selinux/checkpolicy/test
Stephen Smalley f8c110c8a6 libsepol,checkpolicy: remove use of hardcoded security class values
libsepol carried its own (outdated) copy of flask.h with the generated
security class and initial SID values for use by the policy
compiler and the forked copy of the security server code
leveraged by tools such as audit2why.  Convert libsepol and
checkpolicy entirely to looking up class values from the policy,
remove the SECCLASS_* definitions from its flask.h header, and move
the header with its remaining initial SID definitions private to
libsepol.  While we are here, fix the sepol_compute_sid() logic to
properly support features long since added to the policy and kernel,
although there are no users of it other than checkpolicy -d (debug)
and it is not exported to users of the shared library.  There
are still some residual differences between the kernel logic and
libsepol.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
2020-03-12 07:50:55 +01:00
..
.gitignore Repo: update .gitignore 2011-08-02 13:31:51 -04:00
Makefile checkpolicy: build: follow standard semantics for DESTDIR and PREFIX 2018-02-14 15:59:37 +01:00
dismod.c libsepol,checkpolicy: remove use of hardcoded security class values 2020-03-12 07:50:55 +01:00
dispol.c libsepol: add ebitmap_for_each_set_bit macro 2019-05-20 14:00:32 -04:00