selinux: invoke selinux_set_callback(3) more type-safe

2024-12-26 03:22:00 +03:00 · 2021-05-14 14:14:25 +02:00 · 2021-05-14 14:14:25 +02:00 · 57e70396df
commit 57e70396df
parent c46c768811
2 changed files with 3 additions and 7 deletions
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@ -162,8 +162,8 @@ static int access_init(sd_bus_error *error) {
                return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to open the SELinux AVC: %s", strerror_safe(saved_errno));
        }

-        selinux_set_callback(SELINUX_CB_AUDIT, (union selinux_callback) audit_callback);
-        selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) log_callback);
+        selinux_set_callback(SELINUX_CB_AUDIT, (union selinux_callback) { .func_audit = audit_callback });
+        selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) { .func_log = log_callback });

        initialized = true;
        return 1;
--- a/src/core/selinux-setup.c
+++ b/src/core/selinux-setup.c
@ -30,16 +30,12 @@ int mac_selinux_setup(bool *loaded_policy) {
        usec_t before_load, after_load;
        char *con;
        int r;
-        static const union selinux_callback cb = {
-                .func_log = null_log,
-        };
-
        bool initialized = false;

        assert(loaded_policy);

        /* Turn off all of SELinux' own logging, we want to do that */
-        selinux_set_callback(SELINUX_CB_LOG, cb);
+        selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) { .func_log = null_log });

        /* Don't load policy in the initrd if we don't appear to have
         * it.  For the real root, we check below if we've already