* Macros to factor out common patterns.
* Minor error detection optimization at sites that happened to be nearby.
Change-Id: Ibd14776e5d52fa59c00098317bc8031fb351eb0b
/*
- * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2016-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
{
int inotify_fd = inotify_add_watch(fd, pathname, mask);
if (inotify_fd == -1) {
- LogError("Inotify watch failed on file " << pathname << ": " << GetErrnoString(errno));
+ LogErrno("Inotify watch on file " << pathname);
return SECURITY_MANAGER_ERROR_WATCH_ADD_TO_FILE_FAILED;
}
*wd = inotify_fd;
ret = inotify_init();
if (ret == -1) {
- LogError("Inotify init failed: " << GetErrnoString(errno));
+ LogErrno("Inotify init");
return SECURITY_MANAGER_ERROR_WATCH_ADD_TO_FILE_FAILED;
}
monitorPtr.get()->inotify = ret;
if (monitorPtr->global_labels_file_watch != -1) {
int ret = inotify_rm_watch(monitorPtr->inotify, monitorPtr->global_labels_file_watch);
if (ret == -1) {
- LogError("Inotify watch removal failed on file " <<
- APPS_LABELS_FILE << ": " << GetErrnoString(errno));
+ LogErrno("Inotify watch removal on file " << APPS_LABELS_FILE);
}
}
if (monitorPtr->user_labels_file_watch != -1) {
int ret = inotify_rm_watch(monitorPtr->inotify, monitorPtr->user_labels_file_watch);
if (ret == -1) {
- LogError("Inotify watch removal failed on file "
- << monitor->user_label_file_path << ": " << GetErrnoString(errno));
+ LogErrno("Inotify watch removal on file " << monitor->user_label_file_path);
}
}
close(monitorPtr->inotify);
int avail;
int ret = ioctl(monitor->inotify, FIONREAD, &avail);
if (ret == -1) {
- LogError("Ioctl on inotify descriptor failed: " << GetErrnoString(errno));
+ LogErrno("Ioctl on inotify descriptor");
return SECURITY_MANAGER_ERROR_UNKNOWN;
}
for (int pos = 0; pos < avail;) {
int ret = TEMP_FAILURE_RETRY(read(monitor->inotify, bufPtr.get() + pos, avail - pos));
if (ret == -1) {
- LogError("Inotify read failed: " << GetErrnoString(errno));
+ LogErrno("Inotify read");
return SECURITY_MANAGER_ERROR_UNKNOWN;
}
pos += ret;
if (ESRCH == err) // thread already gone
threads_gone++;
else
- LogError("Error in tgkill()" << GetErrnoString(err));
+ LogWithErrno(err, "tgkill()");
continue;
}
ret = getgroups(NGROUPS_MAX + 1, grp);
if (ret < 0) {
- LogError("Unable to get list of current supplementary groups: " <<
- GetErrnoString(errno));
+ LogErrno("get list of current supplementary groups");
return SECURITY_MANAGER_ERROR_UNKNOWN;
}
LogDebug("Final supplementary groups count: " << size);
if (setgroups(size, grp) < 0) {
- LogError("Unable to set list of current supplementary groups: " <<
- GetErrnoString(errno));
+ LogErrno("set list of current supplementary groups");
return SECURITY_MANAGER_ERROR_UNKNOWN;
}
if (0 == retval) {
LogDebug("Poll timeout");
} else if (-1 == retval) {
- int err = errno;
- LogError("Error in poll: " << GetErrnoString(err));
+ LogErrno("poll");
}
return retval;
}
m_sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (m_sock < 0) {
- int err = errno;
- LogError("Error creating socket: " << GetErrnoString(err));
+ LogErrno("socket");
return SECURITY_MANAGER_ERROR_SOCKET;
}
if ((flags = fcntl(m_sock, F_GETFL, 0)) < 0 ||
fcntl(m_sock, F_SETFL, flags | O_NONBLOCK) < 0)
{
- int err = errno;
- LogError("Error in fcntl: " << GetErrnoString(err));
+ LogErrno("fcntl");
return SECURITY_MANAGER_ERROR_SOCKET;
}
retval = getsockopt(m_sock, SOL_SOCKET, SO_ERROR, &error, &len);
