mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-21 21:02:53 +00:00
f8c110c8a6
libsepol carried its own (outdated) copy of flask.h with the generated security class and initial SID values for use by the policy compiler and the forked copy of the security server code leveraged by tools such as audit2why. Convert libsepol and checkpolicy entirely to looking up class values from the policy, remove the SECCLASS_* definitions from its flask.h header, and move the header with its remaining initial SID definitions private to libsepol. While we are here, fix the sepol_compute_sid() logic to properly support features long since added to the policy and kernel, although there are no users of it other than checkpolicy -d (debug) and it is not exported to users of the shared library. There are still some residual differences between the kernel logic and libsepol. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Petr Lautrbach <plautrba@redhat.com> |
||
|---|---|---|
| .. | ||
| policydb | ||
| boolean_record.h | ||
| booleans.h | ||
| context_record.h | ||
| context.h | ||
| debug.h | ||
| errcodes.h | ||
| handle.h | ||
| ibendport_record.h | ||
| ibendports.h | ||
| ibpkey_record.h | ||
| ibpkeys.h | ||
| iface_record.h | ||
| interfaces.h | ||
| kernel_to_cil.h | ||
| kernel_to_conf.h | ||
| module_to_cil.h | ||
| module.h | ||
| node_record.h | ||
| nodes.h | ||
| policydb.h | ||
| port_record.h | ||
| ports.h | ||
| roles.h | ||
| sepol.h | ||
| user_record.h | ||
| users.h | ||