RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-17 18:16:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

libsepol/cil: Optionally allow duplicate role declarations

Browse Source 
Allow duplicate role declarations (along with duplicate type and
type attribute declarations and context rules) if the multiple_decls
field in the CIL db has been set. This field can be set by a call to
cil_set_multiple_decls().

Signed-off-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
James Carter 2024-11-01 13:41:02 -04:00
parent 271eb4fe44
commit 7492632a6b
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libsepol/cil/src/cil_build_ast.c
View File

@ -137,6 +137,7 @@ static int cil_allow_multiple_decls(struct cil_db *db, enum cil_flavor f_new, en
switch (f_new) { switch (f_new) {
case CIL_TYPE: case CIL_TYPE:
case CIL_TYPEATTRIBUTE: case CIL_TYPEATTRIBUTE:
case CIL_ROLE:
if (db->multiple_decls) { if (db->multiple_decls) {
return CIL_TRUE; return CIL_TRUE;
} }
@ -1744,8 +1745,13 @@ int cil_gen_role(struct cil_db *db, struct cil_tree_node *parse_current, struct
rc = cil_gen_node(db, ast_node, (struct cil_symtab_datum*)role, (hashtab_key_t)key, CIL_SYM_ROLES, CIL_ROLE); rc = cil_gen_node(db, ast_node, (struct cil_symtab_datum*)role, (hashtab_key_t)key, CIL_SYM_ROLES, CIL_ROLE);
if (rc != SEPOL_OK) { if (rc != SEPOL_OK) {
if (rc == SEPOL_EEXIST) {
cil_destroy_role(role);
role = NULL;
} else {
goto exit; goto exit;
} }
}
return SEPOL_OK; return SEPOL_OK;