RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-01-09 06:59:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
9b4e9c4bf0
selinux/libsepol
History
Christian Göttsche b69d77bcdb libsepol/cil: handle SID without assigned context when writing policy.conf 
CIL permits not assigning a context to a SID, e.g. to an unused initial
SID, e.g. 'any_socket'.

When using the example policy from the SELinux Notebook,
https://github.com/SELinuxProject/selinux-notebook/blob/main/src/notebook-examples/cil-policy/cil-policy.cil,
secilc logs:

    No context assigned to SID any_socket, omitting from policy at cil-policy.cil:166

But secil2conf segfaults when writing the policy.conf:

    ../cil/src/cil_policy.c:274:2: runtime error: member access within null pointer of type 'struct cil_context'

Only print the sid context statement if a context was actually assigned.
The sid declaration is still included via cil_sid_decls_to_policy().

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
2021-02-24 11:22:12 +01:00
..
cil libsepol/cil: handle SID without assigned context when writing policy.conf 2021-02-24 11:22:12 +01:00
include libsepol: Create function ebitmap_highest_set_bit() 2021-02-19 16:30:11 +01:00
man selinux: Update manpages after removing legacy boolean and user code 2019-07-29 23:46:47 +02:00
src libsepol: Validate policydb values when reading binary policy 2021-02-19 16:34:47 +01:00
tests libsepol/tests: drop ncurses dependency 2020-05-04 10:31:44 +02:00
utils libsepol: build: follow standard semantics for DESTDIR and PREFIX 2018-02-14 15:59:36 +01:00
.gitignore
COPYING
Makefile
VERSION Update VERSIONs to 3.2-rc2 for release. 2021-02-03 11:26:28 +01:00