summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--init/init.cpp10
-rw-r--r--init/util.cpp8
2 files changed, 10 insertions, 8 deletions
diff --git a/init/init.cpp b/init/init.cpp
index 377b89c..b79da89 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -947,12 +947,6 @@ static void selinux_initialize(bool in_kernel_domain) {
}
if (in_kernel_domain) {
- if (write_file("/sys/fs/selinux/checkreqprot", "0") == -1) {
- ERROR("couldn't write to /sys/fs/selinux/checkreqprot: %s\n",
- strerror(errno));
- security_failure();
- }
-
INFO("Loading SELinux policy...\n");
if (selinux_android_load_policy() < 0) {
ERROR("failed to load policy: %s\n", strerror(errno));
@@ -962,6 +956,10 @@ static void selinux_initialize(bool in_kernel_domain) {
bool is_enforcing = selinux_is_enforcing();
security_setenforce(is_enforcing);
+ if (write_file("/sys/fs/selinux/checkreqprot", "0") == -1) {
+ security_failure();
+ }
+
NOTICE("(Initializing SELinux %s took %.2fs.)\n",
is_enforcing ? "enforcing" : "non-enforcing", t.duration());
} else {
diff --git a/init/util.cpp b/init/util.cpp
index 3b49b30..332aa2a 100644
--- a/init/util.cpp
+++ b/init/util.cpp
@@ -179,9 +179,13 @@ bool read_file(const char* path, std::string* content) {
int write_file(const char* path, const char* content) {
int fd = TEMP_FAILURE_RETRY(open(path, O_WRONLY|O_CREAT|O_NOFOLLOW|O_CLOEXEC, 0600));
if (fd == -1) {
- return -errno;
+ NOTICE("write_file: Unable to open '%s': %s\n", path, strerror(errno));
+ return -1;
+ }
+ int result = android::base::WriteStringToFd(content, fd) ? 0 : -1;
+ if (result == -1) {
+ NOTICE("write_file: Unable to write to '%s': %s\n", path, strerror(errno));
}
- int result = android::base::WriteStringToFd(content, fd) ? 0 : -errno;
TEMP_FAILURE_RETRY(close(fd));
return result;
}