RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-03-08 19:28:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

libsepol/cil: Mark as abstract all sub-blocks of an abstract block

Browse Source 
If a block is marked as abstract, then it will be skipped during
every pass after blockabstracts are resolved (only tunables,
in-befores, and blockinherits are before blockabstracts), so mark
all of its sub-blocks as abstract to reflect their actual status.

Signed-off-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
James Carter 2022-01-05 14:58:29 -05:00
parent e6429963eb
commit 6d783e5bb3
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
libsepol/cil/src/cil_resolve_ast.c
View File

@ -2379,6 +2379,19 @@ exit:
return rc; return rc;
} }
static void cil_mark_subtree_abstract(struct cil_tree_node *node)
{
struct cil_block *block = node->data;
block->is_abstract = CIL_TRUE;
for (node = node->cl_head; node; node = node->next) {
if (node->flavor == CIL_BLOCK) {
cil_mark_subtree_abstract(node);
}
}
}
int cil_resolve_blockabstract(struct cil_tree_node *current, void *extra_args) int cil_resolve_blockabstract(struct cil_tree_node *current, void *extra_args)
{ {
struct cil_blockabstract *abstract = current->data; struct cil_blockabstract *abstract = current->data;
@ -2398,7 +2411,7 @@ int cil_resolve_blockabstract(struct cil_tree_node *current, void *extra_args)
goto exit; goto exit;
} }
((struct cil_block*)block_datum)->is_abstract = CIL_TRUE; cil_mark_subtree_abstract(block_node);
return SEPOL_OK; return SEPOL_OK;