summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--udev_add.c10
-rw-r--r--udev_selinux.c32
-rw-r--r--udev_selinux.h6
3 files changed, 20 insertions, 28 deletions
diff --git a/udev_add.c b/udev_add.c
index e5bd042a5c..eeab1ca174 100644
--- a/udev_add.c
+++ b/udev_add.c
@@ -83,7 +83,6 @@ create:
selinux_setfscreatecon(file, udev->kernel_name, mode);
retval = mknod(file, mode, devt);
- selinux_resetfscreatecon();
if (retval != 0) {
dbg("mknod(%s, %#o, %u, %u) failed with error '%s'",
file, mode, major(devt), minor(devt), strerror(errno));
@@ -197,7 +196,6 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
/* create symlink(s) if requested */
foreach_strpart(udev->symlink, " ", pos, len) {
- int retval;
char linkname[NAME_SIZE];
char linktarget[NAME_SIZE];
@@ -229,11 +227,9 @@ static int create_node(struct udevice *udev, struct sysfs_class_device *class_de
dbg("symlink(%s, %s)", linktarget, filename);
if (!udev->test_run) {
- unlink(filename);
selinux_setfscreatecon(filename, udev->kernel_name, S_IFLNK);
- retval = symlink(linktarget, filename);
- selinux_resetfscreatecon();
- if (retval != 0)
+ unlink(filename);
+ if (symlink(linktarget, filename) != 0)
dbg("symlink(%s, %s) failed with error '%s'",
linktarget, filename, strerror(errno));
}
@@ -330,7 +326,7 @@ int udev_add_device(struct udevice *udev, struct sysfs_class_device *class_dev)
}
exit:
- selinux_exit();
+ selinux_restore();
return retval;
}
diff --git a/udev_selinux.c b/udev_selinux.c
index cc6f4d7d3f..72381f0d0d 100644
--- a/udev_selinux.c
+++ b/udev_selinux.c
@@ -105,7 +105,7 @@ void selinux_setfilecon(const char *file, const char *devname, unsigned int mode
}
if (setfilecon(file, scontext) < 0)
- dbg("setfilecon %s failed with error '%s'", file, strerror(errno));
+ dbg("setfiles %s failed with error '%s'", file, strerror(errno));
freecon(scontext);
}
@@ -131,20 +131,12 @@ void selinux_setfscreatecon(const char *file, const char *devname, unsigned int
}
if (setfscreatecon(scontext) < 0)
- dbg("setfscreatecon %s failed with error '%s'", file, strerror(errno));
+ dbg("setfiles %s failed with error '%s'", file, strerror(errno));
freecon(scontext);
}
}
-void selinux_resetfscreatecon(void)
-{
- if (is_selinux_running()) {
- if (setfscreatecon(prev_scontext) < 0)
- dbg("setfscreatecon %s failed with error '%s'", file, strerror(errno));
- }
-}
-
void selinux_init(void)
{
/*
@@ -152,17 +144,23 @@ void selinux_init(void)
* restoration creation purposes.
*/
if (is_selinux_running()) {
- if (getfscreatecon(&prev_scontext) < 0) {
+ if (getfscreatecon(&prev_scontext) < 0)
dbg("getfscreatecon failed\n");
- prev_scontext = NULL;
- }
+
+ prev_scontext = NULL;
}
}
-void selinux_exit(void)
+void selinux_restore(void)
{
- if (is_selinux_running() && prev_scontext) {
- freecon(prev_scontext);
- prev_scontext = NULL;
+ if (is_selinux_running()) {
+ /* reset the file create context to its former glory */
+ if (setfscreatecon(prev_scontext) < 0)
+ dbg("setfscreatecon failed\n");
+
+ if (prev_scontext) {
+ freecon(prev_scontext);
+ prev_scontext = NULL;
+ }
}
}
diff --git a/udev_selinux.h b/udev_selinux.h
index d9dfeffad0..132a9a6550 100644
--- a/udev_selinux.h
+++ b/udev_selinux.h
@@ -24,17 +24,15 @@
extern void selinux_setfilecon(const char *file, const char *devname, unsigned int mode);
extern void selinux_setfscreatecon(const char *file, const char *devname, unsigned int mode);
-extern void selinux_resetfscreatecon(void);
extern void selinux_init(void);
-extern void selinux_exit(void);
+extern void selinux_restore(void);
#else
static inline void selinux_setfilecon(const char *file, const char *devname, unsigned int mode) {}
static inline void selinux_setfscreatecon(const char *file, const char *devname, unsigned int mode) {}
-static inline void selinux_resetfscreatecon(void) {}
static inline void selinux_init(void) {}
-static inline void selinux_exit(void) {}
+static inline void selinux_restore(void) {}
#endif /* USE_SELINUX */
#endif /* _UDEV_USE_SELINUX */