From 8f838d8aab0c5480664de04dce0171de4f4c7b00 Mon Sep 17 00:00:00 2001 From: Nathaniel Chen Date: Thu, 7 Mar 2013 11:06:57 -0800 Subject: [PATCH] core: move mount_setup_early() to main.c move mount_setup_early() call to main.c, before security module setup, so there are no more repeat calls. --- src/core/ima-setup.c | 5 ----- src/core/main.c | 1 + src/core/selinux-setup.c | 3 --- 3 files changed, 1 insertion(+), 8 deletions(-) diff --git a/src/core/ima-setup.c b/src/core/ima-setup.c index e8cc1ba..7f8ec23 100644 --- a/src/core/ima-setup.c +++ b/src/core/ima-setup.c @@ -50,11 +50,6 @@ int ima_setup(void) { int policyfd = -1, imafd = -1; int result = 0; -#ifndef HAVE_SELINUX - /* Mount the securityfs filesystem */ - mount_setup_early(); -#endif - if (stat(IMA_POLICY_PATH, &st) < 0) return 0; diff --git a/src/core/main.c b/src/core/main.c index 1c2453c..24d8d3e 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -1357,6 +1357,7 @@ int main(int argc, char *argv[]) { } if (!skip_setup) { + mount_setup_early(); if (selinux_setup(&loaded_policy) < 0) goto finish; if (ima_setup() < 0) diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c index e9c0de9..0723d7c 100644 --- a/src/core/selinux-setup.c +++ b/src/core/selinux-setup.c @@ -58,9 +58,6 @@ int selinux_setup(bool *loaded_policy) { cb.func_log = null_log; selinux_set_callback(SELINUX_CB_LOG, cb); - /* Make sure getcon() works, which needs /proc and /sys */ - mount_setup_early(); - /* Already initialized by somebody else? */ r = getcon_raw(&con); if (r == 0) { -- 2.7.4