[CRIU] [PATCH 6/6] lsm: Remove reset_setsockcreatecon()

[Dmitry Safonov]

It's essentially lsm_stop_socket_labeling().
Also, remove CONFIG_HAS_SELINUX from lsm.h as a preparation to remove it
entirely.

Signed-off-by: Dmitry Safonov <dima at arista.com>
---
 criu/include/lsm.h | 18 ++----------------
 criu/lsm.c         | 20 +++++---------------
 criu/sk-inet.c     |  2 +-
 3 files changed, 8 insertions(+), 32 deletions(-)

diff --git a/criu/include/lsm.h b/criu/include/lsm.h
index a410e7fd4047..9d34288f19c6 100644
--- a/criu/include/lsm.h
+++ b/criu/include/lsm.h
@@ -38,21 +38,7 @@ extern int lsm_check_opts(void);
 
 extern int lsm_start_socket_labeling(void);
 extern int lsm_stop_socket_labeling(void);
-
-#ifdef CONFIG_HAS_SELINUX
-int dump_xattr_security_selinux(int fd, FdinfoEntry *e);
-int run_setsockcreatecon(FdinfoEntry *e);
-int reset_setsockcreatecon();
-#else
-static inline int dump_xattr_security_selinux(int fd, FdinfoEntry *e) {
-	return 0;
-}
-static inline int run_setsockcreatecon(FdinfoEntry *e) {
-	return 0;
-}
-static inline int reset_setsockcreatecon() {
-	return 0;
-}
-#endif
+extern int dump_xattr_security_selinux(int fd, FdinfoEntry *e);
+extern int run_setsockcreatecon(FdinfoEntry *e);
 
 #endif /* __CR_LSM_H__ */
diff --git a/criu/lsm.c b/criu/lsm.c
index 85bc29ad789f..f338dd2b681c 100644
--- a/criu/lsm.c
+++ b/criu/lsm.c
@@ -132,22 +132,11 @@ static int selinux_get_sockcreate_label(pid_t pid, char **output)
 	fclose(f);
 	return 0;
 }
-
-int reset_setsockcreatecon()
-{
-	/* Currently this only works for SELinux. */
-	if (kdat.lsm != LSMTYPE__SELINUX)
-		return 0;
-
-	if (setsockcreatecon_raw(NULL)) {
-		pr_perror("Unable to reset socket SELinux context");
-		return -1;
-	}
-	return 0;
-}
+#endif
 
 int run_setsockcreatecon(FdinfoEntry *e)
 {
+#ifdef CONFIG_HAS_SELINUX
 	char *ctx = NULL;
 
 	/* Currently this only works for SELinux. */
@@ -160,11 +149,13 @@ int run_setsockcreatecon(FdinfoEntry *e)
 		pr_perror("Unable to set the %s socket SELinux context", ctx);
 		return -1;
 	}
+#endif
 	return 0;
 }
 
 int dump_xattr_security_selinux(int fd, FdinfoEntry *e)
 {
+#ifdef CONFIG_HAS_SELINUX
 	char *ctx = NULL;
 	int len;
 	int ret;
@@ -194,11 +185,10 @@ int dump_xattr_security_selinux(int fd, FdinfoEntry *e)
 
 	e->xattr_security_selinux = ctx;
 
+#endif
 	return 0;
 }
 
-#endif
-
 void kerndat_lsm(void)
 {
 	if (access(AA_SECURITYFS_PATH, F_OK) == 0) {
diff --git a/criu/sk-inet.c b/criu/sk-inet.c
index f9c64c7af5e0..af8736d67a93 100644
--- a/criu/sk-inet.c
+++ b/criu/sk-inet.c
@@ -823,7 +823,7 @@ static int open_inet_sk(struct file_desc *d, int *new_fd)
 		return -1;
 	}
 
-	if (reset_setsockcreatecon())
+	if (lsm_stop_socket_labeling())
 		goto err;
 
 	if (ie->v6only) {
-- 
2.24.0