if (-1 == retval) {
- int err = errno;
- LogError("Error in getsockopt: " << GetErrnoString(err));
+ LogErrno("getsockopt");
return SECURITY_MANAGER_ERROR_SOCKET;
}
}
if (error != 0) {
- LogError("Error in connect: " << GetErrnoString(error));
+ LogWithErrno(error, "connect");
return SECURITY_MANAGER_ERROR_SOCKET;
}
if (-1 == retval) {
int err = errno;
- LogError("Error connecting socket: " << GetErrnoString(err));
+ LogWithErrno(err, "connecting socket");
if (err == EACCES)
return SECURITY_MANAGER_ERROR_ACCESS_DENIED;
if (err == ENOTSOCK)
}
const auto temp = TEMP_FAILURE_RETRY(::send(sock.Get(), buffer.Ptr(), buffer.OutputSize(), MSG_NOSIGNAL));
if (temp < 0) {
- int err = errno;
- LogError("Error in write: " << GetErrnoString(err));
+ LogErrno("write");
return SECURITY_MANAGER_ERROR_SOCKET;
}
if (buffer.OutputDone(temp))
if (temp <= 0) {
if (!temp)
LogError("Read return 0/Connection closed by server(?)");
- else {
- int err = errno;
- LogError("Error in read: " << GetErrnoString(err));
- }
+ else
+ LogErrno("read");
return SECURITY_MANAGER_ERROR_SOCKET;
}
switch (buffer.InputDone(temp)) {
/*
- * Copyright (c) 2014-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2014-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
Cynara::Cynara() : m_eventFd(eventfd(0, 0)), m_cynaraFd(m_eventFd), m_cynaraFdEvents(0), m_terminate(false)
{
if (m_eventFd == -1) {
- LogError("Error while creating eventfd: " << GetErrnoString(errno));
+ LogErrno("creating eventfd");
ThrowMsg(CynaraException::UnknownError, "Error while creating eventfd");
}
void Cynara::threadNotifyPut()
{
- int ret = eventfd_write(m_eventFd, 1);
- if (ret == -1)
- LogError("Unexpected error while writing to eventfd: " << GetErrnoString(errno));
+ if (eventfd_write(m_eventFd, 1))
+ LogErrno("writing to eventfd");
}
void Cynara::threadNotifyGet()
{
eventfd_t value;
- int ret = eventfd_read(m_eventFd, &value);
- if (ret == -1)
- LogError("Unexpected error while reading from eventfd: " << GetErrnoString(errno));
+ if (eventfd_read(m_eventFd, &value))
+ LogErrno("reading from eventfd");
}
void Cynara::statusCallback(int oldFd, int newFd, cynara_async_status status)
/*
- * Copyright (c) 2014-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2014-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
return;
int ret;
- while((-1 == (ret = flock(m_lockFileFd, m_blocking ? LOCK_EX : LOCK_NB | LOCK_EX))) && (errno == EINTR));
+ while ((ret = flock(m_lockFileFd, m_blocking ? LOCK_EX : LOCK_NB | LOCK_EX)) && (errno == EINTR));
m_locked = ret == 0;
int err = errno;
- if (-1 == ret && err != EWOULDBLOCK) {
- LogError("Error while locking a file " << m_lockFile);
- ThrowMsg(FileLocker::Exception::LockFailed,
- "Error while locking a file " << m_lockFile << ", error: " << GetErrnoString(err));
- }
+ if (ret && err != EWOULDBLOCK)
+ LogAndThrowWithErrno(err, FileLocker::Exception::LockFailed, "locking a file " << m_lockFile);
if (m_locked)
LogDebug("We have a lock on " << m_lockFile << " file.");
{
if (m_locked) {
int ret;
- while((-1 == (ret = flock(m_lockFileFd, LOCK_UN))) && (errno == EINTR));
- if (-1 == ret) {
- int err = errno;
- LogError("Error while unlocking a file " << m_lockFile);
- ThrowMsg(FileLocker::Exception::UnlockFailed,
- "Error while unlocking a file " << m_lockFile << ", error: " << GetErrnoString(err));
- }
