From e34577ce1bd4a8de53ff3d9178b4f78c86086dc8 Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Sat, 25 Apr 2015 16:24:53 -0700 Subject: [PATCH] init: use SELinux /dev/null if available SELinux provides it's own /dev/null character device at /sys/fs/selinux/null. This character device is exactly the same as /dev/null, including the same major/minor numbers, and can be used wherever /dev/null is used. Use /sys/fs/selinux/null instead of trying to create our own /dev/__null__ device. This moves us one step closer to eliminating all uses of mknod() by init. /sys/fs/selinux/null is only available once the /sys/fs/selinux filesystem is mounted. It's not available to the first stage init, so we still have to fall back to mknod then. Change-Id: Ic733767ea6220a130537de33cc478ae79578ce20 --- init/util.cpp | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/init/util.cpp b/init/util.cpp index 332aa2aa0..b7fb86779 100644 --- a/init/util.cpp +++ b/init/util.cpp @@ -379,23 +379,28 @@ int wait_for_file(const char *filename, int timeout) void open_devnull_stdio(void) { - int fd; - static const char *name = "/dev/__null__"; - if (mknod(name, S_IFCHR | 0600, (1 << 8) | 3) == 0) { - fd = open(name, O_RDWR); - unlink(name); - if (fd >= 0) { - dup2(fd, 0); - dup2(fd, 1); - dup2(fd, 2); - if (fd > 2) { - close(fd); - } - return; + // Try to avoid the mknod() call if we can. Since SELinux makes + // a /dev/null replacement available for free, let's use it. + int fd = open("/sys/fs/selinux/null", O_RDWR); + if (fd == -1) { + // OOPS, /sys/fs/selinux/null isn't available, likely because + // /sys/fs/selinux isn't mounted. Fall back to mknod. + static const char *name = "/dev/__null__"; + if (mknod(name, S_IFCHR | 0600, (1 << 8) | 3) == 0) { + fd = open(name, O_RDWR); + unlink(name); + } + if (fd == -1) { + exit(1); } } - exit(1); + dup2(fd, 0); + dup2(fd, 1); + dup2(fd, 2); + if (fd > 2) { + close(fd); + } } void import_kernel_cmdline(int in_qemu,