Remove HAVE_SELINUX guards

Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364

Remove HAVE_SELINUX guards
Change-Id: I8272c573b3c5dc663203bafab68fad5e94d89364
b5982bf7 · Kenny Root · 44f4f8a4 · b5982bf7 · b5982bf7 · b5982bf7
Commit b5982bf7 authored 12 years ago by Kenny Root
10 changed files
--- a/debuggerd/Android.mk
+++ b/debuggerd/Android.mk
@@ -23,13 +23,11 @@ ifeq ($(ARCH_ARM_HAVE_VFP_D32),true)
 LOCAL_CFLAGS += -DWITH_VFP_D32
 endif # ARCH_ARM_HAVE_VFP_D32

-LOCAL_SHARED_LIBRARIES := libcutils libc libcorkscrew
-
-ifeq ($(HAVE_SELINUX),true)
-LOCAL_SHARED_LIBRARIES += libselinux
-LOCAL_C_INCLUDES += external/libselinux/include
-LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
+LOCAL_SHARED_LIBRARIES := \
+	libcutils \
+	libc \
+	libcorkscrew \
+	libselinux

 include $(BUILD_EXECUTABLE)


--- a/debuggerd/tombstone.c
+++ b/debuggerd/tombstone.c
@@ -35,9 +35,7 @@
 #include <corkscrew/demangle.h>
 #include <corkscrew/backtrace.h>

-#ifdef HAVE_SELINUX
 #include <selinux/android.h>
-#endif

 #include "machine.h"
 #include "tombstone.h"
@@ -686,12 +684,10 @@ char* engrave_tombstone(pid_t pid, pid_t tid, int signal,
    mkdir(TOMBSTONE_DIR, 0755);
    chown(TOMBSTONE_DIR, AID_SYSTEM, AID_SYSTEM);

-#ifdef HAVE_SELINUX
    if (selinux_android_restorecon(TOMBSTONE_DIR) == -1) {
        *detach_failed = false;
        return NULL;
    }
-#endif

    int fd;
    char* path = find_and_open_tombstone(&fd);

--- a/init/Android.mk
+++ b/init/Android.mk
@@ -32,13 +32,11 @@ LOCAL_FORCE_STATIC_EXECUTABLE := true
 LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
 LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)

-LOCAL_STATIC_LIBRARIES := libfs_mgr libcutils libc
-
-ifeq ($(HAVE_SELINUX),true)
-LOCAL_STATIC_LIBRARIES += libselinux
-LOCAL_C_INCLUDES += external/libselinux/include
-LOCAL_CFLAGS += -DHAVE_SELINUX
-endif
+LOCAL_STATIC_LIBRARIES := \
+	libfs_mgr \
+	libcutils \
+	libc \
+	libselinux

 include $(BUILD_EXECUTABLE)


--- a/init/builtins.c
+++ b/init/builtins.c
@@ -35,10 +35,8 @@
 #include <sys/system_properties.h>
 #include <fs_mgr.h>

-#ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
 #include <selinux/label.h>
-#endif

 #include "init.h"
 #include "keywords.h"
@@ -501,24 +499,20 @@ int do_mount_all(int nargs, char **args)
 }

 int do_setcon(int nargs, char **args) {
-#ifdef HAVE_SELINUX
    if (is_selinux_enabled() <= 0)
        return 0;
    if (setcon(args[1]) < 0) {
        return -errno;
    }
-#endif
    return 0;
 }

 int do_setenforce(int nargs, char **args) {
-#ifdef HAVE_SELINUX
    if (is_selinux_enabled() <= 0)
        return 0;
    if (security_setenforce(atoi(args[1])) < 0) {
        return -errno;
    }
-#endif
    return 0;
 }

@@ -746,7 +740,6 @@ int do_restorecon(int nargs, char **args) {
 }

 int do_setsebool(int nargs, char **args) {
-#ifdef HAVE_SELINUX
    SELboolean *b = alloca(nargs * sizeof(SELboolean));
    char *v;
    int i;
@@ -775,7 +768,7 @@ int do_setsebool(int nargs, char **args) {

    if (security_set_boolean_list(nargs - 1, b, 0) < 0)
        return -errno;
-#endif
+
    return 0;
 }