+ while ((ret = flock(m_lockFileFd, LOCK_UN)) && (errno == EINTR));
+ if (ret)
+ LogAndThrowErrno(FileLocker::Exception::UnlockFailed, "unlocking a file " << m_lockFile);
+
m_locked = false;
LogDebug("Lock released.");
}
{
FileNameVector result;
dirent *ptr;
- int err;
auto dir = makeUnique(opendir(path.c_str()), closedir);
- if (!dir) {
- err = errno;
- ThrowMsg(FS::Exception::FileError,
- "Error opening directory: " << path << " Error: " << GetErrnoString(err));
- }
+ if (!dir)
+ ThrowErrno(FS::Exception::FileError, "opening directory: " << path);
while (true) {
errno = 0;
ptr = readdir(dir.get());
if (!ptr) {
- if (errno) {
- err = errno;
- ThrowMsg(FS::Exception::FileError,
- "Error reading directory: " << path << " Error: " << GetErrnoString(err));
- }
+ if (const auto err = errno)
+ ThrowWithErrno(err, FS::Exception::FileError, "reading directory: " << path);
break;
}
struct stat finfo;
- if (0 > fstatat(dirfd(dir.get()), ptr->d_name, &finfo, AT_SYMLINK_NOFOLLOW)) {
+ if (0 > fstatat(dirfd(dir.get()), ptr->d_name, &finfo, AT_SYMLINK_NOFOLLOW))
ThrowMsg(FS::Exception::FileError, "Error reading: " << ptr->d_name);
- }
if (noDot && (!strcmp(ptr->d_name, ".") || !strcmp(ptr->d_name, "..")))
continue;
createDirectory(parent);
}
- int ret = mkdir(path.c_str(), 0750);
- if (ret != 0 && errno != EEXIST) {
- LogError("Failed to create directory: " << path << " " << GetErrnoString(errno));
+ if (mkdir(path.c_str(), 0750) && errno != EEXIST) {
+ LogErrno("create directory: " << path);
return SECURITY_MANAGER_ERROR_FILE_CREATE_FAILED;
}
return SECURITY_MANAGER_SUCCESS;
int removeDirectory(const std::string &path)
{
- int ret = rmdir(path.c_str());
- if (ret != 0) {
- LogWarning("Failed to remove directory: " << path << " " << GetErrnoString(errno));
+ if (rmdir(path.c_str())) {
+ WarnErrno("remove directory: " << path);
return SECURITY_MANAGER_ERROR_FILE_DELETE_FAILED;
}
return SECURITY_MANAGER_SUCCESS;
int removeFile(const std::string &path)
{
- int ret = unlink(path.c_str());
- if (ret != 0) {
- LogWarning("Failed to remove file: " << path << " " << GetErrnoString(errno));
+ if (unlink(path.c_str())) {
+ WarnErrno("remove file: " << path);
return SECURITY_MANAGER_ERROR_FILE_DELETE_FAILED;
}
return SECURITY_MANAGER_SUCCESS;
int symLink(const std::string &src, const std::string &dst)
{
- int ret = symlink(src.c_str(), dst.c_str());
- if (ret == -1) {
- LogError("Failed to symlink path " << src << " to " << dst << " " << GetErrnoString(errno));
+ if (symlink(src.c_str(), dst.c_str())) {
+ WarnErrno("symlink path " << src << " to " << dst);
return SECURITY_MANAGER_ERROR_FILE_CREATE_FAILED;
}
return SECURITY_MANAGER_SUCCESS;
/*
- * Copyright (c) 2017-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2017-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
{
int ret = eventfd_write(m_eventFd, 1);
if (ret == -1)
- LogError("Unexpected error while writing to eventfd: " << GetErrnoString(errno));
+ LogErrno("writing to eventfd");
}
void MntMonitor::threadNotifyGet()
eventfd_t value;
int ret = eventfd_read(m_eventFd, &value);
if (ret == -1)
- LogError("Unexpected error while reading from eventfd: " << GetErrnoString(errno));
+ LogErrno("reading from eventfd");
}
void MntMonitor::run()
int createMountNamespace(void)
{
- int ret = unshare(CLONE_NEWNS);
- if (ret != 0) {
- LogError("Failed to unshare mount namespace: " << GetErrnoString(errno));
+ if (unshare(CLONE_NEWNS)) {
