policyrep: Move imports to libpolicyrep.pyx.

2025-03-18 08:35:19 +00:00 · 2018-08-10 14:44:37 -04:00 · 2018-08-10 14:44:37 -04:00 · fa984732e7
commit fa984732e7
parent 3326339e10
10 changed files with 28 additions and 38 deletions
--- a/setools/policyrep/boolcond.pxi
+++ b/setools/policyrep/boolcond.pxi
@ -17,11 +17,8 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-from itertools import chain, product
-from collections import namedtuple

-
-truth_table_row = namedtuple("truth_table_row", ["values", "result"])
+truth_table_row = collections.namedtuple("truth_table_row", ["values", "result"])

 cdef dict _cond_cache = {}

@ -243,7 +240,7 @@ cdef class Conditional(PolicySymbol):
        truth_table = []

        # create a list of all combinations of T/F for each Boolean
-        truth_list = list(product([True, False], repeat=len(bools)))
+        truth_list = list(itertools.product([True, False], repeat=len(bools)))

        for row in truth_list:
            values = {bools[i]: row[i] for i in range(len(bools))}
--- a/setools/policyrep/libpolicyrep.pyx
+++ b/setools/policyrep/libpolicyrep.pyx
@ -26,6 +26,13 @@ from libc.stdlib cimport calloc, free
 from libc.string cimport memcpy, memset, strerror
 from posix.stat cimport S_IFBLK, S_IFCHR, S_IFDIR, S_IFIFO, S_IFREG, S_IFLNK, S_IFSOCK

+import logging
+import warnings
+import itertools
+import ipaddress
+import collections
+import enum
+
 cimport sepol
 cimport selinux

--- a/setools/policyrep/mls.pxi
+++ b/setools/policyrep/mls.pxi
@ -18,7 +18,6 @@
 # <http://www.gnu.org/licenses/>.
 #
 # pylint: disable=protected-access
-import itertools

 cdef dict _cat_cache = {}
 cdef dict _sens_cache = {}
--- a/setools/policyrep/mlsrule.pxi
+++ b/setools/policyrep/mlsrule.pxi
@ -17,7 +17,6 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-import itertools


 class MLSRuletype(PolicyEnum):
--- a/setools/policyrep/netcontext.pxi
+++ b/setools/policyrep/netcontext.pxi
@ -17,13 +17,8 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-from collections import namedtuple
-from ipaddress import ip_address, ip_network

-import warnings
-import logging
-
-PortconRange = namedtuple("PortconRange", ["low", "high"])
+PortconRange = collections.namedtuple("PortconRange", ["low", "high"])

 #
 # Classes
@ -138,12 +133,12 @@ cdef class Nodecon(Ocontext):
        try:
            # checkpolicy does not verify that no host bits are set,
            # so strict will raise an exception if host bits are set.
-            n.network = ip_network(net_with_mask)
+            n.network = ipaddress.ip_network(net_with_mask)
        except ValueError as ex:
            log = logging.getLogger(__name__)
            log.warning("Nodecon with network {} {} has host bits set. Analyses may have "
                        "unexpected results.".format(n._addr, n._mask))
-            n.network = ip_network(net_with_mask, strict=False)
+            n.network = ipaddress.ip_network(net_with_mask, strict=False)

        return n

--- a/setools/policyrep/selinuxpolicy.pxi
+++ b/setools/policyrep/selinuxpolicy.pxi
@ -19,9 +19,6 @@
 #
 # pylint: disable=too-many-public-methods

-import logging
-from collections import Counter
-

 class PolicyTarget(PolicyEnum):

@ -223,7 +220,7 @@ cdef class SELinuxPolicy:
    cdef cache_constraint_counts(self):
        """Count all constraints in one iteration."""
        if not self.constraint_counts:
-            self.constraint_counts = Counter(r.ruletype for r in self.constraints())
+            self.constraint_counts = collections.Counter(r.ruletype for r in self.constraints())

    cdef cache_terule_counts(self):
        """Count all TE rules in one iteration."""
@ -387,7 +384,7 @@ cdef class SELinuxPolicy:
    @property
    def permission_count(self):
        """The number of permissions."""
-        return sum(len(c.perms) for c in chain(self.commons(), self.classes()))
+        return sum(len(c.perms) for c in itertools.chain(self.commons(), self.classes()))

