mirror of
https://github.com/SELinuxProject/setools
synced 2025-03-25 04:26:28 +00:00
RuleWeight: Change to dataclass.
Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
This commit is contained in:
parent
450f94875a
commit
02e70efcb0
@ -313,21 +313,21 @@ class InfoFlowAnalysis:
|
||||
if rule.ruletype != TERuletype.allow:
|
||||
continue
|
||||
|
||||
(rweight, wweight) = self.perm_map.rule_weight(cast(AVRule, rule))
|
||||
weight = self.perm_map.rule_weight(cast(AVRule, rule))
|
||||
|
||||
for s, t in itertools.product(rule.source.expand(), rule.target.expand()):
|
||||
# only add flows if they actually flow
|
||||
# in or out of the source type type
|
||||
if s != t:
|
||||
if wweight:
|
||||
if weight.write:
|
||||
edge = InfoFlowStep(self.G, s, t, create=True)
|
||||
edge.rules.append(rule)
|
||||
edge.weight = wweight
|
||||
edge.weight = weight.write
|
||||
|
||||
if rweight:
|
||||
if weight.read:
|
||||
edge = InfoFlowStep(self.G, t, s, create=True)
|
||||
edge.rules.append(rule)
|
||||
edge.weight = rweight
|
||||
edge.weight = weight.read
|
||||
|
||||
self.rebuildgraph = False
|
||||
self.rebuildsubgraph = True
|
||||
|
@ -6,12 +6,14 @@ import logging
|
||||
import copy
|
||||
from collections import OrderedDict
|
||||
from contextlib import suppress
|
||||
from typing import cast, Dict, Iterable, NamedTuple, Optional, Union
|
||||
from dataclasses import dataclass
|
||||
from typing import cast, Dict, Iterable, Optional, Union
|
||||
|
||||
import pkg_resources
|
||||
|
||||
from . import exception
|
||||
from .descriptors import PermissionMapDescriptor
|
||||
from .mixins import TupleCompat
|
||||
from .policyrep import AVRule, SELinuxPolicy, TERuletype
|
||||
|
||||
INFOFLOW_DIRECTIONS = ("r", "w", "b", "n", "u")
|
||||
@ -19,7 +21,8 @@ MIN_WEIGHT = 1
|
||||
MAX_WEIGHT = 10
|
||||
|
||||
|
||||
class RuleWeight(NamedTuple):
|
||||
@dataclass
|
||||
class RuleWeight(TupleCompat):
|
||||
|
||||
"""The read and write weights for a rule, given all of its permissions."""
|
||||
|
||||
|
@ -285,9 +285,9 @@ class PermissionMapTest(unittest.TestCase):
|
||||
rule.perms = set(["med_r", "hi_r"])
|
||||
|
||||
permmap = PermissionMap("tests/perm_map")
|
||||
r, w = permmap.rule_weight(rule)
|
||||
self.assertEqual(r, 10)
|
||||
self.assertEqual(w, 0)
|
||||
weight = permmap.rule_weight(rule)
|
||||
self.assertEqual(weight.read, 10)
|
||||
self.assertEqual(weight.write, 0)
|
||||
|
||||
def test_141_weight_write_only(self):
|
||||
"""PermMap get weight of write-only rule."""
|
||||
@ -297,9 +297,9 @@ class PermissionMapTest(unittest.TestCase):
|
||||
rule.perms = set(["low_w", "med_w"])
|
||||
|
||||
permmap = PermissionMap("tests/perm_map")
|
||||
r, w = permmap.rule_weight(rule)
|
||||
self.assertEqual(r, 0)
|
||||
self.assertEqual(w, 5)
|
||||
weight = permmap.rule_weight(rule)
|
||||
self.assertEqual(weight.read, 0)
|
||||
self.assertEqual(weight.write, 5)
|
||||
|
||||
def test_142_weight_both(self):
|
||||
"""PermMap get weight of both rule."""
|
||||
@ -309,9 +309,9 @@ class PermissionMapTest(unittest.TestCase):
|
||||
rule.perms = set(["low_r", "hi_w"])
|
||||
|
||||
permmap = PermissionMap("tests/perm_map")
|
||||
r, w = permmap.rule_weight(rule)
|
||||
self.assertEqual(r, 1)
|
||||
self.assertEqual(w, 10)
|
||||
weight = permmap.rule_weight(rule)
|
||||
self.assertEqual(weight.read, 1)
|
||||
self.assertEqual(weight.write, 10)
|
||||
|
||||
def test_143_weight_none(self):
|
||||
"""PermMap get weight of none rule."""
|
||||
@ -321,9 +321,9 @@ class PermissionMapTest(unittest.TestCase):
|
||||
rule.perms = set(["null"])
|
||||
|
||||
permmap = PermissionMap("tests/perm_map")
|
||||
r, w = permmap.rule_weight(rule)
|
||||
self.assertEqual(r, 0)
|
||||
self.assertEqual(w, 0)
|
||||
weight = permmap.rule_weight(rule)
|
||||
self.assertEqual(weight.read, 0)
|
||||
self.assertEqual(weight.write, 0)
|
||||
|
||||
def test_144_weight_unmapped_class(self):
|
||||
"""PermMap get weight of rule with unmapped class."""
|
||||
@ -363,9 +363,9 @@ class PermissionMapTest(unittest.TestCase):
|
||||
|
||||
permmap = PermissionMap("tests/perm_map")
|
||||
permmap.exclude_permission("infoflow", "hi_r")
|
||||
r, w = permmap.rule_weight(rule)
|
||||
self.assertEqual(r, 5)
|
||||
self.assertEqual(w, 0)
|
||||
weight = permmap.rule_weight(rule)
|
||||
self.assertEqual(weight.read, 5)
|
||||
self.assertEqual(weight.write, 0)
|
||||
|
||||
def test_148_weight_excluded_class(self):
|
||||
"""PermMap get weight of a rule with excluded class."""
|
||||
@ -376,9 +376,9 @@ class PermissionMapTest(unittest.TestCase):
|
||||
|
||||
permmap = PermissionMap("tests/perm_map")
|
||||
permmap.exclude_class("infoflow")
|
||||
r, w = permmap.rule_weight(rule)
|
||||
self.assertEqual(r, 0)
|
||||
self.assertEqual(w, 0)
|
||||
weight = permmap.rule_weight(rule)
|
||||
self.assertEqual(weight.read, 0)
|
||||
self.assertEqual(weight.write, 0)
|
||||
|
||||
def test_150_map_policy(self):
|
||||
"""PermMap create mappings for classes/perms in a policy."""
|
||||
|
Loading…
Reference in New Issue
Block a user