--- a/init/devices.c
+++ b/init/devices.c
@@ -30,11 +30,9 @@
 #include <sys/un.h>
 #include <linux/netlink.h>

-#ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
 #include <selinux/label.h>
 #include <selinux/android.h>
-#endif

 #include <private/android_filesystem_config.h>
 #include <sys/time.h>
@@ -52,9 +50,7 @@
 #define FIRMWARE_DIR1   "/etc/firmware"
 #define FIRMWARE_DIR2   "/vendor/firmware"

-#ifdef HAVE_SELINUX
 extern struct selabel_handle *sehandle;
-#endif

 static int device_fd = -1;

@@ -192,17 +188,15 @@ static void make_device(const char *path,
    unsigned gid;
    mode_t mode;
    dev_t dev;
-#ifdef HAVE_SELINUX
    char *secontext = NULL;
-#endif

    mode = get_device_perm(path, &uid, &gid) | (block ? S_IFBLK : S_IFCHR);
-#ifdef HAVE_SELINUX
+
    if (sehandle) {
        selabel_lookup(sehandle, &secontext, path, mode);
        setfscreatecon(secontext);
    }
-#endif
+
    dev = makedev(major, minor);
    /* Temporarily change egid to avoid race condition setting the gid of the
     * device node. Unforunately changing the euid would prevent creation of
@@ -213,12 +207,11 @@ static void make_device(const char *path,
    mknod(path, mode, dev);
    chown(path, uid, -1);
    setegid(AID_ROOT);
-#ifdef HAVE_SELINUX
+
    if (secontext) {
        freecon(secontext);
        setfscreatecon(NULL);
    }
-#endif
 }

 static void add_platform_device(const char *name)
@@ -874,12 +867,12 @@ void device_init(void)
    suseconds_t t0, t1;
    struct stat info;
    int fd;
-#ifdef HAVE_SELINUX
+
    sehandle = NULL;
    if (is_selinux_enabled() > 0) {
        sehandle = selinux_android_file_context_handle();
    }
-#endif
+
    /* is 64K enough? udev uses 16MB! */
    device_fd = uevent_open_socket(64*1024, true);
    if(device_fd < 0)

--- a/init/init.c
+++ b/init/init.c
@@ -32,11 +32,9 @@
 #include <sys/socket.h>
 #include <sys/un.h>

-#ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
 #include <selinux/label.h>
 #include <selinux/android.h>
-#endif

 #include <libgen.h>

@@ -59,10 +57,8 @@
 #include "util.h"
 #include "ueventd.h"

-#ifdef HAVE_SELINUX
 struct selabel_handle *sehandle;
 struct selabel_handle *sehandle_prop;
-#endif

 static int property_triggers_enabled = 0;

@@ -76,9 +72,7 @@ static char hardware[32];
 static unsigned revision = 0;
 static char qemu[32];

-#ifdef HAVE_SELINUX
 static int selinux_enabled = 1;
-#endif

 static struct action *cur_action = NULL;
 static struct command *cur_command = NULL;
@@ -162,10 +156,9 @@ void service_start(struct service *svc, const char *dynamic_args)
    pid_t pid;
    int needs_console;
    int n;
-#ifdef HAVE_SELINUX
    char *scon = NULL;
    int rc;
-#endif
+
        /* starting a service removes it from the disabled or reset
         * state and immediately takes it out of the restarting
         * state if it was in there
@@ -202,7 +195,6 @@ void service_start(struct service *svc, const char *dynamic_args)
        return;
    }

-#ifdef HAVE_SELINUX
    if (is_selinux_enabled() > 0) {
        char *mycon = NULL, *fcon = NULL;

@@ -228,7 +220,6 @@ void service_start(struct service *svc, const char *dynamic_args)
            return;
        }
    }
-#endif

    NOTICE("starting '%s'\n", svc->name);

@@ -250,9 +241,7 @@ void service_start(struct service *svc, const char *dynamic_args)
        for (ei = svc->envvars; ei; ei = ei->next)
            add_environment(ei->name, ei->value);

-#ifdef HAVE_SELINUX
        setsockcreatecon(scon);
-#endif

        for (si = svc->sockets; si; si = si->next) {
            int socket_type = (
@@ -265,11 +254,9 @@ void service_start(struct service *svc, const char *dynamic_args)
            }
        }