+ LogErrno("unshare mount namespace");
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
return SECURITY_MANAGER_SUCCESS;
{
int fd = open(mntPath.c_str(), O_RDONLY);
if (fd < 0) {
- LogError("Failed to open " << mntPath << ": " << GetErrnoString(errno));
+ LogErrno("open " << mntPath);
return SECURITY_MANAGER_ERROR_FILE_OPEN_FAILED;
}
// 0 == allow any type of namespace
int ret = setns(fd, 0);
+ const auto err = errno;
close(fd);
if (ret != 0) {
- LogError("Failed to setns " << mntPath << ": " << GetErrnoString(errno));
+ LogWithErrno(err, "setns " << mntPath);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
int makeMountSlave(const Path &mountPoint)
{
- int ret = mount("none", mountPoint.c_str(), NULL, MS_REC|MS_SLAVE, NULL);
- if (ret != 0) {
- LogError("Failed to make mount point " << mountPoint << " slave: " << GetErrnoString(errno));
+ if (mount(NULL, mountPoint.c_str(), NULL, MS_REC|MS_SLAVE, NULL)) {
+ LogErrno("make mount point " << mountPoint << " slave");
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
return SECURITY_MANAGER_SUCCESS;
int makeMountPrivate(const Path &mountPoint)
{
- int ret = mount("none", mountPoint.c_str(), NULL, MS_PRIVATE, NULL);
- if (ret != 0) {
- LogError("Failed to make mount point " << mountPoint << " private: " << GetErrnoString(errno));
+ if (mount(NULL, mountPoint.c_str(), NULL, MS_PRIVATE, NULL)) {
+ LogErrno("make mount point " << mountPoint << " private");
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
return SECURITY_MANAGER_SUCCESS;
int bindMountRW(const Path &source, const Path &target)
{
- int ret = mount(source.c_str(), target.c_str(), NULL, MS_BIND, NULL);
- if (ret != 0) {
- LogError("Failed to RW bind directory " << source << " to " << target << " " << GetErrnoString(errno));
+ if (mount(source.c_str(), target.c_str(), NULL, MS_BIND, NULL)) {
+ LogErrno("RW bind directory " << source << " to " << target);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
return SECURITY_MANAGER_SUCCESS;
int bindMountRO(const Path &source, const Path &target)
{
- int ret = mount(source.c_str(), target.c_str(), NULL, MS_BIND, NULL);
- if (ret != 0) {
- LogError("Failed to bind directory " << source << " to " << target << " " << GetErrnoString(errno));
+ if (mount(source.c_str(), target.c_str(), NULL, MS_BIND, NULL)) {
+ LogErrno("bind directory " << source << " to " << target);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
- ret = mount(NULL, target.c_str(), NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL);
- if (ret != 0) {
- LogError("Failed to RO bind directory " << source << " to " << target << " " << GetErrnoString(errno));
+ if (mount(NULL, target.c_str(), NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL)) {
+ LogErrno("RO bind directory " << source << " to " << target);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
int bindMountROIfExists(const Path &source, const Path &target)
{
- int ret = mount(source.c_str(), target.c_str(), NULL, MS_BIND, NULL);
- if (ret != 0) {
- if (errno == ENOENT) {
+ if (mount(source.c_str(), target.c_str(), NULL, MS_BIND, NULL)) {
+ const auto err = errno;
+ if (err == ENOENT) {
LogDebug("ENOENT when binding " << source << " to " << target << ", skipping");
return SECURITY_MANAGER_SUCCESS;
}
- LogError("Failed to bind directory " << source << " to " << target << " " << GetErrnoString(errno));
