RuleWeight: Change to dataclass.

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
2025-03-25 04:26:28 +00:00 · 2023-03-24 11:16:01 -04:00 · 2023-03-24 11:16:01 -04:00 · 02e70efcb0
commit 02e70efcb0
parent 450f94875a
3 changed files with 28 additions and 25 deletions
--- a/setools/infoflow.py
+++ b/setools/infoflow.py
@ -313,21 +313,21 @@ class InfoFlowAnalysis:
            if rule.ruletype != TERuletype.allow:
                continue

-            (rweight, wweight) = self.perm_map.rule_weight(cast(AVRule, rule))
+            weight = self.perm_map.rule_weight(cast(AVRule, rule))

            for s, t in itertools.product(rule.source.expand(), rule.target.expand()):
                # only add flows if they actually flow
                # in or out of the source type type
                if s != t:
-                    if wweight:
+                    if weight.write:
                        edge = InfoFlowStep(self.G, s, t, create=True)
                        edge.rules.append(rule)
-                        edge.weight = wweight
+                        edge.weight = weight.write

-                    if rweight:
+                    if weight.read:
                        edge = InfoFlowStep(self.G, t, s, create=True)
                        edge.rules.append(rule)
-                        edge.weight = rweight
+                        edge.weight = weight.read

        self.rebuildgraph = False
        self.rebuildsubgraph = True
--- a/setools/permmap.py
+++ b/setools/permmap.py
@ -6,12 +6,14 @@ import logging
 import copy
 from collections import OrderedDict
 from contextlib import suppress
-from typing import cast, Dict, Iterable, NamedTuple, Optional, Union
+from dataclasses import dataclass
+from typing import cast, Dict, Iterable, Optional, Union

 import pkg_resources

 from . import exception
 from .descriptors import PermissionMapDescriptor
+from .mixins import TupleCompat
 from .policyrep import AVRule, SELinuxPolicy, TERuletype

 INFOFLOW_DIRECTIONS = ("r", "w", "b", "n", "u")
@ -19,7 +21,8 @@ MIN_WEIGHT = 1
 MAX_WEIGHT = 10


-class RuleWeight(NamedTuple):
+@dataclass
+class RuleWeight(TupleCompat):

    """The read and write weights for a rule, given all of its permissions."""

--- a/tests/test_permmap.py
+++ b/tests/test_permmap.py
@ -285,9 +285,9 @@ class PermissionMapTest(unittest.TestCase):
        rule.perms = set(["med_r", "hi_r"])

        permmap = PermissionMap("tests/perm_map")
-        r, w = permmap.rule_weight(rule)
-        self.assertEqual(r, 10)
-        self.assertEqual(w, 0)
+        weight = permmap.rule_weight(rule)
+        self.assertEqual(weight.read, 10)
+        self.assertEqual(weight.write, 0)

    def test_141_weight_write_only(self):
        """PermMap get weight of write-only rule."""
@ -297,9 +297,9 @@ class PermissionMapTest(unittest.TestCase):
        rule.perms = set(["low_w", "med_w"])

        permmap = PermissionMap("tests/perm_map")
-        r, w = permmap.rule_weight(rule)
-        self.assertEqual(r, 0)
-        self.assertEqual(w, 5)
+        weight = permmap.rule_weight(rule)
+        self.assertEqual(weight.read, 0)
+        self.assertEqual(weight.write, 5)

    def test_142_weight_both(self):
        """PermMap get weight of both rule."""
@ -309,9 +309,9 @@ class PermissionMapTest(unittest.TestCase):
        rule.perms = set(["low_r", "hi_w"])

        permmap = PermissionMap("tests/perm_map")
-        r, w = permmap.rule_weight(rule)
-        self.assertEqual(r, 1)
-        self.assertEqual(w, 10)
+        weight = permmap.rule_weight(rule)
+        self.assertEqual(weight.read, 1)
+        self.assertEqual(weight.write, 10)

    def test_143_weight_none(self):
        """PermMap get weight of none rule."""
@ -321,9 +321,9 @@ class PermissionMapTest(unittest.TestCase):
        rule.perms = set(["null"])

        permmap = PermissionMap("tests/perm_map")
-        r, w = permmap.rule_weight(rule)
-        self.assertEqual(r, 0)
-        self.assertEqual(w, 0)
+        weight = permmap.rule_weight(rule)
+        self.assertEqual(weight.read, 0)
+        self.assertEqual(weight.write, 0)

    def test_144_weight_unmapped_class(self):
        """PermMap get weight of rule with unmapped class."""
@ -363,9 +363,9 @@ class PermissionMapTest(unittest.TestCase):

        permmap = PermissionMap("tests/perm_map")
        permmap.exclude_permission("infoflow", "hi_r")
-        r, w = permmap.rule_weight(rule)
-        self.assertEqual(r, 5)
-        self.assertEqual(w, 0)
+        weight = permmap.rule_weight(rule)
+        self.assertEqual(weight.read, 5)
+        self.assertEqual(weight.write, 0)

    def test_148_weight_excluded_class(self):
        """PermMap get weight of a rule with excluded class."""
@ -376,9 +376,9 @@ class PermissionMapTest(unittest.TestCase):

        permmap = PermissionMap("tests/perm_map")
        permmap.exclude_class("infoflow")
-        r, w = permmap.rule_weight(rule)
-        self.assertEqual(r, 0)
-        self.assertEqual(w, 0)
+        weight = permmap.rule_weight(rule)
+        self.assertEqual(weight.read, 0)
+        self.assertEqual(weight.write, 0)

    def test_150_map_policy(self):
        """PermMap create mappings for classes/perms in a policy."""