diff options
| author | phajdan.jr@chromium.org <phajdan.jr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-06-02 07:19:39 +0000 |
|---|---|---|
| committer | phajdan.jr@chromium.org <phajdan.jr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-06-02 07:19:39 +0000 |
| commit | c36e93787ddb9a05f2e0e21b8d011caedb45aee9 (patch) | |
| tree | 3af69bb42611e3d27211859a84025404e96f10ee /content/zygote | |
| parent | bdd3dee739943bc08a168ff8d64c62c61ea51edb (diff) | |
| download | chromium_src-c36e93787ddb9a05f2e0e21b8d011caedb45aee9.zip chromium_src-c36e93787ddb9a05f2e0e21b8d011caedb45aee9.tar.gz chromium_src-c36e93787ddb9a05f2e0e21b8d011caedb45aee9.tar.bz2 | |
Fix SELinux build after refactoring of the zygote (https://chromiumcodereview.appspot.com/10356144). This is just moving code without changes.
BUG=none
TEST=none
Review URL: https://chromiumcodereview.appspot.com/10453114
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@140184 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/zygote')
| -rw-r--r-- | content/zygote/zygote_linux.cc | 25 | ||||
| -rw-r--r-- | content/zygote/zygote_main_linux.cc | 25 |
2 files changed, 25 insertions, 25 deletions
diff --git a/content/zygote/zygote_linux.cc b/content/zygote/zygote_linux.cc index ff50f24..ab3ead3 100644 --- a/content/zygote/zygote_linux.cc +++ b/content/zygote/zygote_linux.cc @@ -31,6 +31,11 @@ #include "content/common/sandbox_methods_linux.h" #include "content/common/zygote_commands_linux.h" +#if defined(CHROMIUM_SELINUX) +#include <selinux/selinux.h> +#include <selinux/context.h> +#endif + // See http://code.google.com/p/chromium/wiki/LinuxZygote namespace content { @@ -41,6 +46,26 @@ namespace { void SIGCHLDHandler(int signal) { } +#if defined(CHROMIUM_SELINUX) +void SELinuxTransitionToTypeOrDie(const char* type) { + security_context_t security_context; + if (getcon(&security_context)) + LOG(FATAL) << "Cannot get SELinux context"; + + context_t context = context_new(security_context); + context_type_set(context, type); + const int r = setcon(context_str(context)); + context_free(context); + freecon(security_context); + + if (r) { + LOG(FATAL) << "dynamic transition to type '" << type << "' failed. " + "(this binary has been built with SELinux support, but maybe " + "the policies haven't been loaded into the kernel?)"; + } +} +#endif // CHROMIUM_SELINUX + } // namespace Zygote::Zygote(int sandbox_flags, diff --git a/content/zygote/zygote_main_linux.cc b/content/zygote/zygote_main_linux.cc index 5673f09..6653909 100644 --- a/content/zygote/zygote_main_linux.cc +++ b/content/zygote/zygote_main_linux.cc @@ -47,11 +47,6 @@ #include <signal.h> #endif -#if defined(CHROMIUM_SELINUX) -#include <selinux/selinux.h> -#include <selinux/context.h> -#endif - namespace content { // See http://code.google.com/p/chromium/wiki/LinuxZygote @@ -63,26 +58,6 @@ static const char kUrandomDevPath[] = "/dev/urandom"; // chrooted. static const char kSUIDSandboxVar[] = "SBX_D"; -#if defined(CHROMIUM_SELINUX) -static void SELinuxTransitionToTypeOrDie(const char* type) { - security_context_t security_context; - if (getcon(&security_context)) - LOG(FATAL) << "Cannot get SELinux context"; - - context_t context = context_new(security_context); - context_type_set(context, type); - const int r = setcon(context_str(context)); - context_free(context); - freecon(security_context); - - if (r) { - LOG(FATAL) << "dynamic transition to type '" << type << "' failed. " - "(this binary has been built with SELinux support, but maybe " - "the policies haven't been loaded into the kernel?)"; - } -} -#endif // CHROMIUM_SELINUX - // With SELinux we can carve out a precise sandbox, so we don't have to play // with intercepting libc calls. #if !defined(CHROMIUM_SELINUX) |