mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-16 02:10:55 +00:00
dbc9a61819
expand_role_attributes() would merge the sub role attribute's roles ebitmap into that of the parent, then clear it off from the parent's roles ebitmap. This supports the assertion in role_fix_callback() that any role attribute's roles ebitmap contains just regular roles. expand_role_attribute() works on base.p_roles table but not any block/decl's p_roles table, so the above assertion in role_fix_callback could fail when it is called for block/decl and some role attribute is added into another. Since the effect of get_local_role() would have been complemented by the populate_roleattributes() at the end of the link phase, there is no needs(and wrong) to call role_fix_callback() for block/decl in the expand phase. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com> |
||
---|---|---|
.. | ||
include | ||
man | ||
src | ||
tests | ||
utils | ||
.gitignore | ||
ChangeLog | ||
COPYING | ||
Makefile | ||
VERSION |