James Carter 6015b05d06 libsepol: Properly handle types associated to role attributes ... Types associated to role attributes in optional blocks are not associated with the roles that have that attribute. The problem is that role_fix_callback is called before the avrule_decls are walked. Example/ class CLASS1 sid kernel class CLASS1 { PERM1 } type TYPE1; type TYPE1A; allow TYPE1 self : CLASS1 PERM1; attribute_role ROLE_ATTR1A; role ROLE1; role ROLE1A; roleattribute ROLE1A ROLE_ATTR1A; role ROLE1 types TYPE1; optional { require { class CLASS1 PERM1; } role ROLE_ATTR1A types TYPE1A; } user USER1 roles ROLE1; sid kernel USER1:ROLE1:TYPE1 In this example ROLE1A will not have TYPE1A associated to it. Call role_fix_callback() after the avrule_decls are walked. Signed-off-by: James Carter <jwcart2@gmail.com>		2021-03-15 21:48:07 +01:00
..
assertion.c	libsepol: Create the macro ebitmap_is_empty() and use it where needed	2020-03-02 13:23:59 +01:00
avrule_block.c	libsepol: do not dereference scope if it can be NULL	2019-09-17 10:38:38 -04:00
avtab.c
boolean_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
boolean_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
booleans.c	libsepol: fix memory leak in sepol_bool_query()	2017-09-20 16:29:31 -04:00
conditional.c	Fix many misspellings	2019-09-18 22:47:35 +02:00
constraint.c	libsepol/cil: fix memory leak when a constraint expression is too deep	2021-02-03 09:28:39 +01:00
context_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
context_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
context.c	Remove unneeded int	2019-06-19 09:03:03 -07:00
context.h
debug.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
debug.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
ebitmap.c	libsepol: Create function ebitmap_highest_set_bit()	2021-02-19 16:30:11 +01:00
expand.c	libsepol: Properly handle types associated to role attributes	2021-03-15 21:48:07 +01:00
flask.h	libsepol,checkpolicy: remove use of hardcoded security class values	2020-03-12 07:50:55 +01:00
handle.c
handle.h
hashtab.c	libsepol: grow hashtab dynamically	2020-02-21 15:15:41 -05:00
hierarchy.c	libsepol: add ebitmap_for_each_set_bit macro	2019-05-20 14:00:32 -04:00
ibendport_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
ibendport_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
ibendports.c
ibpkey_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
ibpkey_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
ibpkeys.c	libsepol: ibpkeys.c: fix printf format string specifiers for subnet_prefix	2018-11-23 21:38:44 +01:00
iface_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
iface_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
interfaces.c
kernel_to_cil.c	libsepol: include header files in source files when matching declarations	2021-02-05 10:19:34 +01:00
kernel_to_common.c	libsepol: Sort portcon rules consistently	2020-06-02 13:28:11 -04:00
kernel_to_common.h	libsepol: Add two new Xen initial SIDs	2018-10-15 13:39:15 -04:00
kernel_to_conf.c	libsepol: include header files in source files when matching declarations	2021-02-05 10:19:34 +01:00
libsepol.map.in	libsepol: Drop deprecated functions	2020-10-19 22:11:39 +02:00
libsepol.pc.in	libsepol: build: follow standard semantics for DESTDIR and PREFIX	2018-02-14 15:59:36 +01:00
link.c	Fix many misspellings	2019-09-18 22:47:35 +02:00
Makefile	libsepol: Bump libsepol.so version	2020-10-19 22:11:39 +02:00
mls.c	libsepol: uniformize prototypes of sepol_mls_contains and sepol_mls_check	2021-02-05 10:19:34 +01:00
mls.h
module_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
module_to_cil.c	libsepol: set correct second argument of (t1 == t2) constraint	2020-03-20 16:04:01 -04:00
module.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
node_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
node_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
nodes.c
optimize.c	libsepol: speed up policy optimization	2020-03-19 15:32:29 -04:00
polcaps.c	libsepol: add support for new polcap genfs_seclabel_symlinks	2020-02-06 10:50:54 -05:00
policydb_convert.c
policydb_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
policydb_public.c	libsepol: invalidate the pointer to the policydb if policydb_init fails	2021-03-03 07:52:59 +01:00
policydb_validate.c	libsepol: Validate policydb values when reading binary policy	2021-02-19 16:34:47 +01:00
policydb_validate.h	libsepol: Validate policydb values when reading binary policy	2021-02-19 16:34:47 +01:00
policydb.c	libsepol: Validate policydb values when reading binary policy	2021-02-19 16:34:47 +01:00
port_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
port_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
ports.c	selinux: Add support for the SCTP portcon keyword	2018-03-19 12:34:29 -04:00
private.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
services.c	libsepol: include header files in source files when matching declarations	2021-02-05 10:19:34 +01:00
sidtab.c	libsepol,checkpolicy: remove use of hardcoded security class values	2020-03-12 07:50:55 +01:00
symtab.c
user_internal.h	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
user_record.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
users.c	libsepol: add ebitmap_for_each_set_bit macro	2019-05-20 14:00:32 -04:00
util.c	libsepol/dso: drop hidden_proto and hidden_def	2020-03-17 13:42:59 -04:00
write.c	libsepol: implement POLICYDB_VERSION_COMP_FTRANS	2020-08-03 08:52:12 -04:00