am 6b6df173: am f8b0743e: Merge "init: fix write_file checkreqprot logic error"

* commit '6b6df1733711ace006e0f4f9d44c718f85d2f70d':
  init: fix write_file checkreqprot logic error

init/init.cpp

@@ -947,12 +947,6 @@ static void selinux_initialize(bool in_kernel_domain) {
     }
 
     if (in_kernel_domain) {
-        if (write_file("/sys/fs/selinux/checkreqprot", "0") == -1) {
-            ERROR("couldn't write to /sys/fs/selinux/checkreqprot: %s\n",
-                  strerror(errno));
-            security_failure();
-        }
-
         INFO("Loading SELinux policy...\n");
         if (selinux_android_load_policy() < 0) {
             ERROR("failed to load policy: %s\n", strerror(errno));
@@ -962,6 +956,10 @@ static void selinux_initialize(bool in_kernel_domain) {
         bool is_enforcing = selinux_is_enforcing();
         security_setenforce(is_enforcing);
 
+        if (write_file("/sys/fs/selinux/checkreqprot", "0") == -1) {
+            security_failure();
+        }
+
         NOTICE("(Initializing SELinux %s took %.2fs.)\n",
                is_enforcing ? "enforcing" : "non-enforcing", t.duration());
     } else {

init/util.cpp

@@ -179,9 +179,13 @@ bool read_file(const char* path, std::string* content) {
 int write_file(const char* path, const char* content) {
     int fd = TEMP_FAILURE_RETRY(open(path, O_WRONLY|O_CREAT|O_NOFOLLOW|O_CLOEXEC, 0600));
     if (fd == -1) {
-        return -errno;
+        NOTICE("write_file: Unable to open '%s': %s\n", path, strerror(errno));
+        return -1;
+    }
+    int result = android::base::WriteStringToFd(content, fd) ? 0 : -1;
+    if (result == -1) {
+        NOTICE("write_file: Unable to write to '%s': %s\n", path, strerror(errno));
     }
-    int result = android::base::WriteStringToFd(content, fd) ? 0 : -errno;
     TEMP_FAILURE_RETRY(close(fd));
     return result;
 }