Go to file
Richard Haines 34d9c258da libselinux: mapping fix for invalid class/perms after selinux_set_mapping call
Please find another libselinux patch. I've tested quite extensively with the compute_av and string functions with and without mapping and seems okay.

The patch covers:
When selinux_set_mapping(3) is used to set the class and permissions allowed by an object manager, then an invalid class and/or permissions are selected (e.g. using security_class_to_string), then mapping.c in libselinux forces an assert. This patch removes the asserts and allows the functions to return a class/perm of 0 (unknown) with errno set to EINVAL. A minor patch to set EINVAL in security_av_perm_to_string_compat is also included. All the functions to convert perms & classes to strings and back should now return the correct errno with or without mapping enabled.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-11 23:35:52 -04:00
checkpolicy checkpolicy: add missing ; to attribute_role_def 2011-08-11 13:21:44 -04:00
libselinux libselinux: mapping fix for invalid class/perms after selinux_set_mapping call 2011-08-11 23:35:52 -04:00
libsemanage Minor version bump for updates as of 2011-08-01 2011-08-01 13:49:21 -04:00
libsepol update repo for 2011-08-03 with version and changelog updates 2011-08-03 18:09:02 -04:00
policycoreutils update repo for 2011-08-03 with version and changelog updates 2011-08-03 18:09:02 -04:00
scripts release script 2009-03-12 01:23:32 -04:00
sepolgen Minor version bump for release 2011-07-27 15:32:54 -04:00
.gitignore Repo: update .gitignore 2011-08-02 13:31:51 -04:00
Makefile initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00