+ LogWithErrno(err, "bind directory " << source << " to " << target);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
- ret = mount(NULL, target.c_str(), NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL);
- if (ret != 0) {
- LogError("Failed to RO bind directory " << source << " to " << target << " " << GetErrnoString(errno));
+ if (mount(NULL, target.c_str(), NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL)) {
+ LogErrno("RO bind directory " << source << " to " << target);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
int uMount(const Path &target)
{
- int ret = umount(target.c_str());
- if (ret != 0) {
- LogWarning("Failed to umount: " << target << " " << GetErrnoString(errno));
+ if (umount(target.c_str())) {
+ WarnErrno("umount " << target);
return SECURITY_MANAGER_ERROR_MOUNT_ERROR;
}
return SECURITY_MANAGER_SUCCESS;
bool isPathBound(const Path &what, const Path &where)
{
struct stat st1, st2;
- int ret;
- ret = lstat(what.c_str(), &st1);
- if (ret < 0) {
- LogError("Unable to stat " << what << " " << GetErrnoString(errno));
+ if (lstat(what.c_str(), &st1)) {
+ LogErrno("stat " << what);
return false;
}
- ret = lstat(where.c_str(), &st2);
- if (ret < 0) {
- LogError("Unable to stat " << where << " " << GetErrnoString(errno));
+ if (lstat(where.c_str(), &st2)) {
+ LogErrno("stat " << where);
return false;
}
/*
- * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2016-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
static void openAndLockNameFile(const std::string &nameFile, T &fstream)
{
fstream.open(nameFile);
- if (!fstream.is_open()) {
- LogError("Unable to open file " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::FileOpenError, "Unable to open file ");
- }
+ if (!fstream.is_open())
+ LogAndThrowErrno(PermissibleSetException::FileOpenError, "open file " << nameFile);
- int ret = TEMP_FAILURE_RETRY(flock(getFd(fstream), LOCK_EX));
- if (ret == -1) {
- LogError("Unable to lock file " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::FileLockError, "Unable to lock file");
- }
+ if (TEMP_FAILURE_RETRY(flock(getFd(fstream), LOCK_EX)))
+ LogAndThrowErrno(PermissibleSetException::FileLockError, "lock file " << nameFile);
}
std::string getPermissibleFileLocation(uid_t uid, int installationType)
static void markPermissibleFileValid(int fd, const std::string &nameFile, bool valid)
{
- int ret;
- if (valid)
- ret = TEMP_FAILURE_RETRY(fchmod(fd, 00444));
- else
- ret = TEMP_FAILURE_RETRY(fchmod(fd, 00000));
- if (ret == -1) {
- LogError("Error at fchmod " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::FileWriteError, "Error at fchmod");
- }
+ const auto mode = valid ? 00444 : 00000;
+ if (TEMP_FAILURE_RETRY(fchmod(fd, mode)))
+ LogAndThrowErrno(PermissibleSetException::FileWriteError, "fchmod " << nameFile);
}
void updatePermissibleFile(uid_t uid, int installationType,
for (auto &label : labelsForUser) {
fstream << label << '\n';
- if (fstream.bad()) {
- LogError("Unable to write to file " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::PermissibleSetException::FileWriteError,
- "Unable to write to file");
- }
- }
- if (fstream.flush().fail()) {
- LogError("Error at fflush " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::FileWriteError, "Error at fflush");
- }
- if (fsync(getFd(fstream)) == -1) {
- LogError("Error at fsync " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::FileWriteError, "Error at fsync");
