302,12 @@ void service_start(struct service *svc, const char *dynamic_args)
_exit(127);
}
}
-
-#ifdef HAVE_SELINUX
if (svc->seclabel) {
if (is_selinux_enabled() > 0 && setexeccon(svc->seclabel) < 0) {
ERROR("cannot setexeccon('%s'): %s\n", svc->seclabel, strerror(errno));
_exit(127);
}
}
-#endif
if (!dynamic_args) {
if (execve(svc->args[0], (char**) svc->args, (char**) ENV) < 0) {
@@ -350,9 +334,7 @@ void service_start(struct service *svc, const char *dynamic_args)
_exit(127);
}
-#ifdef HAVE_SELINUX
freecon(scon);
-#endif
if (pid < 0) {
ERROR("failed to start '%s'\n", svc->name);
@@ -603,11 +585,9 @@ static void import_kernel_nv(char *name, int for_emulator)
*value++ = 0;
if (name_len == 0) return;
-#ifdef HAVE_SELINUX
if (!strcmp(name,"selinux")) {
selinux_enabled = atoi(value);
}
-#endif
if (for_emulator) {
/* in the emulator, export any kernel option with the
@@ -755,7 +735,6 @@ static int bootchart_init_action(int nargs, char **args)
}
#endif
-#ifdef HAVE_SELINUX
static const struct selinux_opt seopts_prop[] = {
{ SELABEL_OPT_PATH, "/data/system/property_contexts" },
{ SELABEL_OPT_PATH, "/property_contexts" },
@@ -814,8 +793,6 @@ int audit_callback(void *data, security_class_t cls, char *buf, size_t len)
return 0;
}
-#endif
-
int main(int argc, char **argv)
{
int fd_count = 0;
@@ -866,7 +843,6 @@ int main(int argc, char **argv)
process_kernel_cmdline();
-#ifdef HAVE_SELINUX
union selinux_callback cb;
cb.func_log = klog_write;
selinux_set_callback(SELINUX_CB_LOG, cb);
@@ -891,7 +867,6 @@ int main(int argc, char **argv)
*/
restorecon("/dev");
restorecon("/dev/socket");
-#endif
is_charger = !strcmp(bootmode, "charger");
View
4 init/init.h
@@ -95,9 +95,7 @@ struct service {
gid_t supp_gids[NR_SVC_SUPP_GIDS];
size_t nr_supp_gids;
-#ifdef HAVE_SELINUX
char *seclabel;
-#endif
struct socketinfo *sockets;
struct svcenvinfo *envvars;
@@ -136,10 +134,8 @@ void property_changed(const char *name, const char *value);
int load_565rle_image( char *file_name );
-#ifdef HAVE_SELINUX
extern struct selabel_handle *sehandle;
extern struct selabel_handle *sehandle_prop;
extern int selinux_reload_policy(void);
-#endif
#endif /* _INIT_INIT_H */
View
2 init/init_parser.c
@@ -799,13 +799,11 @@ static void parse_line_service(struct parse_state *state, int nargs, char **args
}
break;
case K_seclabel:
-#ifdef HAVE_SELINUX
if (nargs != 2) {
parse_error(state, "seclabel option requires a label string\n");
} else {
svc->seclabel = args[1];
}
-#endif
break;
default:
View
18 init/property_service.c
@@ -40,10 +40,8 @@
#include <sys/atomics.h>
#include <private/android_filesystem_config.h>
-#ifdef HAVE_SELINUX
#include <selinux/selinux.h>
#include <selinux/label.h>
-#endif
#include "property_service.h"
#include "init.h"
@@ -199,7 +197,6 @@ static void update_prop_info(prop_info *pi, const char *value, unsigned len)
static int check_mac_perms(const char *name, char *sctx)
{
-#ifdef HAVE_SELINUX
if (is_selinux_enabled() <= 0)
return 1;
@@ -223,15 +220,10 @@ static int check_mac_perms(const char *name, char *sctx)
freecon(tctx);
err:
return result;
-
-#endif
- return 1;
}
static int check_control_mac_perms(const char *name, char *sctx)
{
-#ifdef HAVE_SELINUX
-
/*
* Create a name prefix out of ctl.<service name>
* The new prefix allows the use of the existing
@@ -245,9 +237,6 @@ static int check_control_mac_perms(const char *name, char *sctx)
return 0;
return check_mac_perms(ctl_name, sctx);
-
-#endif
- return 1;
}
/*
@@ -394,11 +383,9 @@ int property_set(const char *name, const char *value)
* to prevent them from being overwritten by default values.
