RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux/policycoreutils/hll
History
Steve Lawrence 7a09af2123 policycoreutils: pp: add roletype statements for both declared and required type/typeattributes 
Currently, roletype statements are only added for types when they are
declared (not required). This means that in policy like:

  require {
    type foo_t;
  }
  type bar_t;
  role staff_r types foo_t, bar_t;

only bar_t is associated with staff_r. This patch moves the code that
generates roletype statements for types to outside the SCOPE_DECL check
so that roletype statements are generated for all types, regardless of
the required/declared scope. It further moves the code outside of the
type/typeattribute flavor check so that roletype statements are also
generated for typeattributes.

Reported-by: Sven Vermeulen <sven.vermeulen@siphos.be>
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
Reviewed-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Tested-by: Jason Zaman <jason@perfinion.com>
 		2014-11-19 14:25:33 -05:00
..
pp policycoreutils: pp: add roletype statements for both declared and required type/typeattributes 2014-11-19 14:25:33 -05:00
Makefile policycoreutils: add a HLL compiler to convert policy packages (.pp) to CIL 2014-08-26 08:03:31 -04:00