[lxc-devel] [lxc/master] lsm: do not #ifdefine
brauner on Github
lxc-bot at linuxcontainers.org
Thu Feb 1 12:16:08 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 457 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180201/ae160568/attachment.bin>
-------------- next part --------------
From 1fb5e888a6ef3fb29c315abc59552d8c46291e46 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 1 Feb 2018 13:14:36 +0100
Subject: [PATCH] lsm: do not #ifdefine
Since we stopped linking against AppArmor we can now remove the conditional
compilation.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/lsm/lsm.c | 6 +-----
src/lxc/lsm/lsm.h | 43 ++-----------------------------------------
src/lxc/lsm/selinux.c | 2 +-
3 files changed, 4 insertions(+), 47 deletions(-)
diff --git a/src/lxc/lsm/lsm.c b/src/lxc/lsm/lsm.c
index 677f53a61..5186fe902 100644
--- a/src/lxc/lsm/lsm.c
+++ b/src/lxc/lsm/lsm.c
@@ -21,8 +21,6 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-#if HAVE_APPARMOR || HAVE_SELINUX
-
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
@@ -31,7 +29,7 @@
#include "conf.h"
#include "log.h"
-#include "lsm/lsm.h"
+#include "lsm.h"
lxc_log_define(lxc_lsm, lxc);
@@ -183,5 +181,3 @@ int lsm_process_label_set(const char *label, struct lxc_conf *conf,
}
return drv->process_label_set(label, conf, use_default, on_exec);
}
-
-#endif
diff --git a/src/lxc/lsm/lsm.h b/src/lxc/lsm/lsm.h
index 33a412b7b..cafb2ac7c 100644
--- a/src/lxc/lsm/lsm.h
+++ b/src/lxc/lsm/lsm.h
@@ -28,7 +28,7 @@ struct lxc_conf;
#include <sys/types.h>
-#include "../utils.h"
+#include "utils.h"
#define LXC_LSMATTRLEN (5 + (LXC_NUMSTRLEN64) + 7 + 1)
@@ -41,7 +41,6 @@ struct lsm_drv {
bool use_default, bool on_exec);
};
-#if HAVE_APPARMOR || HAVE_SELINUX
extern void lsm_init(void);
extern int lsm_enabled(void);
extern const char *lsm_name(void);
@@ -51,43 +50,5 @@ extern int lsm_process_label_set(const char *label, struct lxc_conf *conf,
extern int lsm_process_label_fd_get(pid_t pid, bool on_exec);
extern int lsm_process_label_set_at(int label_fd, const char *label,
bool on_exec);
-#else
-static inline void lsm_init(void)
-{
- return;
-}
-static inline int lsm_enabled(void) {
- return 0;
-}
-
-static inline const char *lsm_name(void)
-{
- return "none";
-}
-
-static inline char *lsm_process_label_get(pid_t pid)
-{
- return NULL;
-}
-
-static inline int lsm_process_label_set(const char *label,
- struct lxc_conf *conf, bool use_default,
- bool on_exec)
-{
- return 0;
-}
-
-static inline int lsm_process_label_fd_get(pid_t pid, bool on_exec)
-{
- return 0;
-}
-
-extern int lsm_process_label_set_at(int label_fd, const char *label,
- bool on_exec)
-{
- return 0;
-}
-#endif
-
-#endif
+#endif /* __LXC_LSM_H */
diff --git a/src/lxc/lsm/selinux.c b/src/lxc/lsm/selinux.c
index 857fe29a8..ecdffc36d 100644
--- a/src/lxc/lsm/selinux.c
+++ b/src/lxc/lsm/selinux.c
@@ -28,7 +28,7 @@
#include <selinux/selinux.h>
#include "log.h"
-#include "lsm/lsm.h"
+#include "lsm.h"
#include "conf.h"
#define DEFAULT_LABEL "unconfined_t"
More information about the lxc-devel
mailing list