summaryrefslogtreecommitdiff
path: root/src/core/selinux-access.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/selinux-access.h')
-rw-r--r--src/core/selinux-access.h32
1 files changed, 7 insertions, 25 deletions
diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h
index 3404f62166..9e89064819 100644
--- a/src/core/selinux-access.h
+++ b/src/core/selinux-access.h
@@ -27,36 +27,18 @@
void selinux_access_free(void);
-int selinux_access_check(sd_bus *bus, sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
+int selinux_generic_access_check(sd_bus *bus, sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
#ifdef HAVE_SELINUX
-#define SELINUX_ACCESS_CHECK(bus, message, permission) \
- do { \
- _cleanup_bus_error_free_ sd_bus_error _error = SD_BUS_ERROR_NULL; \
- sd_bus_message *_m = (message); \
- sd_bus *_b = (bus); \
- int _r; \
- _r = selinux_access_check(_b, _m, NULL, (permission), &_error); \
- if (_r < 0) \
- return sd_bus_reply_method_errno(_m, _r, &_error); \
- } while (false)
-
-#define SELINUX_UNIT_ACCESS_CHECK(unit, bus, message, permission) \
- do { \
- _cleanup_bus_error_free_ sd_bus_error _error = SD_BUS_ERROR_NULL; \
- sd_bus_message *_m = (message); \
- sd_bus *_b = (bus); \
- Unit *_u = (unit); \
- int _r; \
- _r = selinux_access_check(_b, _m, _u->source_path ?: _u->fragment_path, (permission), &_error); \
- if (_r < 0) \
- return sd_bus_reply_method_errno(_m, _r, &_error); \
- } while (false)
+#define selinux_access_check(bus, message, permission, error) \
+ selinux_generic_access_check(bus, message, NULL, permission, error)
+#define selinux_unit_access_check(unit, bus, message, permission, error) \
+ ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->fragment_path ?: _unit->fragment_path, permission, error); })
#else
-#define SELINUX_ACCESS_CHECK(bus, message, permission) do { } while (false)
-#define SELINUX_UNIT_ACCESS_CHECK(unit, bus, message, permission) do { } while (false)
+#define selinux_access_check(bus, message, permission, error) 0
+#define selinux_unit_access_check(unit, bus, message, permission, error) 0
#endif
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-10 15:02:45 +0000