+ if (fstream.bad())
+ LogAndThrowErrno(PermissibleSetException::PermissibleSetException::FileWriteError,
+ "write to file " << nameFile);
}
+ if (fstream.flush().fail())
+ LogAndThrowErrno(PermissibleSetException::FileWriteError, "fflush " << nameFile);
+ if (fsync(getFd(fstream)) == -1)
+ LogAndThrowErrno(PermissibleSetException::FileWriteError, "fsync " << nameFile);
markPermissibleFileValid(getFd(fstream), nameFile, true);
}
while (std::getline(fstream, line))
appLabels.push_back(line);
- if (fstream.bad()) {
- LogError("Failure while reading file " << nameFile << ": " << GetErrnoString(errno));
- ThrowMsg(PermissibleSetException::FileReadError, "Failure while reading file");
- }
+ if (fstream.bad())
+ LogAndThrowErrno(PermissibleSetException::FileReadError, "reading file " << nameFile);
}
void initializeUserPermissibleFile(uid_t uid)
std::string nameDir = FS::getDirectoryName(nameFile);
if (mkdir(nameDir.c_str(), 0755) != 0 && errno != EEXIST)
- ThrowMsg(PermissibleSetException::FileInitError,
- "Unable to create directory for user permissible file:" << GetErrnoString(errno));
+ ThrowErrno(PermissibleSetException::FileInitError,
+ "create directory for user permissible file");
std::ofstream fstream;
openAndLockNameFile(nameFile, fstream);
std::string nameDir = FS::getDirectoryName(nameFile);
if (unlink(nameFile.c_str()) != 0 && errno != ENOENT)
- ThrowMsg(PermissibleSetException::FileRemoveError,
- "Unable to remove user permissible file:" << GetErrnoString(errno));
+ ThrowErrno(PermissibleSetException::FileRemoveError,
+ "remove user permissible file");
if (rmdir(nameFile.c_str()) != 0 && errno != ENOENT)
- ThrowMsg(PermissibleSetException::FileRemoveError,
- "Unable to remove directory for user permissible file:" << GetErrnoString(errno));
+ ThrowErrno(PermissibleSetException::FileRemoveError,
+ "remove directory for user permissible file");
}
} // PermissibleSet
{
auto real_pathPtr = makeUnique(realpath(path.c_str(), nullptr), free);
if (!real_pathPtr) {
- LogWarning("Error in realpath(): " << GetErrnoString(errno) << " for: " << path);
+ WarnErrno("realpath(" << path << ')');
return std::string();
}
/*
- * Copyright (c) 2014-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2014-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
}
/* If last call to fts_read() set errno, we need to return error. */
- if ((errno != 0) && (ftsent == NULL)) {
- LogError("Last errno from fts_read: " << GetErrnoString(errno));
- ThrowMsg(SmackException::FileError, "Last errno from fts_read: " << GetErrnoString(errno));
- }
+ if ((errno != 0) && (ftsent == NULL))
+ LogAndThrowErrno(SmackException::FileError, "last fts_read");
}
static void labelDir(const std::string &path, const Smack::Label &label,
time_t monotonicCoarseNow() {
struct timespec now;
if (clock_gettime(CLOCK_MONOTONIC_COARSE, &now)) {
- int err = errno;
- LogError("Can't access monotonic clock, error: " << GetErrnoString(err));
+ LogErrno("access monotonic clock");
return 0;
}
return now.tv_sec;
", caller pid = " + std::to_string(creds.pid) +
", caller label = " + creds.label;
- if (clock_gettime(CLOCK_MONOTONIC_RAW, &m_start) == -1) {
- int err = errno;
- LogError("Can't access monotonic clock, error: " << GetErrnoString(err));
- }
+ if (clock_gettime(CLOCK_MONOTONIC_RAW, &m_start))
+ LogErrno("access monotonic clock");
}
ScopedTimeStamper::~ScopedTimeStamper()
