From 582b974b36f98846be81c7af5e0b78957cc1a5ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Thu, 19 Mar 2020 11:11:02 +0100 Subject: [PATCH] libsepol: set correct second argument of (t1 == t2) constraint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently a constraint `t1 == t2` gets converted to the invalid cil syntax `(mlsconstrain (class_name (perm_name)) (eq t1 ))` and fails to be loaded into the kernel. Fixes: 893851c0a146ef392b8d77de737d52245345129e ("policycoreutils: add a HLL compiler to convert policy packages (.pp) to CIL") Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/module_to_cil.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index 6fe7d336..a87bc15e 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -1745,7 +1745,7 @@ static int constraint_expr_to_string(struct policydb *pdb, struct constraint_exp case CEXPR_ROLE: attr1 = "r1"; attr2 = "r2"; break; case CEXPR_ROLE | CEXPR_TARGET: attr1 = "r2"; attr2 = ""; break; case CEXPR_ROLE | CEXPR_XTARGET: attr1 = "r3"; attr2 = ""; break; - case CEXPR_TYPE: attr1 = "t1"; attr2 = ""; break; + case CEXPR_TYPE: attr1 = "t1"; attr2 = "t2"; break; case CEXPR_TYPE | CEXPR_TARGET: attr1 = "t2"; attr2 = ""; break; case CEXPR_TYPE | CEXPR_XTARGET: attr1 = "t3"; attr2 = ""; break; case CEXPR_L1L2: attr1 = "l1"; attr2 = "l2"; break;