From 3f1812180b67d8d34e8b019f71598c918714a43d Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sat, 31 May 2025 16:36:43 +0200 Subject: [PATCH] core/smack-setup: use RET_NERRNO and RET_GATHER --- src/core/smack-setup.c | 77 +++++++++++++++++++++--------------------- 1 file changed, 39 insertions(+), 38 deletions(-) diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c index a37479d98aa..1e8e2b54e53 100644 --- a/src/core/smack-setup.c +++ b/src/core/smack-setup.c @@ -13,6 +13,7 @@ #include "alloc-util.h" #include "dirent-util.h" +#include "errno-util.h" #include "fd-util.h" #include "fileio.h" #include "log.h" @@ -49,20 +50,20 @@ static int fdopen_unlocked_at(int dfd, const char *dir, const char *name, int *s static int write_access2_rules(const char *srcdir) { _cleanup_close_ int load2_fd = -EBADF, change_fd = -EBADF; _cleanup_closedir_ DIR *dir = NULL; - int dfd = -EBADF, r = 0; + int dfd, r; - load2_fd = open("/sys/fs/smackfs/load2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); - if (load2_fd < 0) { - if (errno != ENOENT) - log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/load2"); - return -errno; /* negative error */ + load2_fd = r = RET_NERRNO(open("/sys/fs/smackfs/load2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY)); + if (r < 0) { + if (r != -ENOENT) + log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/load2"); + return r; } - change_fd = open("/sys/fs/smackfs/change-rule", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); - if (change_fd < 0) { - if (errno != ENOENT) - log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/change-rule"); - return -errno; /* negative error */ + change_fd = r = RET_NERRNO(open("/sys/fs/smackfs/change-rule", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY)); + if (r < 0) { + if (r != -ENOENT) + log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/change-rule"); + return r; } /* write rules to load2 or change-rule from every file in the directory */ @@ -76,6 +77,7 @@ static int write_access2_rules(const char *srcdir) { dfd = dirfd(dir); assert(dfd >= 0); + r = 0; FOREACH_DIRENT(entry, dir, return 0) { _cleanup_fclose_ FILE *policy = NULL; @@ -107,12 +109,12 @@ static int write_access2_rules(const char *srcdir) { continue; } - if (write(isempty(acc2) ? load2_fd : change_fd, buf, strlen(buf)) < 0) { - if (r == 0) - r = -errno; - log_error_errno(errno, "%s/%s: failed to write '%s' to '%s': %m", + q = RET_NERRNO(write(isempty(acc2) ? load2_fd : change_fd, buf, strlen(buf))); + if (q < 0) { + log_error_errno(q, "%s/%s: failed to write '%s' to '%s': %m", srcdir, entry->d_name, buf, isempty(acc2) ? "/sys/fs/smackfs/load2" : "/sys/fs/smackfs/change-rule"); + RET_GATHER(r, q); } } } @@ -123,13 +125,13 @@ static int write_access2_rules(const char *srcdir) { static int write_cipso2_rules(const char *srcdir) { _cleanup_close_ int cipso2_fd = -EBADF; _cleanup_closedir_ DIR *dir = NULL; - int dfd = -EBADF, r = 0; + int dfd, r; - cipso2_fd = open("/sys/fs/smackfs/cipso2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); - if (cipso2_fd < 0) { - if (errno != ENOENT) - log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/cipso2"); - return -errno; /* negative error */ + cipso2_fd = r = RET_NERRNO(open("/sys/fs/smackfs/cipso2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY)); + if (r < 0) { + if (r != -ENOENT) + log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/cipso2"); + return r; } /* write rules to cipso2 from every file in the directory */ @@ -143,6 +145,7 @@ static int write_cipso2_rules(const char *srcdir) { dfd = dirfd(dir); assert(dfd >= 0); + r = 0; FOREACH_DIRENT(entry, dir, return 0) { _cleanup_fclose_ FILE *policy = NULL; @@ -167,12 +170,12 @@ static int write_cipso2_rules(const char *srcdir) { if (isempty(buf) || strchr(COMMENTS, buf[0])) continue; - if (write(cipso2_fd, buf, strlen(buf)) < 0) { - if (r == 0) - r = -errno; - log_error_errno(errno, "%s/%s: failed to write '%s' to %s: %m", + q = RET_NERRNO(write(cipso2_fd, buf, strlen(buf))); + if (q < 0) { + log_error_errno(q, "%s/%s: failed to write '%s' to %s: %m", srcdir, entry->d_name, buf, "/sys/fs/smackfs/cipso2"); + RET_GATHER(r, q); break; } } @@ -184,7 +187,7 @@ static int write_cipso2_rules(const char *srcdir) { static int write_netlabel_rules(const char *srcdir) { _cleanup_fclose_ FILE *dst = NULL; _cleanup_closedir_ DIR *dir = NULL; - int dfd = -EBADF, r = 0; + int dfd, r; dst = fopen("/sys/fs/smackfs/netlabel", "we"); if (!dst) { @@ -204,6 +207,7 @@ static int write_netlabel_rules(const char *srcdir) { dfd = dirfd(dir); assert(dfd >= 0); + r = 0; FOREACH_DIRENT(entry, dir, return 0) { _cleanup_fclose_ FILE *policy = NULL; @@ -223,16 +227,14 @@ static int write_netlabel_rules(const char *srcdir) { break; if (!fputs(buf, dst)) { - if (r == 0) - r = -EINVAL; log_error_errno(errno, "Failed to write line to %s: %m", "/sys/fs/smackfs/netlabel"); + RET_GATHER(r, -errno); break; } q = fflush_and_check(dst); if (q < 0) { - if (r == 0) - r = q; log_error_errno(q, "Failed to flush %s: %m", "/sys/fs/smackfs/netlabel"); + RET_GATHER(r, q); break; } } @@ -282,16 +284,16 @@ static int write_onlycap_list(void) { list[len - 1] = 0; - onlycap_fd = open("/sys/fs/smackfs/onlycap", O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); - if (onlycap_fd < 0) { - if (errno != ENOENT) - log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/onlycap"); - return -errno; /* negative error */ + onlycap_fd = r = RET_NERRNO(open("/sys/fs/smackfs/onlycap", O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY)); + if (r < 0) { + if (r != -ENOENT) + log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/onlycap"); + return r; } - r = write(onlycap_fd, list, len); + r = RET_NERRNO(write(onlycap_fd, list, len)); if (r < 0) - return log_error_errno(errno, "%s: failed to write onlycap list(%s): %m", + return log_error_errno(r, "%s: failed to write onlycap list(%s): %m", "/sys/fs/smackfs/onlycap", list); return 0; @@ -302,7 +304,6 @@ static int write_onlycap_list(void) { int mac_smack_setup(bool *loaded_policy) { #if ENABLE_SMACK - int r; assert(loaded_policy); -- 2.47.3