    @property
    def permissives_count(self):
@ -549,7 +546,7 @@ cdef class SELinuxPolicy:

    def lookup_type_or_attr(self, name):
        """Look up a type or type attribute by name."""
-        for t in chain(self.types(), self.typeattributes()):
+        for t in itertools.chain(self.types(), self.typeattributes()):
            if t == name:
                return t

@ -640,8 +637,8 @@ cdef class SELinuxPolicy:

    def rbacrules(self):
        """Iterator over all RBAC rules."""
-        return chain(RoleAllowIterator.factory(self, self.handle.p.role_allow),
-                     RoleTransitionIterator.factory(self, self.handle.p.role_tr))
+        return itertools.chain(RoleAllowIterator.factory(self, self.handle.p.role_allow),
+                               RoleTransitionIterator.factory(self, self.handle.p.role_tr))

    def terules(self):
        """Iterator over all type enforcement rules."""
@ -682,10 +679,12 @@ cdef class SELinuxPolicy:

    def nodecons(self):
        """Iterator over all nodecon statements."""
-        return chain(NodeconIterator.factory(self, self.handle.p.ocontexts[sepol.OCON_NODE],
-                                             NodeconIPVersion.ipv4),
-                     NodeconIterator.factory(self, self.handle.p.ocontexts[sepol.OCON_NODE6],
-                                             NodeconIPVersion.ipv6))
+        return itertools.chain(NodeconIterator.factory(self,
+                                                       self.handle.p.ocontexts[sepol.OCON_NODE],
+                                                       NodeconIPVersion.ipv4),
+                               NodeconIterator.factory(self,
+                                                       self.handle.p.ocontexts[sepol.OCON_NODE6],
+                                                       NodeconIPVersion.ipv6))

    def portcons(self):
        """Iterator over all portcon statements."""
--- a/setools/policyrep/terule.pxi
+++ b/setools/policyrep/terule.pxi
@ -17,7 +17,6 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-import itertools


 #
@ -557,7 +556,7 @@ cdef class TERuleIterator(PolicyIterator):
            sepol.avtab_ptr_t node
            uint32_t bucket = 0

-        count = Counter()
+        count = collections.Counter()

        while bucket < self.table[0].nslot:
            node = self.table[0].htable[bucket]
@ -640,7 +639,7 @@ cdef class ConditionalTERuleIterator(PolicyIterator):
        """
        cdef sepol.cond_av_list_t *curr

-        count = Counter()
+        count = collections.Counter()

        curr = self.head
        while curr != NULL:
--- a/setools/policyrep/typeattr.pxi
+++ b/setools/policyrep/typeattr.pxi
@ -17,7 +17,6 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-import warnings

 #
 # Cache objects
--- a/setools/policyrep/util.pxi
+++ b/setools/policyrep/util.pxi
@ -16,14 +16,11 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-import warnings
-
-from enum import Enum

 #
 # Classes
 #
-class PolicyEnum(Enum):
+class PolicyEnum(enum.Enum):

    """
    Base class for policy enumerations.
--- a/setools/policyrep/xencontext.pxi
+++ b/setools/policyrep/xencontext.pxi
@ -17,10 +17,9 @@
 # License along with SETools.  If not, see
 # <http://www.gnu.org/licenses/>.
 #
-from collections import namedtuple

-IomemconRange = namedtuple("IomemconRange", ["low", "high"])
-IoportconRange = namedtuple("IoportconRange", ["low", "high"])
+IomemconRange = collections.namedtuple("IomemconRange", ["low", "high"])
+IoportconRange = collections.namedtuple("IoportconRange", ["low", "high"])


 #