diff options
| author | Lennart Poettering <lennart@poettering.net> | 2017-12-15 16:32:10 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2017-12-15 20:52:28 +0100 |
| commit | 74da609f0d0f9112047dd746188469df3692ad4a (patch) | |
| tree | 3bd826b87f8d2db5b9232ab8c51ccdf005dfbed0 /src | |
| parent | 5625c18a4726254f1169adb7748c3d888d47d2bf (diff) | |
| download | systemd-74da609f0d0f9112047dd746188469df3692ad4a.tar.gz systemd-74da609f0d0f9112047dd746188469df3692ad4a.tar.bz2 systemd-74da609f0d0f9112047dd746188469df3692ad4a.zip | |
main: split out security policy loading into its own function
More refactoring to make things more digestable.
Diffstat (limited to 'src')
| -rw-r--r-- | src/core/main.c | 54 |
1 files changed, 43 insertions, 11 deletions
diff --git a/src/core/main.c b/src/core/main.c index 2903936ca5..51d50d1873 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -2123,6 +2123,43 @@ static int safety_checks(void) { return 0; } +static int initialize_security( + bool *loaded_policy, + dual_timestamp *security_start_timestamp, + dual_timestamp *security_finish_timestamp, + const char **ret_error_message) { + + int r; + + assert(loaded_policy); + assert(security_start_timestamp); + assert(security_finish_timestamp); + assert(ret_error_message); + + dual_timestamp_get(security_start_timestamp); + + r = mac_selinux_setup(loaded_policy) < 0; + if (r < 0) { + *ret_error_message = "Failed to load SELinux policy"; + return r; + } + + r = mac_smack_setup(loaded_policy); + if (r < 0) { + *ret_error_message = "Failed to load SMACK policy"; + return r; + } + + r = ima_setup(); + if (r < 0) { + *ret_error_message = "Failed to load IMA policy"; + return r; + } + + dual_timestamp_get(security_finish_timestamp); + return 0; +} + int main(int argc, char *argv[]) { Manager *m = NULL; int r, retval = EXIT_FAILURE; @@ -2201,18 +2238,13 @@ int main(int argc, char *argv[]) { goto finish; } - dual_timestamp_get(&security_start_timestamp); - if (mac_selinux_setup(&loaded_policy) < 0) { - error_message = "Failed to load SELinux policy"; - goto finish; - } else if (mac_smack_setup(&loaded_policy) < 0) { - error_message = "Failed to load SMACK policy"; - goto finish; - } else if (ima_setup() < 0) { - error_message = "Failed to load IMA policy"; + r = initialize_security( + &loaded_policy, + &security_start_timestamp, + &security_finish_timestamp, + &error_message); + if (r < 0) goto finish; - } - dual_timestamp_get(&security_finish_timestamp); } if (mac_selinux_init() < 0) { |