{
struct timespec end;
- if (clock_gettime(CLOCK_MONOTONIC_RAW, &end) == -1) {
- int err = errno;
- LogError("Can't access monothonic clock, error: " << GetErrnoString(err));
- }
+ if (clock_gettime(CLOCK_MONOTONIC_RAW, &end))
+ LogErrno("access monothonic clock");
+
long ndiff = (end.tv_nsec - m_start.tv_nsec ) + (end.tv_sec - m_start.tv_sec ) * 1E9;
float sec(ndiff);
sec *= 0.000000001;
/*
- * Copyright (c) 2011-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2011-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
namespace SecurityManager {
std::string GetErrnoString(int error = errno);
} // namespace SecurityManager
+
+#define _PrepareLogErrnoMsg_(ERRNO) const auto _errnoString_ = GetErrnoString(ERRNO)
+#define _LogErrnoMsg_(...) __VA_ARGS__ << " failed: " << _errnoString_
+
+#define LogWithErrno(ERRNO, ...) do { \
+ _PrepareLogErrnoMsg_(ERRNO); \
+ LogError(_LogErrnoMsg_(__VA_ARGS__)); \
+} while (0)
+
+#define WarnWithErrno(ERRNO, ...) do { \
+ _PrepareLogErrnoMsg_(ERRNO); \
+ LogWarning(_LogErrnoMsg_(__VA_ARGS__)); \
+} while (0)
+
+#define ThrowWithErrno(ERRNO, CLASS, ...) do { \
+ _PrepareLogErrnoMsg_(ERRNO); \
+ ThrowMsg(CLASS, _LogErrnoMsg_(__VA_ARGS__)); \
+} while (0)
+
+#define LogAndThrowWithErrno(ERRNO, CLASS, ...) do { \
+ _PrepareLogErrnoMsg_(ERRNO); \
+ LogError(_LogErrnoMsg_(__VA_ARGS__)); \
+ ThrowMsg(CLASS, _LogErrnoMsg_(__VA_ARGS__)); \
+} while (0)
+
+#define LogErrno(...) LogWithErrno(errno, __VA_ARGS__)
+#define WarnErrno(...) WarnWithErrno(errno, __VA_ARGS__)
+#define ThrowErrno(...) ThrowWithErrno(errno, __VA_ARGS__)
+#define LogAndThrowErrno(...) LogAndThrowWithErrno(errno, __VA_ARGS__)
mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;
fd = TEMP_FAILURE_RETRY(creat(path.c_str(), mode));
if (fd == -1) {
- std::cerr << "Creating file " << path << " failed with " << SecurityManager::GetErrnoString(errno);
+ std::cerr << "Creating file " << path << " failed with " << SecurityManager::GetErrnoString();
return false;
}
close(fd);
self_data.pid = getpid();
if (resource_register_cpu_inheritance_destination(RESOURCE_CPU_DEST_NAME, self_data) != 0)
- LogError("resource_register_cpi_inheritance_destination failed");
+ LogError("resource_register_cpu_inheritance_destination failed");
if (!REGISTER_SOCKET_SERVICE(manager, SecurityManager::Service, std::move(channel))) {
LogError("Unable to create socket service. Exiting.");
ThrowMsg(Exception::InitFailed, "Error in pthread_sigmask: " << err);
// add support for TERM signal (passed from systemd)
- if ((m_signalFd = signalfd(-1, &set, 0)) < 0) {
- int err = errno;
- ThrowMsg(Exception::InitFailed, "Error in signalfd: " << GetErrnoString(err));
- }
+ if ((m_signalFd = signalfd(-1, &set, 0)) < 0)
+ ThrowErrno(Exception::InitFailed, "signalfd");
RegisterFdForReading(m_signalFd);
- if ((m_notifyMe = eventfd(0, 0)) < 0) {
- int err = errno;
- ThrowMsg(Exception::InitFailed, "Error in eventfd: " << GetErrnoString(err));
- }
+ if ((m_notifyMe = eventfd(0, 0)) < 0)
+ ThrowErrno(Exception::InitFailed, "eventfd");
LogInfo("Eventfd desc: " << m_notifyMe);
RegisterFdForReading(m_notifyMe);
}
int client = accept4(m_listenSock, (struct sockaddr*) &clientAddr, &clientLen, SOCK_NONBLOCK);
// LogInfo("Accept on sock: " << sock << " Socket opended: " << client);
if (-1 == client) {
- int err = errno;
- LogError("Error in accept: " << GetErrnoString(err));
