X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fselinux-access.h;h=9e89064819dc60ab9df9367412a39f6703c54bcf;hp=3404f621663d940d2ec40adc31dee27d77e87bdc;hb=bc9fd78c7bfc39881e19457e476393635f8b0442;hpb=df2d202e6ed4001a21c6512c244acad5d4706c87

diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h
index 3404f6216..9e8906481 100644
--- a/src/core/selinux-access.h
+++ b/src/core/selinux-access.h
@@ -27,36 +27,18 @@
 
 void selinux_access_free(void);
 
-int selinux_access_check(sd_bus *bus, sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
+int selinux_generic_access_check(sd_bus *bus, sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
 
 #ifdef HAVE_SELINUX
 
-#define SELINUX_ACCESS_CHECK(bus, message, permission)                  \
-        do {                                                            \
-                _cleanup_bus_error_free_ sd_bus_error _error = SD_BUS_ERROR_NULL; \
-                sd_bus_message *_m = (message);                         \
-                sd_bus *_b = (bus);                                     \
-                int _r;                                                 \
-                _r = selinux_access_check(_b, _m, NULL, (permission), &_error); \
-                if (_r < 0)                                             \
-                        return sd_bus_reply_method_errno(_m, _r, &_error); \
-        } while (false)
-
-#define SELINUX_UNIT_ACCESS_CHECK(unit, bus, message, permission)       \
-        do {                                                            \
-                _cleanup_bus_error_free_ sd_bus_error _error = SD_BUS_ERROR_NULL; \
-                sd_bus_message *_m = (message);                         \
-                sd_bus *_b = (bus);                                     \
-                Unit *_u = (unit);                                      \
-                int _r;                                                 \
-                _r = selinux_access_check(_b, _m, _u->source_path ?: _u->fragment_path, (permission), &_error); \
-                if (_r < 0)                                             \
-                        return sd_bus_reply_method_errno(_m, _r, &_error); \
-        } while (false)
+#define selinux_access_check(bus, message, permission, error) \
+        selinux_generic_access_check(bus, message, NULL, permission, error)
+#define selinux_unit_access_check(unit, bus, message, permission, error) \
+        ({ Unit *_unit = (unit); selinux_generic_access_check(bus, message, _unit->fragment_path ?: _unit->fragment_path, permission, error); })
 
 #else
 
-#define SELINUX_ACCESS_CHECK(bus, message, permission) do { } while (false)
-#define SELINUX_UNIT_ACCESS_CHECK(unit, bus, message, permission) do { } while (false)
+#define selinux_access_check(bus, message, permission, error) 0
+#define selinux_unit_access_check(unit, bus, message, permission, error) 0
 
 #endif