RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-17 10:06:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "checkpolicy: use a better identifier for filenames"

Browse Source 
This reverts commit d4c230386653db49d8e8116b603efcce4423df70.

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
This commit is contained in:
Steve Lawrence 2011-05-16 08:38:37 -04:00
parent 2ecb2bfdde
commit cb271f7d4c
2 changed files with 9 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
checkpolicy/policy_parse.y
View File

@ -81,7 +81,6 @@ typedef int (* require_func_t)();
%type <require_func> require_decl_def %type <require_func> require_decl_def
%token PATH %token PATH
%token FILENAME
%token CLONE %token CLONE
%token COMMON %token COMMON
%token CLASS %token CLASS
@ -342,7 +341,7 @@ cond_rule_def : cond_transition_def
| require_block | require_block
{ $$ = NULL; } { $$ = NULL; }
; ;
cond_transition_def : TYPE_TRANSITION names names ':' names identifier filename ';' cond_transition_def : TYPE_TRANSITION names names ':' names identifier identifier ';'
{ $$ = define_cond_filename_trans() ; { $$ = define_cond_filename_trans() ;
if ($$ == COND_ERR) return -1;} if ($$ == COND_ERR) return -1;}
| TYPE_TRANSITION names names ':' names identifier ';' | TYPE_TRANSITION names names ':' names identifier ';'
@ -380,9 +379,10 @@ cond_dontaudit_def : DONTAUDIT names names ':' names names ';'
{ $$ = define_cond_te_avtab(AVRULE_DONTAUDIT); { $$ = define_cond_te_avtab(AVRULE_DONTAUDIT);
if ($$ == COND_ERR) return -1; } if ($$ == COND_ERR) return -1; }
; ;
transition_def : TYPE_TRANSITION names names ':' names identifier filename';' ;
{if (define_filename_trans()) return -1; } transition_def : TYPE_TRANSITION names names ':' names identifier identifier ';'
|TYPE_TRANSITION names names ':' names identifier ';' {if (define_filename_trans()) return -1; }
| TYPE_TRANSITION names names ':' names identifier ';'
{if (define_compute_type(AVRULE_TRANSITION)) return -1;} {if (define_compute_type(AVRULE_TRANSITION)) return -1;}
| TYPE_MEMBER names names ':' names identifier ';' | TYPE_MEMBER names names ':' names identifier ';'
{if (define_compute_type(AVRULE_MEMBER)) return -1;} {if (define_compute_type(AVRULE_MEMBER)) return -1;}
@ -645,7 +645,7 @@ opt_fs_uses : fs_uses
fs_uses : fs_use_def fs_uses : fs_use_def
| fs_uses fs_use_def | fs_uses fs_use_def
; ;
fs_use_def : FSUSEXATTR filename security_context_def ';' fs_use_def : FSUSEXATTR identifier security_context_def ';'
{if (define_fs_use(SECURITY_FS_USE_XATTR)) return -1;} {if (define_fs_use(SECURITY_FS_USE_XATTR)) return -1;}
| FSUSETASK identifier security_context_def ';' | FSUSETASK identifier security_context_def ';'
{if (define_fs_use(SECURITY_FS_USE_TASK)) return -1;} {if (define_fs_use(SECURITY_FS_USE_TASK)) return -1;}
@ -658,11 +658,11 @@ opt_genfs_contexts : genfs_contexts
genfs_contexts : genfs_context_def genfs_contexts : genfs_context_def
| genfs_contexts genfs_context_def | genfs_contexts genfs_context_def
; ;
genfs_context_def : GENFSCON filename path '-' identifier security_context_def genfs_context_def : GENFSCON identifier path '-' identifier security_context_def
{if (define_genfs_context(1)) return -1;} {if (define_genfs_context(1)) return -1;}
| GENFSCON filename path '-' '-' {insert_id("-", 0);} security_context_def | GENFSCON identifier path '-' '-' {insert_id("-", 0);} security_context_def
{if (define_genfs_context(1)) return -1;} {if (define_genfs_context(1)) return -1;}
| GENFSCON filename path security_context_def | GENFSCON identifier path security_context_def
{if (define_genfs_context(0)) return -1;} {if (define_genfs_context(0)) return -1;}
; ;
ipv4_addr_def : IPV4_ADDR ipv4_addr_def : IPV4_ADDR
@ -739,17 +739,6 @@ identifier : IDENTIFIER
path : PATH path : PATH
{ if (insert_id(yytext,0)) return -1; } { if (insert_id(yytext,0)) return -1; }
; ;
filename : FILENAME
{ if (insert_id(yytext,0)) return -1; }
| NUMBER
{ if (insert_id(yytext,0)) return -1; }
| IPV4_ADDR
{ if (insert_id(yytext,0)) return -1; }
| VERSION_IDENTIFIER
{ if (insert_id(yytext,0)) return -1; }
| IDENTIFIER
{ if (insert_id(yytext,0)) return -1; }
;
number : NUMBER number : NUMBER
{ $$ = strtoul(yytext,NULL,0); } { $$ = strtoul(yytext,NULL,0); }
; ;

3
checkpolicy/policy_scan.l
View File

@ -218,12 +218,9 @@ PERMISSIVE { return(PERMISSIVE); }
"/"({alnum}|[_\.\-/])* { return(PATH); } "/"({alnum}|[_\.\-/])* { return(PATH); }
{letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))* { return(IDENTIFIER); } {letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))* { return(IDENTIFIER); }
{digit}+|0x{hexval}+ { return(NUMBER); } {digit}+|0x{hexval}+ { return(NUMBER); }
{alnum}* { return(FILENAME); }
{digit}{1,3}(\.{digit}{1,3}){3} { return(IPV4_ADDR); } {digit}{1,3}(\.{digit}{1,3}){3} { return(IPV4_ADDR); }
{hexval}{0,4}":"{hexval}{0,4}":"({hexval}|[:.])* { return(IPV6_ADDR); } {hexval}{0,4}":"{hexval}{0,4}":"({hexval}|[:.])* { return(IPV6_ADDR); }
{digit}+(\.({alnum}|[_.])*)? { return(VERSION_IDENTIFIER); } {digit}+(\.({alnum}|[_.])*)? { return(VERSION_IDENTIFIER); }
{alnum}+([_\.]|{alnum})+ { return(FILENAME); }
([_\.]){alnum}+ { return(FILENAME); }
#line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); } #line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); }
#line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; } #line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; }
#[^\n]* { /* delete comments */ } #[^\n]* { /* delete comments */ }