-#ifdef HAVE_SELINUX
        freecon(scon);
        scon = NULL;
        setsockcreatecon(NULL);
-#endif

        if (svc->ioprio_class != IoSchedClass_NONE) {
            if (android_set_ioprio(getpid(), svc->ioprio_class, svc->ioprio_pri)) {
@@ -315,15 +302,12 @@ void service_start(struct service *svc, const char *dynamic_args)
                _exit(127);
            }
        }
-
-#ifdef HAVE_SELINUX
        if (svc->seclabel) {
            if (is_selinux_enabled() > 0 && setexeccon(svc->seclabel) < 0) {
                ERROR("cannot setexeccon('%s'): %s\n", svc->seclabel, strerror(errno));
                _exit(127);
            }
        }
-#endif

        if (!dynamic_args) {
            if (execve(svc->args[0], (char**) svc->args, (char**) ENV) < 0) {
@@ -350,9 +334,7 @@ void service_start(struct service *svc, const char *dynamic_args)
        _exit(127);
    }

-#ifdef HAVE_SELINUX
    freecon(scon);
-#endif

    if (pid < 0) {
        ERROR("failed to start '%s'\n", svc->name);
@@ -603,11 +585,9 @@ static void import_kernel_nv(char *name, int for_emulator)
    *value++ = 0;
    if (name_len == 0) return;

-#ifdef HAVE_SELINUX
    if (!strcmp(name,"selinux")) {
        selinux_enabled = atoi(value);
    }
-#endif

    if (for_emulator) {
        /* in the emulator, export any kernel option with the
@@ -755,7 +735,6 @@ static int bootchart_init_action(int nargs, char **args)
 }
 #endif

-#ifdef HAVE_SELINUX
 static const struct selinux_opt seopts_prop[] = {
        { SELABEL_OPT_PATH, "/data/system/property_contexts" },
        { SELABEL_OPT_PATH, "/property_contexts" },
@@ -814,8 +793,6 @@ int audit_callback(void *data, security_class_t cls, char *buf, size_t len)
    return 0;
 }

-#endif
-
 int main(int argc, char **argv)
 {
    int fd_count = 0;
@@ -866,7 +843,6 @@ int main(int argc, char **argv)

    process_kernel_cmdline();

-#ifdef HAVE_SELINUX
    union selinux_callback cb;
    cb.func_log = klog_write;
    selinux_set_callback(SELINUX_CB_LOG, cb);
@@ -891,7 +867,6 @@ int main(int argc, char **argv)
     */
    restorecon("/dev");
    restorecon("/dev/socket");
-#endif

    is_charger = !strcmp(bootmode, "charger");


--- a/init/init.h
+++ b/init/init.h
@@ -95,9 +95,7 @@ struct service {
    gid_t supp_gids[NR_SVC_SUPP_GIDS];
    size_t nr_supp_gids;

-#ifdef HAVE_SELINUX
    char *seclabel;
-#endif

    struct socketinfo *sockets;
    struct svcenvinfo *envvars;
@@ -136,10 +134,8 @@ void property_changed(const char *name, const char *value);

 int load_565rle_image( char *file_name );

-#ifdef HAVE_SELINUX
 extern struct selabel_handle *sehandle;
 extern struct selabel_handle *sehandle_prop;
 extern int selinux_reload_policy(void);
-#endif

 #endif	/* _INIT_INIT_H */
--- a/init/init_parser.c
+++ b/init/init_parser.c
@@ -799,13 +799,11 @@ static void parse_line_service(struct parse_state *state, int nargs, char **args
        }
        break;
    case K_seclabel:
-#ifdef HAVE_SELINUX
        if (nargs != 2) {
            parse_error(state, "seclabel option requires a label string\n");
        } else {
            svc->seclabel = args[1];
        }
-#endif
        break;

    default:

--- a/init/property_service.c
+++ b/init/property_service.c
@@ -40,10 +40,8 @@
 #include <sys/atomics.h>
 #include <private/android_filesystem_config.h>

-#ifdef HAVE_SELINUX
 #include <selinux/selinux.h>
 #include <selinux/label.h>
-#endif

 #include "property_service.h"
 #include "init.h"
@@ -199,7 +197,6 @@ static void update_prop_info(prop_info *pi, const char *value, unsigned len)

 static int check_mac_perms(const char *name, char *sctx)
 {
-#ifdef HAVE_SELINUX
    if (is_selinux_enabled() <= 0)
        return 1;

