Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_system_core / 4d87095ebfefdb9e641492462f0a0e21d5b96ecf^! / . / init / init.cpp
commit4d87095ebfefdb9e641492462f0a0e21d5b96ecf[log] [tgz]
authorNick Kralevich <nnk@google.com>Fri Jun 12 22:03:50 2015 -0700
committerNick Kralevich <nnk@google.com>Fri Jun 12 22:12:33 2015 -0700
tree436768267355be6e72efa4481635954fa28a3661
parent555d91985d174217c3e805997bcd86d9c94f5a6b [diff] [blame]
Remove calls to is_selinux_enabled()

d34e407aeb5898f19d4f042b7558420bbb3a1817 removed support for
running with SELinux completely disabled. SELinux must either be
in permissive or enforcing mode now.

Remove unnecessary calls to is_selinux_enabled(). It always returns
true now.

Change-Id: Ife3156b74b13b2e590afe4accf716fc7776567e5

diff --git a/init/init.cpp b/init/init.cpp
index 2500985..8ea60dd 100644
--- a/init/init.cpp
+++ b/init/init.cpp

@@ -220,40 +220,38 @@
     }
 
     char* scon = NULL;
-    if (is_selinux_enabled() > 0) {
-        if (svc->seclabel) {
-            scon = strdup(svc->seclabel);
-            if (!scon) {
-                ERROR("Out of memory while starting '%s'\n", svc->name);
-                return;
-            }
-        } else {
-            char *mycon = NULL, *fcon = NULL;
+    if (svc->seclabel) {
+        scon = strdup(svc->seclabel);
+        if (!scon) {
+            ERROR("Out of memory while starting '%s'\n", svc->name);
+            return;
+        }
+    } else {
+        char *mycon = NULL, *fcon = NULL;
 
-            INFO("computing context for service '%s'\n", svc->args[0]);
-            int rc = getcon(&mycon);
-            if (rc < 0) {
-                ERROR("could not get context while starting '%s'\n", svc->name);
-                return;
-            }
+        INFO("computing context for service '%s'\n", svc->args[0]);
+        int rc = getcon(&mycon);
+        if (rc < 0) {
+            ERROR("could not get context while starting '%s'\n", svc->name);
+            return;
+        }
 
-            rc = getfilecon(svc->args[0], &fcon);
-            if (rc < 0) {
-                ERROR("could not get context while starting '%s'\n", svc->name);
-                freecon(mycon);
-                return;
-            }
-
-            rc = security_compute_create(mycon, fcon, string_to_security_class("process"), &scon);
-            if (rc == 0 && !strcmp(scon, mycon)) {
-                ERROR("Warning!  Service %s needs a SELinux domain defined; please fix!\n", svc->name);
-            }
+        rc = getfilecon(svc->args[0], &fcon);
+        if (rc < 0) {
+            ERROR("could not get context while starting '%s'\n", svc->name);
             freecon(mycon);
-            freecon(fcon);
-            if (rc < 0) {
-                ERROR("could not get context while starting '%s'\n", svc->name);
-                return;
-            }
+            return;
+        }
+
+        rc = security_compute_create(mycon, fcon, string_to_security_class("process"), &scon);
+        if (rc == 0 && !strcmp(scon, mycon)) {
+            ERROR("Warning!  Service %s needs a SELinux domain defined; please fix!\n", svc->name);
+        }
+        freecon(mycon);
+        freecon(fcon);
+        if (rc < 0) {
+            ERROR("could not get context while starting '%s'\n", svc->name);
+            return;
         }
     }
 
@@ -335,7 +333,7 @@
             }
         }
         if (svc->seclabel) {
-            if (is_selinux_enabled() > 0 && setexeccon(svc->seclabel) < 0) {
+            if (setexeccon(svc->seclabel) < 0) {
                 ERROR("cannot setexeccon('%s'): %s\n", svc->seclabel, strerror(errno));
                 _exit(127);
             }