summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-09-23 19:55:49 +0200
committerLennart Poettering <lennart@poettering.net>2015-09-29 21:55:51 +0200
commit710a6b5017ba23fde6713f55340db5390ea27cec (patch)
tree34d5c96acc0439f898624a47a9dbfb12d21e957c /src/core
parente8da24a642c78d55f5287011db70d7cd95bf3b2b (diff)
selinux: add _cleanup_ concepts to SELinux label allocation
Diffstat (limited to 'src/core')
-rw-r--r--src/core/selinux-setup.c6
-rw-r--r--src/core/socket.c7
2 files changed, 4 insertions, 9 deletions
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
index e5b457643b..ff1ea23528 100644
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@@ -78,14 +78,14 @@ int mac_selinux_setup(bool *loaded_policy) {
before_load = now(CLOCK_MONOTONIC);
r = selinux_init_load_policy(&enforce);
if (r == 0) {
+ _cleanup_(mac_selinux_freep) char *label = NULL;
char timespan[FORMAT_TIMESPAN_MAX];
- char *label;
mac_selinux_retest();
/* Transition to the new context */
r = mac_selinux_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label);
- if (r < 0 || label == NULL) {
+ if (r < 0 || !label) {
log_open();
log_error("Failed to compute init label, ignoring.");
} else {
@@ -94,8 +94,6 @@ int mac_selinux_setup(bool *loaded_policy) {
log_open();
if (r < 0)
log_error("Failed to transition into init label '%s', ignoring.", label);
-
- mac_selinux_free(label);
}
after_load = now(CLOCK_MONOTONIC);
diff --git a/src/core/socket.c b/src/core/socket.c
index c0c11e4f6a..55ecada5ee 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -1210,10 +1210,10 @@ fail:
}
static int socket_open_fds(Socket *s) {
+ _cleanup_(mac_selinux_freep) char *label = NULL;
+ bool know_label = false;
SocketPort *p;
int r;
- char *label = NULL;
- bool know_label = false;
assert(s);
@@ -1327,13 +1327,10 @@ static int socket_open_fds(Socket *s) {
assert_not_reached("Unknown port type");
}
- mac_selinux_free(label);
return 0;
rollback:
socket_close_fds(s);
- mac_selinux_free(label);
-
return r;
}