summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNick Kralevich <nnk@google.com>2016-03-03 10:40:12 -0800
committerNick Kralevich <nnk@google.com>2016-03-03 11:26:24 -0800
commit3d9e27335926497c82bcfab228b90b84d732780f (patch)
tree7fe8b0b8c74f4013bfe2bdbcce30bbc912dde8a3
parent17741bc85c0570a4f01bf8c945db1cd1b117a19a (diff)
downloadcore-3d9e27335926497c82bcfab228b90b84d732780f.tar.gz
core-3d9e27335926497c82bcfab228b90b84d732780f.tar.bz2
core-3d9e27335926497c82bcfab228b90b84d732780f.zip
Mount selinuxfs when other filesystems are mounted
Be consistent when mounting filesystems, and mount selinuxfs at the same time other filesystems are mounted. In particular, this ensures that a /sys/fs/selinux/null is available at early boot, avoiding an unnecessary mknod call. Change-Id: I01e6b3900f48b4cb3f12d8a928e1e95911524252
-rw-r--r--init/init.cpp1
-rw-r--r--init/util.cpp22
2 files changed, 11 insertions, 12 deletions
diff --git a/init/init.cpp b/init/init.cpp
index 4aef82372..9e6143be3 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -561,6 +561,7 @@ int main(int argc, char** argv) {
#define MAKE_STR(x) __STRING(x)
mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC));
mount("sysfs", "/sys", "sysfs", 0, NULL);
+ mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
}
// We must have some place other than / to create the device nodes for
diff --git a/init/util.cpp b/init/util.cpp
index 84b415552..bddc3b210 100644
--- a/init/util.cpp
+++ b/init/util.cpp
@@ -401,20 +401,18 @@ int wait_for_file(const char *filename, int timeout)
void open_devnull_stdio(void)
{
- // Try to avoid the mknod() call if we can. Since SELinux makes
- // a /dev/null replacement available for free, let's use it.
int fd = open("/sys/fs/selinux/null", O_RDWR);
if (fd == -1) {
- // OOPS, /sys/fs/selinux/null isn't available, likely because
- // /sys/fs/selinux isn't mounted. Fall back to mknod.
- static const char *name = "/dev/__null__";
- if (mknod(name, S_IFCHR | 0600, (1 << 8) | 3) == 0) {
- fd = open(name, O_RDWR);
- unlink(name);
- }
- if (fd == -1) {
- exit(1);
- }
+ /* Fail silently.
+ * stdout/stderr isn't available, and because
+ * klog_init() is called after open_devnull_stdio(), we can't
+ * log to dmesg. Reordering klog_init() to be called before
+ * open_devnull_stdio() isn't an option either, as then klog_fd
+ * will be assigned 0 or 1, which will end up getting clobbered
+ * by the code below. There's nowhere good to log.
+ */
+
+ exit(1);
}
dup2(fd, 0);