Linux: remove unmaintained SELinux code.

content/zygote/zygote_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/zygote/zygote_linux.h"
 
 #include <fcntl.h>
 #include <string.h>
 #include <sys/socket.h>
 #include <sys/types.h>
@@ skipping 12 matching lines @@
 #include "content/common/sandbox_linux.h"
 #include "content/common/set_process_title.h"
 #include "content/common/zygote_commands_linux.h"
 #include "content/public/common/content_descriptors.h"
 #include "content/public/common/result_codes.h"
 #include "content/public/common/sandbox_linux.h"
 #include "content/public/common/zygote_fork_delegate_linux.h"
 #include "ipc/ipc_channel.h"
 #include "ipc/ipc_switches.h"
 
-#if defined(CHROMIUM_SELINUX)
-#include <selinux/context.h>
-#include <selinux/selinux.h>
-#endif
-
 // See http://code.google.com/p/chromium/wiki/LinuxZygote
 
 namespace content {
 
 namespace {
 
 // NOP function. See below where this handler is installed.
 void SIGCHLDHandler(int signal) {
 }
 
-#if defined(CHROMIUM_SELINUX)
-void SELinuxTransitionToTypeOrDie(const char* type) {
-  security_context_t security_context;
-  if (getcon(&security_context))
-    LOG(FATAL) << "Cannot get SELinux context";
-
-  context_t context = context_new(security_context);
-  context_type_set(context, type);
-  const int r = setcon(context_str(context));
-  context_free(context);
-  freecon(security_context);
-
-  if (r) {
-    LOG(FATAL) << "dynamic transition to type '" << type << "' failed. "
-                  "(this binary has been built with SELinux support, but maybe "
-                  "the policies haven't been loaded into the kernel?)";
-  }
-}
-#endif  // CHROMIUM_SELINUX
-
 }  // namespace
 
 const int Zygote::kMagicSandboxIPCDescriptor;
 
 Zygote::Zygote(int sandbox_flags,
                ZygoteForkDelegate* helper)
     : sandbox_flags_(sandbox_flags),
       helper_(helper),
       initial_uma_sample_(0),
       initial_uma_boundary_value_(0) {
@@ skipping 356 matching lines @@
                                               uma_name, uma_sample,
                                               uma_boundary_value);
   if (!child_pid) {
     // This is the child process.
 
     close(kBrowserDescriptor);  // Our socket from the browser.
     if (UsingSUIDSandbox())
       close(kZygoteIdFd);  // Another socket from the browser.
     base::GlobalDescriptors::GetInstance()->Reset(mapping);
 
-#if defined(CHROMIUM_SELINUX)
-    SELinuxTransitionToTypeOrDie("chromium_renderer_t");
-#endif
-
     // Reset the process-wide command line to our new command line.
     CommandLine::Reset();
     CommandLine::Init(0, NULL);
     CommandLine::ForCurrentProcess()->InitFromArgv(args);
 
     // Update the process title. The argv was already cached by the call to
     // SetProcessTitleFromCommandLine in ChromeMain, so we can pass NULL here
     // (we don't have the original argv at this point).
     SetProcessTitleFromCommandLine(NULL);
   } else if (child_pid < 0) {
@@ skipping 46 matching lines @@
                                     PickleIterator iter) {
   if (HANDLE_EINTR(write(fd, &sandbox_flags_, sizeof(sandbox_flags_))) !=
                    sizeof(sandbox_flags_)) {
     PLOG(ERROR) << "write";
   }
 
   return false;
 }
 
 }  // namespace content