Prior the recent selabel_file(5) rework regular expressions for a
certain stem where matched in the order given by the input.
The Reference and Fedora Policy as well as CIL and libsemanage pre-sort
the file context definitions based on the prefix stem length, so this
ordering was adopted.
Do not alter the order by the input of regex specifications, and search
on matches on regex specifications in in parent nodes, which might
contain specifications with definitions defined later in the source
file.
This restores backward compatibility, especially for Android.
Reported-by: Takaya Saeki <takayas@chromium.org>
Closes: https://lore.kernel.org/selinux/CAH9xa6eFO6BNeGko90bsq8CuDba9eO+qdDoF+7zfyAUHEDpH9g@mail.gmail.com/
Fixes: 92306da ("libselinux: rework selabel_file(5) database")
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
08e0a3489b