mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-21 21:50:00 +00:00
3592ebea1a
When the rolemap and pointer to the base module are available, if a non-zero bit in role_set_t.roles is a role attribute, expand it before remap. Note, during module compile the rolemap may not be available, the potential duplicates of a regular role and the role attribute that the regular role belongs to could be properly handled by copy_role_allow() and copy_role_trans() during module expansion. Take advantage of the role_val_to_struct[] of the base module, since when role_set_expand() is invoked, the role_val_to_struct[] of the out module may have not been established yet. Also cleanup the error handling of role_set_expand(). Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Steve Lawrence <slawrence@tresys.com> |
||
|---|---|---|
| .. | ||
| test | ||
| ChangeLog | ||
| checkmodule.8 | ||
| checkmodule.c | ||
| checkpolicy.8 | ||
| checkpolicy.c | ||
| checkpolicy.h | ||
| COPYING | ||
| Makefile | ||
| module_compiler.c | ||
| module_compiler.h | ||
| parse_util.c | ||
| parse_util.h | ||
| policy_define.c | ||
| policy_define.h | ||
| policy_parse.y | ||
| policy_scan.l | ||
| queue.c | ||
| queue.h | ||
| VERSION | ||