*/
write_persistent_property(name, value);
-#ifdef HAVE_SELINUX
} else if (strcmp("selinux.reload_policy", name) == 0 &&
strcmp("1", value) == 0) {
selinux_reload_policy();
-#endif
}
property_changed(name, value);
return 0;
@@ -440,9 +427,7 @@ void handle_property_set_fd()
msg.name[PROP_NAME_MAX-1] = 0;
msg.value[PROP_VALUE_MAX-1] = 0;
-#ifdef HAVE_SELINUX
getpeercon(s, &source_ctx);
-#endif
if(memcmp(msg.name,"ctl.",4) == 0) {
// Keep the old close-socket-early behavior when handling
@@ -467,10 +452,7 @@ void handle_property_set_fd()
// the property is written to memory.
close(s);
}
-#ifdef HAVE_SELINUX
freecon(source_ctx);
-#endif
-
break;
default:
View
15 init/util.c
@@ -23,9 +23,7 @@
#include <errno.h>
#include <time.h>
-#ifdef HAVE_SELINUX
#include <selinux/label.h>
-#endif
#include <sys/stat.h>
#include <sys/types.h>
@@ -89,9 +87,7 @@ int create_socket(const char *name, int type, mode_t perm, uid_t uid, gid_t gid)
{
struct sockaddr_un addr;
int fd, ret;
-#ifdef HAVE_SELINUX
char *secon;
-#endif
fd = socket(PF_UNIX, type, 0);
if (fd < 0) {
@@ -110,25 +106,21 @@ int create_socket(const char *name, int type, mode_t perm, uid_t uid, gid_t gid)
goto out_close;
}
-#ifdef HAVE_SELINUX
secon = NULL;
if (sehandle) {
ret = selabel_lookup(sehandle, &secon, addr.sun_path, S_IFSOCK);
if (ret == 0)
setfscreatecon(secon);
}
-#endif
ret = bind(fd, (struct sockaddr *) &addr, sizeof (addr));
if (ret) {
ERROR("Failed to bind socket '%s': %s\n", name, strerror(errno));
goto out_unlink;
}
-#ifdef HAVE_SELINUX
setfscreatecon(NULL);
freecon(secon);
-#endif
chown(addr.sun_path, uid, gid);
chmod(addr.sun_path, perm);
@@ -468,31 +460,27 @@ int make_dir(const char *path, mode_t mode)
{
int rc;
-#ifdef HAVE_SELINUX
char *secontext = NULL;
if (sehandle) {
selabel_lookup(sehandle, &secontext, path, mode);
setfscreatecon(secontext);
}
-#endif
rc = mkdir(path, mode);
-#ifdef HAVE_SELINUX
if (secontext) {
int save_errno = errno;
freecon(secontext);
setfscreatecon(NULL);
errno = save_errno;
}
-#endif
+
return rc;
}
int restorecon(const char *pathname)
{
-#ifdef HAVE_SELINUX
char *secontext = NULL;
struct stat sb;
int i;
@@ -509,6 +497,5 @@ int restorecon(const char *pathname)
return -errno;
}
freecon(secontext);
-#endif
return 0;
}

0 comments on commit 7b88a90

Please sign in to comment.