+ LogErrno("accept");
return;
}
case EINTR:
break;
default:
- LogError("Reading sock error: " << GetErrnoString(err));
+ LogWithErrno(err, "Reading sock");
goto close;
}
} else {
// select will trigger write once again, nothing to do
break;
default:
- LogError("Error during write: " << GetErrnoString(err));
+ LogWithErrno(err, "write");
CloseSocket(sock);
break;
}
int ret = TEMP_FAILURE_RETRY(select(m_maxDesc+1, &readSet, &writeSet, nullptr, nullptr));
if (ret < 0) {
- int err = errno;
- LogError("Error in select: " << GetErrnoString(err));
+ LogErrno("select");
return;
}
}
if (-1 == (sockfd = socket(AF_UNIX, SOCK_STREAM, 0))) {
- int err = errno;
- LogError("Error in socket: " << GetErrnoString(err));
- ThrowMsg(Exception::InitFailed, "Error in socket: " << GetErrnoString(err));
+ LogAndThrowErrno(Exception::InitFailed, "socket");
}
if (smack_check()) {
if (-1 == (flags = fcntl(sockfd, F_GETFL, 0)))
flags = 0;
- if (-1 == fcntl(sockfd, F_SETFL, flags | O_NONBLOCK)) {
+ if (fcntl(sockfd, F_SETFL, flags | O_NONBLOCK)) {
int err = errno;
close(sockfd);
- LogError("Error in fcntl: " << GetErrnoString(err));
- ThrowMsg(Exception::InitFailed, "Error in fcntl: " << GetErrnoString(err));
+ LogAndThrowWithErrno(err, Exception::InitFailed, "fcntl");
}
sockaddr_un serverAddress;
mode_t originalUmask;
originalUmask = umask(0);
- if (-1 == bind(sockfd, (struct sockaddr*)&serverAddress, sizeof(serverAddress))) {
+ if (bind(sockfd, (struct sockaddr*)&serverAddress, sizeof(serverAddress))) {
int err = errno;
close(sockfd);
- LogError("Error in bind: " << GetErrnoString(err));
- ThrowMsg(Exception::InitFailed, "Error in bind: " << GetErrnoString(err));
+ LogAndThrowWithErrno(err, Exception::InitFailed, "bind");
}
umask(originalUmask);
- if (-1 == listen(sockfd, SOMAXCONN)) {
+ if (listen(sockfd, SOMAXCONN)) {
int err = errno;
close(sockfd);
- LogError("Error in listen: " << GetErrnoString(err));
- ThrowMsg(Exception::InitFailed, "Error in listen: " << GetErrnoString(err));
+ LogAndThrowWithErrno(err, Exception::InitFailed, "listen");
}
return sockfd;
/*
- * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2016-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
if (f != NULL)
fclose(f);
else
- LogError("Failed to open file " << existingLockFile << " : " << GetErrnoString());
- if (-1 == remove(noExistingLockFile.c_str()))
- LogError("Failed to remove file " << noExistingLockFile << " : " << GetErrnoString());
+ LogErrno("open file " << existingLockFile);
+ if (remove(noExistingLockFile.c_str()))
+ LogErrno("remove file " << noExistingLockFile);
}
~FileLockFixture()
{
if (remove(existingLockFile.c_str()))
- LogWarning("Failed to remove file " << existingLockFile << " : " << GetErrnoString());
- if (-1 == remove(noExistingLockFile.c_str()))
- LogError("Failed to remove file " << noExistingLockFile << " : " << GetErrnoString());
+ WarnErrno("remove file " << existingLockFile);
+ if (remove(noExistingLockFile.c_str()))
+ LogErrno("remove file " << noExistingLockFile);
}
const static std::string existingLockFile;
{
FILE *f;
f = fopen(existingFile.c_str(), "w");
- int er = errno;
if (f != NULL)
fclose(f);
else
- LogError("Failed to open file " << existingFile << " : " << GetErrnoString(er));
+ LogErrno("open file " << existingFile);
uid_t i = 0;
while(getpwuid(++i));
nonexistingUid = i;
projects / platform / core / security / security-manager.git / commitdiff