mirror of
https://github.com/SELinuxProject/selinux
synced 2025-02-05 12:21:53 +00:00
81d8cea807
Previously, type aliases were converted to CIL in the global namespace, regardless of which scope they were actually defined in. So essentially type aliases could never be in optionals. For the most part this worked, however, in some small number of cases, a type alias could reference a type defined inside an optional. If that optional was disabled, the type would be disabled and so the type alias would fail to resolve, causing policy to fail to build. Unfortunately, type alises are stored in pp modules different than other symbols (e.g. types/roles/etc) so they must be added to scopes differently. So this patch gathers up all type aliases in a list and keeps track of which scope each type alias is defined in. When we enter a new scope, use that list to determine which type alias are defined there and print the appropriate CIL statements. Signed-off-by: Steve Lawrence <slawrence@tresys.com> Reviewed-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> |
||
|---|---|---|
| .. | ||
| .tx | ||
| audit2allow | ||
| gui | ||
| hll | ||
| load_policy | ||
| man | ||
| mcstrans | ||
| newrole | ||
| po | ||
| restorecond | ||
| run_init | ||
| sandbox | ||
| scripts | ||
| secon | ||
| semanage | ||
| semodule | ||
| semodule_deps | ||
| semodule_expand | ||
| semodule_link | ||
| semodule_package | ||
| sepolgen-ifgen | ||
| sepolicy | ||
| sestatus | ||
| setfiles | ||
| setsebool | ||
| .gitignore | ||
| ChangeLog | ||
| COPYING | ||
| Makefile | ||
| VERSION | ||