RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-03-19 17:53:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
915 Commits 8 Branches 22 Tags 3.8 MiB
9f339ca9d4
Commit Graph

915 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris PeBenito
9f339ca9d4 sepol.pxd: Remove duplicate TYPE_FLAGS_PERMISSIVE definition 2018-08-06 16:24:20 -04:00
Chris PeBenito
10cf639ada PermissionVectorIterator: Fix issue with unexpected object class mutation. 
After iterating a permission vector, permissions from the Common were
added into the ObjClass's permission table.
 2018-08-06 16:24:20 -04:00
Chris PeBenito
dd7009b68c Conditional: Remove unnecessary copy and pickling methods. 2018-08-06 16:24:20 -04:00
Chris PeBenito
8e41d89131 policyrep: Refactor Xen contexts to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
08c2ee0cdc User: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
5de464a226 Type/TypeAttribute: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
9f8bb014b8 Role: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
2d14f43540 PolicyCapability: Revise construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
55f4e666ee Common/ObjClass: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
55a1ff884e Netifcon/Nodecon/Portcon: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
745a7ae9bd policyrep: Refactor MLS classes to load most attributes on construction. 
Category sets and aliases deferred still, to prevent too much construction
up-front. However, the results are saved, rather than lost.
 2018-08-06 16:24:20 -04:00
Chris PeBenito
bfdb1e66d8 InitialSID: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
f1d8e4aef6 FSUse/Genfscon: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
3c8f2d9ad4 Default: Revise factory method so attributes can be readonly. 2018-08-06 16:24:20 -04:00
Chris PeBenito
14eb9a793e Context: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
f33da33190 Bounds: Refactor to move all initialization to the factory method. 2018-08-06 16:24:20 -04:00
Chris PeBenito
790140acdb Boolean: Refactor to load attributes on construction. 2018-08-06 16:24:20 -04:00
Chris PeBenito
281e9dd6ce SELinuxPolicy: Revise copy methods to not copy. 2018-08-06 16:24:20 -04:00
Chris PeBenito
6f43c9deeb MLSRule: Refactor to load attributes on construction. 2018-08-06 16:24:08 -04:00
Chris PeBenito
14b131a693 RoleAllow/RoleTransition: Refactor to load attributes on construction. 2018-08-06 16:23:58 -04:00
Chris PeBenito
c836e359aa AVRule/AVRuleXperm/TERule/FileNameTERule: Refactor to load attributes on construction. 2018-08-06 16:23:48 -04:00
Chris PeBenito
22967fa6a2 policyrep: Refactor base classes for loading attributes on construction. 2018-08-06 16:23:38 -04:00
Chris PeBenito
79b56f4fa8 setup.py: Add cython annotation option. 2018-07-28 11:48:07 -04:00
Chris PeBenito
6e67c3b8b4 policyrep: Misc cython tweaks. 2018-07-28 11:34:48 -04:00
Chris PeBenito
8f77510bcb .travis.yml: Fix CI build. 2018-07-28 09:31:55 -04:00
Chris PeBenito
5198a35031 setup.py: Drop runtime_library_dirs. 
Closes #5
 2018-07-28 08:53:37 -04:00
Chris PeBenito
2ba0ee20ff SELinuxPolicy: Cache rule counts. 
Address performance regressions most obvious in seinfo.

Before:
$ time ./seinfo policy-mls.29 > /dev/null

real	0m5.022s
user	0m4.970s
sys	0m0.041s

After:
$ time ./seinfo policy-mls.29 > /dev/null

real	0m0.704s
user	0m0.666s
sys	0m0.037s
 2018-07-20 06:10:53 -04:00
Chris PeBenito
33055a661a BaseTERule: Cache the rule's string representation. 
Fixes performance regressions most obvious in sesearch.

For #7

Before:
$ time ./sesearch -AT policy-mls.29 > /dev/null

real	0m41.594s
user	0m41.417s
sys	0m0.109s

After:
$ time ./sesearch -AT policy-mls.29 > /dev/null

real	0m3.428s
user	0m3.358s
sys	0m0.067s
 2018-07-20 05:44:48 -04:00
Chris PeBenito
7bb1dfea63 SELinuxPolicy: Further revise potential policy paths generation. 
Fully check C pointers.
 2018-07-20 05:25:53 -04:00
Chris PeBenito
bad7203b14 SELinuxPolicy: Fix null pointer dereference in policy load. 
If selinux_current_policy_path() cannot find a policy, it returns NULL.
Found this running in a chroot on a SELinux system and proc but not
selinuxfs was mounted in it.

Closes #6
 2018-07-19 20:44:53 -04:00
Chris PeBenito
4cd0c31a82 SELinuxPolicy: Add additional debugging messages in potential policy logic. 2018-07-19 19:38:42 -04:00
Chris PeBenito
e240d7f242 setup.py: Enhance clean command for cython and other generated files. 
For #4
 2018-07-18 17:03:05 -04:00
Chris PeBenito
239498ae78 Drop final libqpol file. 2018-07-18 05:30:02 -04:00
Chris PeBenito
5fb7f95b65 setup.py: Add additional compiler flags for newer GCCs. 
Closes #2
 2018-07-14 15:53:23 -04:00
Chris PeBenito
154e8291ea selinuxpolicy.pxi: Fix attribute synthesis code. 
Closes #1
 2018-07-14 15:12:02 -04:00
Chris PeBenito
b0fa01ee40 Bump version for 4.2.0-beta release. 2018-07-10 20:20:40 -04:00
Chris PeBenito
68a46ece0c .travis.yml/tox.ini: Update CI build for local SELinux userspace build. 2018-06-18 20:25:14 -04:00
Chris PeBenito
57e4f464bf setup.py: Update build for local SELinux userspace code. 
Now USERSPACE_SRC points to the top level directory that has the
libsepol, libselinux, and checkpolicy source trees.
 2018-06-18 20:21:30 -04:00
Chris PeBenito
6d68ce463a Update permission map to current refpolicy access vectors. 2018-06-17 14:51:03 -04:00
Chris PeBenito
e4f1f5d7fe sepol.pxd: Remove duplicate declarations. 2018-06-16 10:44:29 -04:00
Chris PeBenito
3d1c259aa4 Update documentation for repository move. 2018-06-16 08:29:31 -04:00
Chris PeBenito
6a7df58b3d PolicyCapability: Use newly exported sepol_polcap_getname() function in libsepol 2.8. 2018-06-15 20:28:05 -04:00
Chris PeBenito
1a73d75b59 PortconProtocol: Add support for SCTP portcons. 2018-06-15 20:28:05 -04:00
Chris PeBenito
4a98b8315b Update code coverage configuration to include cython code. 2018-06-15 20:28:05 -04:00
Chris PeBenito
a82a7fcc84 apol/workspace: Remove unnecessary import. 2018-06-15 20:28:05 -04:00
Chris PeBenito
e6ea477889 SELinuxPolicy: Convert to direct sepol structure access. 2018-06-15 20:28:05 -04:00
Chris PeBenito
a533303d04 InitialSID: Handle absence of names in binary policy. 2018-06-15 20:26:49 -04:00
Chris PeBenito
f012d55b11 policyrep: Convert TE rules to direct sepol structure access. 2018-06-15 20:26:49 -04:00
Chris PeBenito
aeecacc896 Conditional: Convert to direct sepol structure access. Add iterators. 2018-06-15 20:26:49 -04:00
Chris PeBenito
71cfccce06 RoleAllow/Transition: Convert to direct sepol structure access. 2018-06-15 20:26:49 -04:00