libsepol: set correct second argument of (t1 == t2) constraint

Currently a constraint `t1 == t2` gets converted to the invalid cil syntax `(mlsconstrain (class_name (perm_name)) (eq t1 ))` and fails to be loaded into the kernel.

Fixes: 893851c0a1 ("policycoreutils: add a HLL compiler to convert policy packages (.pp) to CIL")

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
Christian Göttsche 2020-03-19 11:11:02 +01:00 committed by James Carter
parent 9d291802ba
commit 582b974b36
1 changed files with 1 additions and 1 deletions

View File

@ -1745,7 +1745,7 @@ static int constraint_expr_to_string(struct policydb *pdb, struct constraint_exp
case CEXPR_ROLE: attr1 = "r1"; attr2 = "r2"; break; case CEXPR_ROLE: attr1 = "r1"; attr2 = "r2"; break;
case CEXPR_ROLE | CEXPR_TARGET: attr1 = "r2"; attr2 = ""; break; case CEXPR_ROLE | CEXPR_TARGET: attr1 = "r2"; attr2 = ""; break;
case CEXPR_ROLE | CEXPR_XTARGET: attr1 = "r3"; attr2 = ""; break; case CEXPR_ROLE | CEXPR_XTARGET: attr1 = "r3"; attr2 = ""; break;
case CEXPR_TYPE: attr1 = "t1"; attr2 = ""; break; case CEXPR_TYPE: attr1 = "t1"; attr2 = "t2"; break;
case CEXPR_TYPE | CEXPR_TARGET: attr1 = "t2"; attr2 = ""; break; case CEXPR_TYPE | CEXPR_TARGET: attr1 = "t2"; attr2 = ""; break;
case CEXPR_TYPE | CEXPR_XTARGET: attr1 = "t3"; attr2 = ""; break; case CEXPR_TYPE | CEXPR_XTARGET: attr1 = "t3"; attr2 = ""; break;
case CEXPR_L1L2: attr1 = "l1"; attr2 = "l2"; break; case CEXPR_L1L2: attr1 = "l1"; attr2 = "l2"; break;