From 74da609f0d0f9112047dd746188469df3692ad4a Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 15 Dec 2017 16:32:10 +0100
Subject: [PATCH] main: split out security policy loading into its own function

More refactoring to make things more digestable.
---
 src/core/main.c | 54 +++++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 43 insertions(+), 11 deletions(-)

diff --git a/src/core/main.c b/src/core/main.c
index 2903936..51d50d1 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2123,6 +2123,43 @@ static int safety_checks(void) {
         return 0;
 }
 
+static int initialize_security(
+                bool *loaded_policy,
+                dual_timestamp *security_start_timestamp,
+                dual_timestamp *security_finish_timestamp,
+                const char **ret_error_message) {
+
+        int r;
+
+        assert(loaded_policy);
+        assert(security_start_timestamp);
+        assert(security_finish_timestamp);
+        assert(ret_error_message);
+
+        dual_timestamp_get(security_start_timestamp);
+
+        r = mac_selinux_setup(loaded_policy) < 0;
+        if (r < 0) {
+                *ret_error_message = "Failed to load SELinux policy";
+                return r;
+        }
+
+        r = mac_smack_setup(loaded_policy);
+        if (r < 0) {
+                *ret_error_message = "Failed to load SMACK policy";
+                return r;
+        }
+
+        r = ima_setup();
+        if (r < 0) {
+                *ret_error_message = "Failed to load IMA policy";
+                return r;
+        }
+
+        dual_timestamp_get(security_finish_timestamp);
+        return 0;
+}
+
 int main(int argc, char *argv[]) {
         Manager *m = NULL;
         int r, retval = EXIT_FAILURE;
@@ -2201,18 +2238,13 @@ int main(int argc, char *argv[]) {
                                 goto finish;
                         }
 
-                        dual_timestamp_get(&security_start_timestamp);
-                        if (mac_selinux_setup(&loaded_policy) < 0) {
-                                error_message = "Failed to load SELinux policy";
-                                goto finish;
-                        } else if (mac_smack_setup(&loaded_policy) < 0) {
-                                error_message = "Failed to load SMACK policy";
-                                goto finish;
-                        } else if (ima_setup() < 0) {
-                                error_message = "Failed to load IMA policy";
+                        r = initialize_security(
+                                        &loaded_policy,
+                                        &security_start_timestamp,
+                                        &security_finish_timestamp,
+                                        &error_message);
+                        if (r < 0)
                                 goto finish;
-                        }
-                        dual_timestamp_get(&security_finish_timestamp);
                 }
 
                 if (mac_selinux_init() < 0) {
-- 
2.7.4