@@ -223,15 +220,10 @@ static int check_mac_perms(const char *name, char *sctx)
    freecon(tctx);
 err:
    return result;
-
-#endif
-    return 1;
 }

 static int check_control_mac_perms(const char *name, char *sctx)
 {
-#ifdef HAVE_SELINUX
-
    /*
     *  Create a name prefix out of ctl.<service name>
     *  The new prefix allows the use of the existing
@@ -245,9 +237,6 @@ static int check_control_mac_perms(const char *name, char *sctx)
        return 0;

    return check_mac_perms(ctl_name, sctx);
-
-#endif
-    return 1;
 }

 /*
@@ -394,11 +383,9 @@ int property_set(const char *name, const char *value)
         * to prevent them from being overwritten by default values.
         */
        write_persistent_property(name, value);
-#ifdef HAVE_SELINUX
    } else if (strcmp("selinux.reload_policy", name) == 0 &&
               strcmp("1", value) == 0) {
        selinux_reload_policy();
-#endif
    }
    property_changed(name, value);
    return 0;
@@ -440,9 +427,7 @@ void handle_property_set_fd()
        msg.name[PROP_NAME_MAX-1] = 0;
        msg.value[PROP_VALUE_MAX-1] = 0;

-#ifdef HAVE_SELINUX
        getpeercon(s, &source_ctx);
-#endif

        if(memcmp(msg.name,"ctl.",4) == 0) {
            // Keep the old close-socket-early behavior when handling
@@ -467,10 +452,7 @@ void handle_property_set_fd()
            // the property is written to memory.
            close(s);
        }
-#ifdef HAVE_SELINUX
        freecon(source_ctx);
-#endif
-
        break;

    default:

--- a/init/util.c
+++ b/init/util.c
@@ -23,9 +23,7 @@
 #include <errno.h>
 #include <time.h>

-#ifdef HAVE_SELINUX
 #include <selinux/label.h>
-#endif

 #include <sys/stat.h>
 #include <sys/types.h>
@@ -89,9 +87,7 @@ int create_socket(const char *name, int type, mode_t perm, uid_t uid, gid_t gid)
 {
    struct sockaddr_un addr;
    int fd, ret;
-#ifdef HAVE_SELINUX
    char *secon;
-#endif

    fd = socket(PF_UNIX, type, 0);
    if (fd < 0) {
@@ -110,14 +106,12 @@ int create_socket(const char *name, int type, mode_t perm, uid_t uid, gid_t gid)
        goto out_close;
    }

-#ifdef HAVE_SELINUX
    secon = NULL;
    if (sehandle) {
        ret = selabel_lookup(sehandle, &secon, addr.sun_path, S_IFSOCK);
        if (ret == 0)
            setfscreatecon(secon);
    }
-#endif

    ret = bind(fd, (struct sockaddr *) &addr, sizeof (addr));
    if (ret) {
@@ -125,10 +119,8 @@ int create_socket(const char *name, int type, mode_t perm, uid_t uid, gid_t gid)
        goto out_unlink;
    }

-#ifdef HAVE_SELINUX
    setfscreatecon(NULL);
    freecon(secon);
-#endif

    chown(addr.sun_path, uid, gid);
    chmod(addr.sun_path, perm);
@@ -468,31 +460,27 @@ int make_dir(const char *path, mode_t mode)
 {
    int rc;

-#ifdef HAVE_SELINUX
    char *secontext = NULL;

    if (sehandle) {
        selabel_lookup(sehandle, &secontext, path, mode);
        setfscreatecon(secontext);
    }
-#endif

    rc = mkdir(path, mode);

-#ifdef HAVE_SELINUX
    if (secontext) {
        int save_errno = errno;
        freecon(secontext);
        setfscreatecon(NULL);
        errno = save_errno;
    }
-#endif
+
    return rc;
 }

 int restorecon(const char *pathname)
 {
-#ifdef HAVE_SELINUX
    char *secontext = NULL;
    struct stat sb;
    int i;
@@ -509,6 +497,5 @@ int restorecon(const char *pathname)
        return -errno;
    }
    freecon(secontext);
-#endif
    return 0;
 }