mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-24 06:52:12 +00:00
3b71e51637
In both check_assertion_extended_permissions() and report_assertion_avtab_matches(), when checking for a match involving a rule using self, the matches between the source and target of the rule being checked are found using ebitmap_and() and then the matches between that result and the source of the neverallow are found using another ebitmap_and() call. Since the matches between the sources of the rule being checked and the neverallow have already been found, just find the matches between that result and the target of the rule being checked. This only requires one call to ebitmap_and() instead of two. Signed-off-by: James Carter <jwcart2@gmail.com> |
||
---|---|---|
.. | ||
cil | ||
fuzz | ||
include | ||
man | ||
src | ||
tests | ||
utils | ||
.gitignore | ||
COPYING | ||
Makefile | ||
VERSION |