diff options
| author | Nick Kralevich <nnk@google.com> | 2015-04-25 14:10:03 -0700 |
|---|---|---|
| committer | Nick Kralevich <nnk@google.com> | 2015-04-25 15:36:13 -0700 |
| commit | eedbe81f753fd19e5eb2238187c5618e9153bf55 (patch) | |
| tree | 2fb2d3873af5cc7fae38b5b55261800358a8ca86 /init/init.cpp | |
| parent | 8929c77ab9aa9be612291809669e9162837c54ae (diff) | |
| download | system_core-eedbe81f753fd19e5eb2238187c5618e9153bf55.zip system_core-eedbe81f753fd19e5eb2238187c5618e9153bf55.tar.gz system_core-eedbe81f753fd19e5eb2238187c5618e9153bf55.tar.bz2 | |
init: fix write_file checkreqprot logic error
write_file() returned -errno on error, not -1. Callers who check for
-1 would falsely believe that the write was successful when it wasn't.
Fixup write_file so that it return -1 on error consistent
with other functions.
Change-Id: Ic51aaf8678d8d97b2606bd171f11b3b11f642e39
Diffstat (limited to 'init/init.cpp')
| -rw-r--r-- | init/init.cpp | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/init/init.cpp b/init/init.cpp index 377b89c..b79da89 100644 --- a/init/init.cpp +++ b/init/init.cpp @@ -947,12 +947,6 @@ static void selinux_initialize(bool in_kernel_domain) { } if (in_kernel_domain) { - if (write_file("/sys/fs/selinux/checkreqprot", "0") == -1) { - ERROR("couldn't write to /sys/fs/selinux/checkreqprot: %s\n", - strerror(errno)); - security_failure(); - } - INFO("Loading SELinux policy...\n"); if (selinux_android_load_policy() < 0) { ERROR("failed to load policy: %s\n", strerror(errno)); @@ -962,6 +956,10 @@ static void selinux_initialize(bool in_kernel_domain) { bool is_enforcing = selinux_is_enforcing(); security_setenforce(is_enforcing); + if (write_file("/sys/fs/selinux/checkreqprot", "0") == -1) { + security_failure(); + } + NOTICE("(Initializing SELinux %s took %.2fs.)\n", is_enforcing ? "enforcing" : "non-enforcing", t.duration()); } else { |