Juraj Marcin e169fe2653 checkpolicy,libsepol: move filename transitions to avtab ... Currently, filename transitions are stored separately from other type enforcement rules. This leads to possibly sub-optimal performance and makes further improvements cumbersome. This patch adds a symbol table with filename transitions to the transition structure added to avtab in the previous patch. It also implements functions required for reading and writing filename transitions (either binary or source formats) and updates the code for expanding attributes. Last but not least, it updates the conflict check in the conditional avtab to account for empty transitions in the non-conditional avtab. These changes are expected to cause higher memory usage, as now there needs to be a filename transition structure for every stype. This patch effectively undoes most of the commit 42ae834a ("libsepol,checkpolicy: optimize storage of filename transitions"), but this will be mitigated by providing support for matching prefix/suffix of the filename for filename transitions in future patches which will reduce to need to have so many of them. Reviewed-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com> Acked-by: James Carter <jwcart2@gmail.com>		2023-07-12 12:58:17 -04:00
..
.gitignore	Repo: update .gitignore	2011-08-02 13:31:51 -04:00
dismod.c	dismod, dispol: reduce the messages in batch mode	2023-06-30 14:21:22 +02:00
dispol.c	checkpolicy,libsepol: move filename transitions to avtab	2023-07-12 12:58:17 -04:00
Makefile	checkpolicy: drop -pipe compile option	2021-07-13 21:02:04 +02:00